This is a concerning aspect of Ethereum's strategy to push scaling to layer-2 networks: Ethereum is a heavily audited and tested protocol that runs an extremely decentralized network of diverse clients. L2s can be...an AWS instance running arbitrary buggy code. Much of the confidence in the "base layer" that people using Ethereum currently experience will be significantly undermined if mundane transactions wend in and out of different L2s.
Yes! I got burned by Optimism in another way. They tell you to point your applications at etherscan.io for transaction data/history, but then, on November 11 last year, the pushed an update that deletes all transaction history up to that point, which you need for taxes!
They swore they'd have the history restored on Etherscan by Nov 18th, but they still haven't. Only recently they pushed a workaround that lets you download the transactions as a CSV, but that lacks the critical data from your transfers of non-ETH tokens. And then, an alternative source does have that data, but only as a binary blob you have to run through a decoder and parse out yourself.
The crypto tax software, of course, doesn't know what to do with it.
(Even if your local client cached the transactions, most, like MetaMask, left out the critical data above.)
68 days till the filing deadline in the US!
I asked the maintainers how they planned to do their own taxes, and one of them claimed that he was separately recording all sales in a spreadsheet. I had to inform them that the taxable events include more than just sales, and, even under the most aggressive interpretation of tax law, you need the other data to figure cost basis.
Let this be a lesson: Maintain local self-hosted copies of any necessary data, don’t rely on third-parties maintaining it and keeping it available. Should be standard practice for anyone doing anything serious with cryptocurrencies but unfortunately users seem complacent enough that easily accessible tooling is still lacking in many places and you may have to DIY scripts for some parts.
Your situation is unfortunate but it sounds like no fault on Optimism or Etherscan here.
(BTW just to be clear: you’re talking about off-chain data that was never part of on-chain txes, and this binary blob comes from some Optimism operator? If it’s on-chain data its just a matter of doing the right queries)
Okay... in a sense, yes, in hindsight, I should have planned for this. But there are a number of reasons I think this kind of response is too dismissive.
First of all, no matter how well you prepare, there is always going to be one level higher of system failure that you "should have planned for". In the npm-Linux-box-borking debacle, there were people insisting you should never have run npm except on fully disposable hardware with an instantly replaceable dev environment (which is the only thing that would have let you shrug it off).[B]
Got mugged walking home? Should have taken a safer route. Took a safe route? Should have walked with a friend. Still got mugged? Should have walked with two friends. For all n, should have walked with n+1 friends.
Second, it's painting with a tad broad of a brush to call me complacent on crypto. I've filed crypto taxes since 2017 and kept cost basis records from years before. I'm aware systems fail and (outside of this) have set appropriate backups and cached critical transactions to spreadhseets. Even here, even with nothing done by the Optimism team to correct their mistake, I'm not actually doomed, as I can file taxes based on an input-output analysis of my Optimism transactions as a good enough first pass, and correct later. The issue is unnecessary convenience.
In fact, as things stand today, I'm in exactly the "safe" position you thought I was -- "oh, it's there, you just have to query right". Indeed I do! Now that I've pulled the tx data from the alternate sources, I "just" have to yak-shave out a meaningful read of all the transactions. (Update: per sibling, you can download the transactions from a different tab but you still have to do some transformation.) But none of that takes away from the point that this is huge, avoidable inconvenience and flaky community relations.
Remember, even if I had cached them, I'd still be stuck having to manually import them into my crypto tax software, which is a failure from usability.
Third, there are reasons to expect optimistic.etherscan.io as a reliable source to point to.
1) When you set up e.g. Metamask, the Optimism site gives you exactly one URL to point to, with no alternatives or warning that one day it might be missing history. [A] The very fact that Metamask equates "nothing from that url" with "no transactions" means they were treating it as mission-critical.
2) The entire ETH community outside of Optimism relies upon etherscan.io for most of their own tooling ethereum projects. All sources for ETH projects say to connect there, as if it's inconceivable that there could be an outage or need for some fallback.
3) It would have been trivial to keep the transaction history up. There was already a server somewhere (etherscan-owned or otherwise) serving transaction history. All they had to do was configure it to be able to check transactions for being from before that switchover, and ping that (static) DB for a subset of them.
(Remember, this isn't, at least so far, an issue of cost: they do plan to get optimistic.etherscan.io back up as a reliable endpoint for the pre-upgrade txns, they just didn't think to upgrade a way that would facilitate such queries of already-existing immutable data.)
And, for the final kicker.
