Will Casper be the friendly ghost of Ethereum ?

[1] Back in the 1970s, most programmers were happy to open source everything except for Bill Gates (‘Bill’) who is well known to screams “don’t steal my codes”. Not that anyone agrees but he is probably right as Microsoft’s codes are commercial in confidence to the tune of US 660 Billion more or less today. So when Netscape came around in the 1990s and decided to charge for its browser, Bill decided to give it free bundled with its Windows’ OS. Netscape disappeared and incidentally Bill introduced the world to the internet which gave rise to behemoth like yahoo, excite, amazon and a bunch of others like google, alibaba etc and even more incredibly more than 3.2 million utility patents issued from 2000 to 2016 were issued by USPTO (ie # 6009555 to 9226437) (https://www.uspto.gov/web/offices/ac/ido/oeip/taf/issuyear.htm) . Incidentally, Yahoo was sold to Verizon and this closes yet another internet giant in 2017. In 2008, we had a 8 pages of whitepaper outlining bitcoin, a peer to peer payment on distributed network which value has grown insanely to nearly US 20,000 at one point. With this open-sourced, it spawned a new revolution namely Block-Chain and in time Verizon claimed to be the first to have a block-chain patent (US 9338148 titled — Secure distributed information and password management — the claims are limited to digital content) and the craze of ICO had started in earnest as we begin 2018.

[2] What the above means is that the best of open-source is likely to be patented and the latest challenge is to better the block-chain. In order to facilitate transactions on the block-chain “proof of work” (‘POW’) is used. (https://en.bitcoin.it/wiki/Proof_of_work for an explanation of POW ) A proof of work is an expensive computation of a piece of data which is difficult (costly, a lot of energy, time-consuming) to produce but easy for others to verify and which satisfies certain requirements. Producing a proof of work can be a random process with low probability so that a lot of trial and error is required on average before a valid proof of work is generated by a software program. Bitcoin uses the Hashcash proof of work system. Basically the program wants to find a random number say 000 appearing in a string of alphanumeric when it is hashed. Say we use “hello world”. We hashed this it will show "Hello world!0" => 1312af178c253f84028d480a6adc1e25e81caa44c749ec81976192e2ec934c64 We keep the program running until we find this “0000c3af42fc31103f1fdc0151fa747ff87349a4714df7cc52ea464e12dcd4e9” which is this value “Hello, world!4250”. You can test this out at http://www.sha1-online.com/ using sha256. In Bitcoin things are more complex, especially since the header contains the Merkle tree which depends on the included transactions and it uses sha256 twice or as a formula is written as sha256(sha256(header)). For next block to be valid it must hash to a value less than the current target; this means that each block indicates that work has been done generating it. Each block contains the hash of the preceding block, thus each block has a chain of blocks that together contain a large amount of work. Changing a block (which can only be done by making a new block containing the same predecessor) requires regenerating all successors and redoing the work they contain. This protects the block chain from tampering.

[3] But why do all this proof of work? The short answer is to do with ‘double spending’. When a transaction is made we must ensure that the sender cannot do the same transaction again and to do this, we require time to confirm this. As mentioned, the miners compete to find “something” that, when added to the block of transactions, causes this block to hash to a code with certain rare properties like starting with “000” as in our example and by adding another zero say “0000” actually doubles the difficulty. The first to get this will be rewarded (12.5 bitcoin plus transaction fees) and will write the transaction on the block. It takes time to do this and with time, we are able to confirm the transaction was not double spent as transactions that have certain age cannot be negated. A malicious entity (or centralized server farms) would need to have computing power that can compete with the entire existing network to produce a different block which is the main complaint or even UASF - User Activated Soft Fork (http://www.uasf.co/). Consequently, these transactions have consensus regarding their validity as other miners can check this and providing “consensus”. However, miners also employed faster CPU (costing more) to solve this, and the Bitcoin network adjusts by increasing the level of difficulty with time. In summary, to provide consensus and proving the transaction is good, Bitcoin incurs cost and time to process the transactions in the blockchain.