4) Optimism maintainers themselves didn't even think to locally cache all the transactions they'd need! (As in the one mentioned who only logged a proper subset of taxable events.) If the very people who live and breathe this stuff overlooked it, I think I can be forgiven for overlooking it, as they expect even casual users to join.
You are right. Putting the responsibility on individuals and small organizations is asking for trouble.
But instead, capitalist society simply VC-funds a bunch of centralized entities that wind up with the solution, and don't give it to anyone else. Because after the IPO, Wall Street quarterly earnings demand that it extract rents forever, and you can only do that with closed source software.
Perhaps Web3 and Web4 will finally fix this situation. Open source protocols that can be monetized with cryptocurrency. Filecoin is a good example. It "just works". It may be slightly more expensive than AWS, but can become as resilient as you want.
Heyo, chiming in from the Optimism team here. You should be able to get non-ETH token transfers (ERC20 or ERC721) via the Etherscan CSV export feature. You may have to make a dummy ERC20/ERC721 transaction to get the page to show up. If that isn't working for you, feel free to hit me up on Discord (I think we already have a thread together) and I can help get you whatever data you need.
> The crypto tax software, of course, doesn't know what to do with it
I’m still trying to calculate proper basis and gains on transactions from 2018… tens of thousands of trades in various complex hedges across 7-8 different exchanges. I just aggregated everything in a single line item on my original return but of course I got audited T_T
If the history is completely gone, your government won't be able to find it either, so you can just fill in whatever you want to explain how balance A became balance B.
I'm talking about the record on optimistic.etherscan.io, which they tell you to point to as the definitive blockchain for Optimism. I am looking at my transaction history right now, and it does not show any history from then in the human-readable part of the site.
They recently updated it so you can download a CSV with history from before then (but otherwise no interoperability with the interfaces ETH clients expect).
You're probably looking at a client's local cache of transactions (which I have as well), which doesn't help, since they have limited info within a transaction, and depend on you going to (you guessed it) the etherscan endpoints to see the rest.
The discussion here used to be way more thoughtful, it's only been bad the last year or so.
I think the degradation of crypto discourse here was mostly a knee-jerk reaction to NFTs. "NFTs are stupid, so all crypto is stupid, because NFTs are crypto" - that was likely the thought process behind all the toxicity seen here.
I would disagree, in my experience HN has been pretty anti-crypto for a long time, starting with Bitcoin's announcement thread [1].
Personally, I think people are just tired, as a proponent I'm tired of arguing the same stuff over and over again, I can imagine the other side of that too. At this point, time will decide who's right and wrong, I think that what anyone of us thinks doesn't really matter in the grand scheme of things.
Yeah I'm an opponent and I feel the same. The talking points have been exhausted half a decade ago. On top of that as cryptocurrencies get more and more mainstream we have to deal with less sophisticated people who make it very hard to have a decent discussion in the first place, because you basically have to start by taking 20 minutes to explain to them what the basics even are.
NFTs are really pushing this situation to the extreme. Between the NFT enthusiast who seem to think the technology is literal magic who can do anything you want it to and "haters" who will say stuff like "NFTs are just URLs of JPEG" which is absurd oversimplification and completely misses the point.
That being said I would argue that the fact that the discussion is not advancing and that we're left with "monkey jpegs" is to be blamed entirely on the cryptopeople who clearly fail entirely to deliver anything new. The killer "crypto app" has been a couple of years away since 2015 at least. The tech keeps getting more complicated as an attempt to address the fundamentals shortcomings of the blockchain, but it still fails entirely at being anything more than a vehicle for wild speculation.
The fundamental reality is that basically nobody would be using any of this if they didn't think it was going to make them rich. That was true five years ago, it's true now and I think it's going to remain true for the foreseeable future.
I'll try to engage without pulling us into familiar debates.
I have found, in a year of intensive use and research around the Ethereum ecosystem, here are a few things I like that wouldn't really work without an underlying immutable distributed ledger:
1) Creating limited editions of generative art.
2) "Forever" art like on-chain pixel and ASCII art.
3) Frankenstein-like adaptations of traditional fintech constructs into a decentralized implementation, such as AMMs.
Also, the more I learn about the zk-rollup space (STARKs and SNARKs) the more curious I get about the possibilities there. You can, for example, have digital treasure hunts where whoever finds the treasure can generate a proof without revealing the location. So far this is just cool without having an obvious killer app, but more than anything else in the crypto space I think there will be killer apps emerging from this technology.
By volume, I agree with critics that it's mostly bubble-chasing, gambling, and scams. It might be healthier for everyone if the tech & art experimentation were walled off from investments. At the very least, we probably shouldn't have crypto exchanges advertising -- really nothing interesting comes from luring Main Street to buy and store Doge on a centralized exchange.
I don't know what the third one entails, or whether a distributed ledger actually enables it without also having a centralized legal entity, but the other two seem like they already exist without a distributed ledger.
The limited edition art is really just tracking receipts - you can do that over email if you want and it really doesn't have to be public. Non digital art does fine with private receipt tracking. You can also have a dedicated database that charges art owners a maintenance fee, and tracks who the current owner of each art piece. Basically free tier AWS.
For 2) forever art already existed without any ledger. People store copies of pictures they like because they feel like it. Not being on a ledger doesn't mean Nyan cat will disappear. The ledger might attempt to guarantee that unpopular works stay available, but I don't think you can guarantee that any particular ledger will continue to be active "forever".
They could do a hard fork that prunes out the unpopular art to save on space, and migrate everyone to that one, leaving the old one unhosted. Long term, you're not going to force people to keep spending resources to maintain stuff that nobody cares about
>The limited edition art is really just tracking receipts - you can do that over email if you want and it really doesn't have to be public. Non digital art does fine with private receipt tracking. You can also have a dedicated database that charges art owners a maintenance fee, and tracks who the current owner of each art piece. Basically free tier AWS.
I think this is a misunderstanding of what happens when a collection is created through a platform like Art Blocks. The generative code is frozen on chain, every minted image has a verifiably random initial seed, and each image is generated from the composition of these two elements. The number of random seeds which can occupy an "official" slot is preconfigured and cannot be later increased.
I promise you that this has significant impact on the feeling of working on generative art and what you think of as the final outcome of an art project. It cannot be replicated through some kind of ad-hoc receipt system that lacks algorithmic guarantees and is subject to modification or increase at any later point.
I personally think that it's not really an interesting feature. Creating
scarcity out of something that ought not to be scarce is just a way to
infiltrate capitalism in every aspect of our lives. Hacker culture historically
went completely against that (phreaking, breaking DRM etc...) but I concede that
it's more of a philosophical/political argument than a technical one. I still
find it utterly depressing.
I would also argue that there's usually a significant difference between
ownership of a token on the blockchain and what the local IP laws says. IP law
is messy and sometimes subjective, putting things on a blockchain can make
things messier rather than simpler.
>2) "Forever" art like on-chain pixel and ASCII art.
So that one is interesting, but I would argue that it's only true if you
consider that the blockchain is "forever". In order for that to be true it means
that you have to believe that your blockchain of choice will be considered
significant enough by a number of people across... well eternity really. This
could be true for the "big" ones like Bitcoin and Ethereum, although I'd say
the scene is way too young to be sure of that. It's as good a bet as any I
suppose.
But here's the thing. We already have "forever" digital "art": the source code
of the Linux kernel. There are countless copies of it across the globe, and
it'll remain archived for the foreseeable future.
My point here is that if something is significant enough it won't be difficult
to convince a bunch of people across time and space to archive it. People do
that for old videogames, music albums, usenet posts etc... And unlike the
blockchain you can actually curate it, you don't have to archive the neighbor's
sandwich picture collection. I'd argue that this curation power is a feature,
and the fact that the blockchain just stores everything forever is a bug. It
actually means that the bigger the blockchain grows, the less likely it is that
people will want to store personal backups of it.
So I don't think the blockchain does anything novel here, and I don't think it
does it better. Forcing arbitrary people to store arbitrary data forever
regardless of value or interest is just wasteful.
>3) Frankenstein-like adaptations of traditional fintech constructs into a decentralized implementation, such as AMMs.
I think the oracle problem is really going to make "DeFi" a tough sell. There
is, in fact, a lot of trust in our financial system, and being able to use a
central authority (the justice system) to settle issues makes things a whole lot
simpler and efficient.
In general I firmly believe that trust is usually a good thing that makes
systems more efficient and this obstination of cryptopeople to get rid of it is
more based on political ideology than pragmatism. Trust, but verify. But
trust.
With respect to point 1, I'm sympathetic to your response, but I don't see things quite as bleakly for a few reasons:
- NFTs create a scarcity of ownership, but they don't create a scarcity of enjoyment or experience. In fact, the entire NFT generative art community is based around the idea of viewing and enjoying pieces that you don't personally own.
- I don't think scarcity of ownership is necessarily a bad thing. Having put some skin in the game for that specific piece, the owner sort of becomes that piece's biggest advocate. And this allows many collectors to form a much stronger relationship to the piece than they would have if they saved a copy of an image they found on instagram.