[4] Casper is the new security based economic consensus protocol intended to be used for the Ethereum network. In general,Casper uses a “Proof of Stake” (POS) algorithm that utilises nodes as bonded validators which pays a deposit to the serve the consensus in producing blocks. . The blockchain keeps track of a set of validators, and anyone who holds the blockchain's base cryptocurrency (in Ethereum's case, ether) can become a validator by sending a special type of transaction that locks up their ether into a deposit. The process of creating and agreeing to new blocks is then done through a consensus algorithm that all current validators can participate.. The main difference is there will not be any mining as in POW. In the words of Vitalik Buterin “Proof of stake breaks this symmetry by relying not on rewards for security, but rather penalties. Validators put money (“deposits”) at stake, are rewarded slightly to compensate them for locking up their capital and maintaining nodes and taking extra precaution to ensure their private key safety, but the bulk of the cost of reverting transactions comes from penalties that are hundreds or thousands of times larger than the rewards that they got in the meantime. The “one-sentence philosophy” of proof of stake is thus not “security comes from burning energy”, but rather “security comes from putting up economic value-at-loss”. A given block or state has $X security if you can prove that achieving an equal level of finalization for any conflicting block or state cannot be accomplished unless malicious nodes complicit in an attempt to make the switch pay $X worth of in-protocol penalties.” (https://medium.com/@VitalikButerin/a-proof-of-stake-design-philosophy-506585978d51) For a deeper understanding of Casper POS, one can refer to https://github.com/ethereum/wiki/wiki/Proof-of-Stake-FAQ

[5] Phase 1 is a deployment of POS on current Ethereum 1.0. Casper will be added as a layer on top of POW. Hence consensus is achieved using a hybrid POS over POW. There will be finality every 50 blocks and will be 51% attack resistance. However, eventually it will be 100% POS. This proof of stake algorithms allow validators to "vote" on blocks by sending one or more types of signed messages, and specify two kinds of rules (1) Finality conditions - rules that determine when a given hash can be considered finalized and (2) Slashing conditions - rules that determine when a given validator can be deemed beyond reasonable doubt to have misbehaved (eg. voting for multiple conflicting blocks at the same time). If a validator triggers one of these rules, about 30% or even 100 % of the deposit gets deleted. According to Tuur Demeester in his “Critique of Buterin’s “A Proof of Stake Design Philosophy”, his argument is that ‘consensus’ is overrated given the past example TheDAO bailout only needed less than 6% of ETH in circulation to vote on the matter, and his conclusion that it is risky to ‘offend’ the wrong people in the ETH community rather is the real issue. (https://medium.com/@tuurdemeester/critique-of-buterins-a-proof-of-stake-design-philosophy-49fc9ebb36c6)

[5A] Phase 2 is a Casper proper POS implementation to Ethereum 2.0 made with onchain contracts. Further development phase proposal for Ethereum is under discussion and can be found in github (https://github.com/ethereum/sharding/blob/develop/docs/doc.md )(. To date there has been little discussion about the parameters to run Casper smart contract.

[6] Any ETH holder can become a validator (a fixed amount of ETH) by simply depositing ETH into the Casper smart contract. A validator’s job is to reach a consensus via vote. Their vote weight is proportional to the total deposit size (Introduction to Casper Implementation by Chang-Wu Chen, Devcon3 – 26.11.2017) at

.

[7] But nobody knows the quantum of Ether to be deposited to be a validator yet . It is likely at least 1000-3000 ETH and the maximum amount of validators allowed in the 250-500 range. This does not take into account the number of accounts with Exchanges that also carry more than 500 ETH. According to Vitalik Buterin he said “If we reduce the minimum to 50 ETH, then we get 19291 validators; if we increase it to 1500 ETH then we get 911 validators. Alternatively, we could do the math the other way: if we want to target 1000 validators, then the minimum will in equilibrium be ~1350 ETH.”(https://medium.com/@VitalikButerin/parametrizing-casper-the-decentralization-finality-time-overhead-tradeoff-3f2011672735). At this stage the jury is still out.