- A generative algorithm can theoretically produce an infinite number of outputs, and I think there are valid artistic reasons to want to limit the set to a specific size. For example, maybe the algorithm no longer produces unique results after 500 or so iterations, and the artist wants to cap the collection at that size to allow people to become familiar with that amount of outputs. Managing this with NFTs allows the artist to create a canonical collection limited to the desired size along with the proof that they all derive from the same algorithm.
- Blockchains are still fairly new as an artistic medium, and I think many artists will find ways to create interesting projects without leaning as much on scarcity. Some projects do open editions, which we may see more of in the future. Scarcity is simply a tool at the artist's disposal.
(Disclaimer: I'm an artist who makes a lot of generative NFTs, so I'm heavily biased)
if youre not extracting a profit from people enjoying the art, why are you advocating for it? what is your skin in the game? if youre only advocating it to get rid of it by selling it, i dont think thats a genuine advocacy for the piece.
im unclear that this scarcity is different from making a wordpress site with n posts, each one being a picture generated with the different parameters.
i think the website version is better, even, since you as the artist can pick out the best individual items when producing the single art work that is "n pieces generated by this algorithm"
i dont think it really unlocks anything new. Whats different is having tooling that makes it easy to do
Again, I think the act of "owning" it creates a much different relationship between the collector and that art than simply looking at it. They have skin in the game because they either spent money on the piece, or were able to mint it by being in the right place at the right time.
To be sure, a lot of the "advocacy" is exactly what you describe, where people are just trying to push their bags. But the advocacy I'm talking about is more about the social element of discussing the art with other people in the community.
The website is certainly a valid way to display a limited generative art collection, but it's a different experience. It means that the artist _can_ curate the collection and hide some of the rough edges of the algorithm... but then it loses some of its magic. NFTs have sort of enabled a new sub genre of generative art [1].
> if youre not extracting a profit from people enjoying the art, why are you advocating for it? what is your skin in the game? if youre only advocating it to get rid of it by selling it, i dont think thats a genuine advocacy for the piece.
There's an emotional state associated with having paid money, sometimes a lot of money, for something which makes you want to get something in return. That something can be as simple as collective discussion of the art you bought, or propagation of its image into the real world through murals and commissioned derivatives.
It doesn't have to be a speculative interest in re-selling, though I agree that most people entering the space are exclusively interested in the latter.
Re: #3, there isn't really a meaningful oracle problem now that there are reliable oracles.
You can make synthetic assets which track prices of e.g. stocks. There are a few different protocols in this space, such as https://synthetix.io/. The biggest hurdle, I think, is regulatory -- is it legal to make and trade derivatives of $synthIBM and trade it like derivatives of $IBM?
Re: limited editions, I'm not talking about monetization. As someone currently working on a big generative art collaboration, I think knowing that the output will have a finite set that is considered canonical is an essential artistic constraint.
I would consider myself an informed skeptic that is selectively pro-crypto.
I would first clear the air by saying this: yes, making money is an important use case of the current crypto industry, if not THE use case. I find it puzzling how people frown upon that. Making money (or at least getting paid) is the number one activity the average person spends a lifetime doing. Many in bullshit jobs that add no value.
You can have all kinds of opinions on how this money is made (speculative), but the crypto community doesn't care. It's their money, not yours. I would personally not touch 95% of crypto with my money, but take no issue with people that go all-in. Live and let live.
As for NFTs, it's funny how you say some discussion participants simplify it too much (just right-click) and then come to sweeping simplistic conclusions yourself: bored apes and crypto people failing to deliver anything new.
This suggests you're keeping track. If so, can you tell me about recent trading volume? The top 10 projects? Which celebrities, artists, musicians and sport teams released popular ones? On which platform? Which are hot upcoming releases? Out of the many issues with NFTs (no infinite storage, copyright acknowledgement, mint duping, etc), which teams are working to address these issues, and what are the solutions? Do you know which non-JPEG NFTs got traction, like unique physical access and lifelong memberships? Which gaming companies are experimenting with NFTs, and I'm talking AAA titles?
I could make that list a whole lot longer. I suspect you don't know the answers, but that's not a personal attack. The point is that the space is vast and extremely fast. This idea that nothing has happened in crypto in 10 years is because you're not looking.
The discussion is not advancing because people don't spent a second learning about crypto or keeping track.