[8] Even assuming a minimum of 1500 ETH will get one in as a base validator, this value will be around US 1.0 million today (@US 700) and get it wrong, one will suffer a penalty of 300K or potentially risk all their funds (this is yet to be confirmed). What Casper did not anticipate is that there will be a market to borrow ETH instead of owning ETH outright. This means instead of bidding up the price of ETH on the open market to own them for whatever reason, one can use fiat currency like USD or even Stocks from Financial Institutions as collateral towards borrowing ETH and of course paying a borrowing cost. With this ability to leverage (by borrowing), this will basically change the dynamics of capital lockup costs and even the 51% attack as touted by Vitalik Buterin for example in “The intention is to make 51% attacks extremely expensive, so that even a majority of validators working together cannot roll back finalized blocks without undertaking an extremely large economic loss — a loss so large that a successful attack would likely on net increase the price of the underlying cryptocurrency as the market would more strongly react to the reduction in total coin supply than it would to the need for an emergency hard fork to correct the attack.” (https://medium.com/@VitalikButerin/minimal-slashing-conditions-20f0b500fc6c).

[9] At the moment, there is no “central bank” to determine the cost of interest to borrow ETH but there is mechanism to do this by auction means. I consider the common consensus method to be manipulative for example (see https://en.wikipedia.org/wiki/Libor_scandal). The better view is by auction as described in US Patent 7376612 which is now embodied in www.Depositoffer.com. This means interest rate or deposit rates subject to being approved by ETH depositor will now be determinable by approved Financial Institutions (‘FIs’) which will have an impact on ETH liquidity as collectively they are able to set a borrowing rate. Obviously, these FIs must have adequate security and insurance. And contrary to popular belief that FIs need to have deposits to give loans, the modern FIs could now extend credit simply by electronic credit entry into the borrower’s account in ETH. (https://www.bankofengland.co.uk/-/media/boe/files/quarterly-bulletin/2014/money-creation-in-the-modern-economy). This electronic entry is ‘destroy’ when principal repayment is made and the interest earned in ETH is transferred to the FIs account. As long as the ETH deposits taken is sufficient to commit to any actual settlement (if any), FIs would continue to lend subject to its own prudential rules or applicable regulation. To expand its ETH portfolio it would be necessarily to take in more deposits given no more ETH may be issued after the last 100th million is created. This crypto- deposit auction may increase the volatility for the price of ETH as parties compete for the purpose of paying validators’ reward or the interest cost where ETH loans have been extended. Further, this may cause every day transaction to be difficult as the buy and sell spread will widen thus defeating the purpose of Casper POS which was to cater for high frequency transactions including micro-transactions. Be that as it may, one of the key invention in US Patent 7376612 was to offer alternative rates that can be swapped for other assets like stocks or commodities instead of ETH. One can also proffer profit-sharing as per Islamic financing.

[10] In so far as the Ethereum eco-system, the consequences here are that if the market deposit rates are better than the reward offered as stake-holder, then it raises the question of possible competition between both. Otherwise, as long as the reward returns are higher, there will be users who are willing to lend for some portion and for the validator to assume all the risk. Assuming the return by a flawless validator is 2% p.a then a would be validator would want to borrow at max 1% in order to profit from this by having a larger stake. It can also consider that validator can borrow more to increase their own stake as there is no upper limit and instead of buying the ETH with fiat currency like USD, one can also borrow with a repayment either in ETH or some other crypto-currencies or other assets. Currently exchanges are providing ETH as a means to “short” the market but such arrangements are not suitable for validator as these are in a fixed locked up period longer than 48 hours. However, exchanges may also be a source of attack as they only need to borrow more to make a 51% attack despite holding ETH for withdrawals.