{
Id: some unique namespaced string (aka, the part that is a non fungible token)
Owner: reference to who currently owns it
Payload: data that defines the content of the NFT
}
You can put this in a database if you want, or use a block chain as your data storage. I expect many of those teams you mentioned are solving their NFT issues by moving their NFTs from block chains onto postgres tables, or putting them in databases from the start. The listed problems have somewhat straightforward solutions by doing so, and many companies have offered NFT marketplaces based on databases for years and years like the Steam marketplace for gaming. They work fine at scale, too. I expect that most popular digital ownership systems do not use a block chain as their back end, though I do not know what the top 10 are {apple, amazon, google, the us government?}. The most advanced team solving the listed problems is without doubt YouTube though.
What block chain NFTs have over database NFTs is hype. There's a lot of wealthy people with money tied up in crypto investments that want to be able to.
The other feature is that the audit history of changes to the Owner field is guaranteed to be public instead of optionally public, and that guarantee is what of questionable value when "crypto people don't deliver anything new" is mentioned.
----
If somebody's managed to make solve identity using a block chain that's quite interesting re: "unique physical access".
I'd expect the block chain to be uniquely incapable of guaranteeing unique access to anything, since access is based on knowing a password, and it's easy to make copies of a password. At best id expect a blockchain to guarantee limited access to people who know one at least one of a set of possible passwords, and a bouncer controls unique access by doing a separate identity checks.
Is this some facial scan? Dna +epigenetics check? Is it trivial to link all your accounts together? What kinds of attacks has it been tested against? Can your twin get in if he knows the right password and borrows your id? Can your spouse get in if you're in the hospital? Next of kin when you die?
Is there a non-blockchain equivalent of gated access to resources based on ownership of a token? People do this a lot in the NFT space (access to certain chat channels based on owning an NFT), is anything like that happening (rather than theoretically possible) outside of crypto?
None function with anonymity by default and you can't sell or even transfer most of these memberships.
I wonder if part of the divide on the "utility" of NFTs involves "internet native" culture (assuming the reality of pseudonyms without need to pierce the veil and use a real name).
Over the past few years, my personal experience/perception is there's been less and less people with a technical grounding in crypto/blockchain who bother to engage on HN (on CT, it's often dismissively referenced as "the orange site") because not only is there such a strong anti-crypto attitude, but usually it's based on pretty shallow or often wrong comprehension of the tech/mechanisms.
I agree that it's pretty pointless to argue though. Even when blatant misinformation gets cleared up, or clear examples of how the tech is actually being used are outlined, most of the conversations then end up at "well, I don't see the value of it so it still must be useless." ¯\_(ツ)_/¯
The biggest sources of skeptism were around logistics and value as a currency:
Is there a cryptocoin that has successfully solved logistics without disastrously failing as a currency?
Even if you ignore the environmental aspect... has any coin that has achieved scale not experienced deflation that would make the Great Depression look like a hiccup?
To me the skepticism has always been "you can't have a functional decentralized currency". Some people take that at face value and proudly proclaim "people will accept your BTC/ETH/etc."
But most people mean it in the sense we think of currencies belonging to non-failed states: aka being a somewhat stable store of value. More widely used for payment of productive economic output than fraud and speculation...
-
I see crypto as I see Tesla, maybe there way a point but it's long buried under the mania.
Disclaimer: Due to that mania I keep some as hedge, but again, imagine saying I keep dollars under my pillow as a hedge that next year they might have 10x'd in value...
Bitcoin is bigger than ever before. It's far more valuable, it has far more users, processes hundreds of thousands of transactions moving billions of dollars worth of value every day on-chain alone, has very healthy L2 layer growth (1ml.com), has hundreds of exchanges worldwide, it ticks every 10 minutes and will keep ticking for the foreseeable future. We have a small country that adopted it as a legal tender with more countries coming on the Bitcoin standard potentially this year.
People only see the fiat currencies and forget that we've run on gold standard for thousands of years and fiat currencies are barely 50 years old and riddled with financial crises left and right. Bitcoin is digital gold, strictly better than gold. But anyways, we'll see what happens in the future.
Bitcoin's volatility is not because of the fixed supply. If nothing else, new Bitcoins are still being issued. It is of course true that inflation encourages spending etc., but the difference between -2% and 2% does not cause 50% daily price movements.
Bitcoin cannot be stable relative to other currencies as long as 90% of its forex volume is speculation. If there are businesses having long-term obligations and trade denominated in Bitcoin, providing for a large base of regular demand and supply that outweighs the speculation, it will stabilise.
This is obviously really really though to achieve, but it has absolutely nothing to do with the "tech" (which is essentially a spreadsheet). This makes the debate around the volatility and whether its qualifies as a "currency" rather boring. It will happen, or it won't, and we can try to predict the future, but it is not really about Bitcoin at all, just marketplace behavior.