[11] In the example given by https://github.com/ethereum/wiki/wiki/Proof-of-Stake-FAQ under the title “What about capital lockup costs?”, we can now update the figures used where the author compared mining using POW with POS. In that example, it assumed BTC to have a value of US 600 when today it is value at US 14,000. The overall result is that the electricity cost is not significant anymore at 1% instead of 23% due to the higher value of BTC. What this means is that as the price increases for BTC or ETH, the argument that POS is more attractive to POW is untenable. In particular there is a ready futures market for BTC now and it is likely ETH will also receive the same attention.

[12] Similarly, the same can be said of ETH, continued speculation had driven the price of ETH to increase and in author’s view more wanting to be validators given there is no barrier to entry other than having the “stake”. With depositoffer.com and those who may prefer a ‘stable’ return with minimum risk ready to lend through depositoffer.com, it becomes a question whether the validator’s reward justifies the borrowing costs.

[13] In the same example (https://github.com/ethereum/wiki/wiki/Proof-of-Stake-FAQ) at paragraph starting with “Now, we can talk about the marginal/total distinction.”, we submit that lockup costs is no longer an issue as users can borrow at will provided they have no credit issues (for example a financial institution) . A user can lockup all his ETH as stake and still borrow to be used at his discretion provided he could arrange his reward as validator to be higher than the borrowing costs that he needs to pay to his lender. And he may even have a windfall when there is an unexpected price drop in ETH at the time of repayment. For this example, we assume that after borrowing ETH, the user will sell them and received fiat currency. Of course the lenders will have a charge on user’s stake (his original ETH as deposit).

[14] In another example is where the potential attacker tricks enough validators, so that it becomes these honest peoples interest to support the attacking chain as the true chain. This can be through borrowing more ETH from the market and rewarding at different periods than the network itself which is only paid at the end of the term (2, 6 and 12 month options will also be available). In short by borrowing at a rate that is lower then the reward over longer term, and by using ETH as inducement this means one may be able to fork away even any punishment?? (getting all the slashed ETH back).

[15] There are suggestions that as there’s no longer a large need to compensate miners with new tokens, there will not be any new ETH at all. And given there will be existing ETH being eliminated due to “slashing” the number of ETH will continue to decrease as there is no replacement. But one should remember there may be some minimum number of ETH required to be a validator and this means it will be useful to band together to meet this threshold, otherwise there is no point holding to ones ETH. Noting however such “band” means the largest stake holder will still be the validator.

[16] It could also mean that existing holders of ETH (with large stakes) will benefit disproportionately from the process of proof-of-stake due to their ability to put their existing ETH to work at a larger and faster stake than newcomers, unless again newcomers are willing to borrow large amount and ‘share’ the interest with the lenders who may not wish to take up the role as validator for obvious reasons. This is provided always the borrowing costs will be lower than the rewards.

[17] It has also been speculated that the reward for validator’s stake will be as little as 2% and as high as 25% per annum, although Vitalik Buterin often cited 5% in his calculation examples. The wide range is a way to manage viladators but it is still unconfirmed. Be that as it may, Ethereum Network may need to source sufficient ETH to satisfy these rewards (assuming there is 1.3 million ETH as deposit) by taking “slashed” ETH from rogue validators for a start. It may be necessary even for the Etherem Network to borrow from time to time assuming “perfect” validations of proof of stake which is unthinkable but likely where the rewards are consistently at the high end. Please note that other crypto-currencies also provide “returns” without being a active validator for example – NEO is about 5.5%, OKCASH at 10% and so on (https://coinsutra.com/proof-of-stake-cryptocurrencies/). The effect will be higher ETH to trail the demand which is great for “investment” but not so much for “transactional” activities particularly what smart-contracts was originally touted to do. Before I end, there is a new kid on the block – iota.org (using Tangle, a revolutionary new blockless distributed ledger which is scalable, lightweight and for the first time ever makes it possible to transfer value without any fees). More on this later after I have digested it.

I thank David Lim for his comments and I remain solely responsible for the content. If you like this, I appreciate any donation ETH to 0xCCE1F6F4CEB0F046cf57FE8E1c409Fc47AFe6Aab