Where did I say Bitcoin's volatility is because of fixed supply.
Or even remotely imply it.
-
Once again the reply doesn't actually answer the basic question, because the answer is inconvenient.
I'd love one honest reply to the point grounded in any crypto, not even Bitcoin, being a "relatively stable store of value paying for productive output rather than speculation and fraud?"
Relatively stable being defined extremely generously in this context might I add! I won't hit you with a "gotcha!" because your coin of choice is widely used to pay for goods rather than fraud and speculation but it happened to fluctuate 10% or something, USD does that too...
After a year of playing around with crypto I think I'm appropriately both skeptical and excited, which is hopefully a good starting point for non-trolling conversations.
That's an issue with all cryptocurrency infrastructure though: projects need to be proven to demonstrate robust value and it's probably one of the most adversarial spaces in software. History has shown that hacks and exploits of projects hurt the price of the native taken but do not really damage the long-term earned trust.
Exactly this, it's a very adversarial environment with huge stakes for those that can exploit it. Even projects that have been around for months, years can get exploited which is why I'd recommend waiting a long time before putting non-trivial amounts into any smart contract or crypto related projects.
That's also a big plus for Bitcoin, because it's been around the longest and because it's so much simpler than more complex chains like eth, it's as secure as it gets.
> That's also a big plus for Bitcoin, because it's been around the longest and because it's so much simpler than more complex chains
I’ve always understood this on a basic level, but reading an entire exploit debrief with intricate technical details really hammered this point home for me.
Are the stakes that huge for potential exploiters? It seems that exploits can write off a bunch of value from the exploited but, at least for big and quickly noticed exploits, it is hard to launder the gains into the ‘legitimate’ part of the ecosystem with big exchanges and suchlike.
I think last year alone had more than a billion dollars worth of crypto hacked on defi, there's some trackers out there [1]. On one hand, you have amateurs that leave their private keys on cloud services and try to cash out while living in a place like NYC, on the other hand, you have people who know what they are doing or perhaps live in places that actively encourage those activities [2].
Ethereum actually has almost no client diversity. The vast majority of nodes run the geth client (go).
Regarding the security aspects of L2s: they will of course not be anywhere near as robust as ethereum itself, but over time they’ll get better. However, they also don’t need to be as robust as ethereum given they effectively benchmark against the ethereum chain so while things could go wrong, the amount of damage will be very contained and as the ethereum mainchain scales the damage radius becomes ever more contained. Finally the bridges that are being implemented to move assets from ethereum to the L2s can implement emergency withdrawal mechanisms which allow users to get their assets out even if things go wrong.
Not perfect, but the tradeoff seems reasonable to me given the performance enhancement and the diversity of functionality that can be offered via many different environments.
Disclaimer: I’m quite possibly biased due to my company working on L2s.
Re: GP comment - From a "trust" perspective, there is a distinct difference to call out between the integrity of data on the platform, and the trustworthiness of the platform itself (i.e., the ability for centralized control of all data)
In an instance where an L2 is compromised, the potential impact is limited to the integrity of data that individual L2 was contributing to the overall platform.
Those transactions which demand absolute integrity will naturally tend to occur on L1, for this reason. Risk mitigation strategies will develop for those operating on L2 + bridged chains.
>In an instance where an L2 is compromised, the potential impact is limited to the integrity of data that individual L2 was contributing to the overall platform.
I think distinction is only meaningful as long as L2s remain a niche curiosity while the majority of transaction volume resides on L1. If the L2 plan succeeds and almost all volume passes through an L2 and one of the major L2s has a bug like in this post, then a large fraction of all ETH could end in the hands of hackers.
The ledger would accurately reflect the moment that a bad actor lifted e.g. 5-10% of the ETH supply off an Arbitrum or StarkNet bridge. Technically the L1 is uncompromised but a lot of money would be "redistributed".
Certainly a possibility, but this is one reason I’d be inclined to believe there will be some significant demand for direct L1 transactions, and a diverse set of L2 layers.
Are you envisioning homogenous L2s, or those more specialized in nature? I envision the latter, which would mean the number that any individual entity is exposed to would be limited.
But your point does highlight the UX implications of too much fragmentation, and it’s a worthwhile consideration
What kinds of transactions do not demand absolute integrity, but still make sense to use a blockchain for? (I don't know much about these sorts of things, I'm actually asking for examples)
Security of zk rollups may be sufficient for a lot of activity - trading, DeFi, games, art, DAO/access tokens, escrow, crowdfunds, all the web3 stuff.
The L1 may eventually be a primary settlement layer for protocols like zkSync and StarkNet (and any other protocols and rollups built on Ethereum L1). At some point it may not be common for users to interact with L1—ie. users of Argent and Sequence wallets may only be holding assets on L2.
zkSTARK/SNARKs has pretty dramatically changed the L2 landscape and new direction seems to be moving away from optimistic rollups like in the OP. This is just my understanding, somebody please correct me if I’m wrong.
On one hand you have a complicated protocol that doesn't really use cryptography and that has the user (you) monitor the blockchain for a week to make sure their transfer was processed correctly (otherwise my understanding is that you have to create a fraud proof, send it to the chain, otherwise you will lose your funds).
On the other hand you have a cryptographic proof of a few kilobyte that proves that some program correctly validated and applied the state transition of thousands of transactions.
As a zkSNARK cryptographer, efficient cryptographic proofs are incredibly complex pieces of technology that still have a ways to go before they can match the speed of native execution. Both approaches have pros and cons.
I gotta admit I don't know what 50% of the words there mean, but it surprises me to suggest that "absolute integrity" would not be required for trading, escrow, DeFi, DAO/access tokens.
Makes sense for games and art (but then I wonder what they are doing using a blockchain in the first place).
zk rollups tend to inherit most of the security features of L1[1] but with some trade-offs.
The trade-off is basically scalability (and thus fees). If the L1 network is so highly congested that each transaction costs $100 or more in the future, a scalable zk rollup that achieves about the same level of security at the cost of < $0.001 may be worth these tradeoffs.
This turned out to be longer than I intended. Apologies.
I view Ethereum as a value network, connecting disparate sets of transactional use cases around a set of core services (like Address, asset records, and transaction functions)
To believe that blockchain makes sense for assets which do not require absolute integrity, you'd need to first accept that there are valuable use cases which having an asset management & transaction layer (L1) serves.
If we establish that there are valuable use cases that attract asset management to L1, at a certain point network effects begin to take hold, and the system becomes "top of wallet".
There are parallels in how you manage traditional finances today - Even if you have multiple bank accounts and digital wallets for USD (e.g., a Chase account, Cash App, Venmo, etc.) you're likely to mentally consider one of those your "primary" account. The important one. The main difference in the value network of Ethereum is that the primary account can aggregate the assets that are managed/transacted through L2 solutions. The L2 solutions leverage the core "identity/asset mgmt layer" of L1, but serve use cases that don't justify the cost of development/operation/transaction on the main layer.
To connect this analogy to the original question, let's imagine that your Bank Account offered direct integration with each of the other accounts you manage - Capturing every asset you held, including the 124 gold you still have on your World of Warcraft account from a decade ago. If the 124 gold were to somehow disappear due to a bug/hack/other integrity issue, your bank account would reflect that. But the important stuff would be there.
TL;DR - If commerce generally moves to blockchain systems at significant scale, there will be an acceptable level of failure on L2 systems to support the convenience of aggregating up asset mgmt alongside the important stuff.
This does a good job of answering what kinds of transactions you don't care about, but not why you want them to be on a block chain.
The usecase given agregating those assets by the wallet has two problems:
1. You can have many wallets
2. Not everything associated with the wallet has to have it's transactions tracked on a block chain
All you need is one more column in the wow database, and you can pull up your wow assets with your wallet without them being on the L1 or L2 chain
I suppose that’s fair. You could theoretically argue for some “integration” between an off-chain centralized database and on-chain wallet - but unless it were just an untrusted pointer, there would need to be some asset managed from a contract to serve as a “proof” of sorts.
If you’re questioning why people would prefer on-chain vs off-chain games, I wager there’s something appealing about the “decentralized” nature of the system that attracts people to on-chain games - and I put decentralized in quotes because it’s not always certain that’s a promise always delivered on, but it’s where the appeal is derived from.
Regarding your other notes - 1. Same theory applies though. One wallet is often seen as a primary wallet (hot) that manages public facing assets - e.g., registered ENS domain, an NFT, etc. 2. It’s certainly not required that all associations live on chain, but if you want core services and verification of ownership, it’s mostly on/chain or bust.
execution node (ETH 1.0) diversity is important, but actually more important moving forward is the consensus (beacon chain, fka Ethereum 2.0) diversity. The crawled data here shows that Prysm has almost 2/3s of that: https://migalabs.es/crawler/dashboard
With zkrollups, you get an on-chain proof that the off-chain infrastructure did everything correctly. A contract can even verify that proof before updating the data on chain.
Same with Polygon their Ethereum L2+Sidechaining scaling solutions. Polygon is quickly building a reputation for solid secure code, mostly because their team kicks ass and is proactive.
I mean they just disclosed a 1.6mil hack 40days ago.
I like polygon and unfortunately feel like hacks/stolen funds are part of the maturing process for blockchain projects but im not yet ready to say they are building a reputation for solid secure code.
For those interested in the specific risks of various L2s as they stand, L2Beat has the best overview: https://l2beat.com/?view=risk
While the various L2s are all pretty bleeding edge, the current state/alternative [1] is that a majority of the TVL is being bridged to alternate L1s, where the bridges are also extreme weaknesses [2]. There was the recent $320M Wormhole hack [3], the last record white-hat payout ($2M bounty on $850M at risk with the Polygon Bridge) [4][5], and $2.2B sits on Avalanche's Bridge [6] which is an EOA that is secured by literally 4 SGX machines. [7]
It's L2, but you can have different types of L2s. With lightning network, you're opening and closing channels with a counterparty using on-chain transactions, so each channel can be tied back to an on-chain transaction.
Before someone points out that it would require tons of on-chain transactions to onboard everyone onto it, you can batch thousands of channel open/closes into a single transaction with new protocol upgrades.
That's not even the most fundamental issue with LN though, it's not a fully thought out system. As LN node count increases the routing complexity increases exponentially, which is the classic problem of routing issues on large graphs that literally every networked system has. The internet solves this with some degree of human intervention to tip the scales to particular routes, which is something that the LN inherently can't (and shouldn't) do. There is some amount of optimization that could take place using common graph routing algorithms like OLSR or others but those represent foundational changes to the protocol which historically LN is allergic to for whatever reason and wouldn't entirely solve the problem in any case.
Simply put - it can't scale to that kind of throughput for a combination of cultural and technical reasons.
Sigh. Quick, go tell UPS and DHL and others that they must file for bankruptcy because traveling salesman problem or whatever is hard to solve.
This is just nonsense because, for instance, each LN hub can configure how much processing it wants to take on by focusing on most profitable subgraph.
In the end, LN will be processing more and more payments and you will keep ignoring that fact and claiming that it can’t scale. This has been happening for years already.
> the routing complexity increases exponentially, which is the classic problem of routing issues on large graphs that literally every networked system has
I assume you are using “exponentially” in its informal meaning of “somewhat quickly” ? At least I am not aware of any routing issues that scale exponentially with the size of the graph.
To the contrary, if you can pick the graph structure then routing is not very difficult at all.
Most end-users won't be acting as payment gateways, they'll all have private channels, so they won't appear in the routing graphs. The number of routing nodes would be many magnitude smaller than total number of LN users. It's working fine for now with growing adoption (1ml.com) and I believe it'll only get better with time.
Sure, but in order to accommodate more users you need more routing nodes. Exponential scaling is a funny thing- systems work perfectly right up until they catastrophically fail. That's why it's important to understand these kinds of problems ahead of time, which LN is determined not to do.
Look at it this way, if x = number of total users, routing nodes will grow O(log x), not O(c^x). The users can grow exponentially, the routing nodes won't because the marginal cost of processing an extra transaction from an end-user is very close to 0.
I thought the routing node was putting up some amount of Bitcoin per channel. Each channel would therefore have a non-zero cost (and each user requires a channel).
I would need to go back and refresh my understand as it's been quite a while since I read the LN whitepaper, much less kept abreast of developments in that space.
When you fund a channel, the Bitcoin is still yours, you're not giving it away.
With batched channel open/closes, it'll be super cheap to open and close channels. The only cost you'd pay is the opportunity cost if your counterparty isn't sending transactions, so you're not collecting routing fees. If that's the case, you can just close the channel if you need to fund another channel and don't have spare Bitcoin for it, but that's about it.
You've just outlined how the marginal cost that you originaly stated was near zero, is in fact quite a lot larger than zero (you can't open channels without locking up your node's Bitcoin). Also, each channel opening costs a Bitcoin L1 transaction fee (which is a lot larger than $0.01 and can only really grow from here).
Unless things have changed recently the big issue with LN is that it's fundamentally a centralizing force. The idea that everybody is going to open a million channels with every single counterparty (locking coins in the process) is ridiculous. Instead people would just open a couple of channels with big, centralized nodes but that's just Visa with cryptobabble on top.
Even if everyone had channels with the same, single central node it would have more guarantees than Visa does. The single central node could not just decide to keep everyone's money, as participants have the option to create an L1 transaction to withdraw funds if node they have a channel with misbehaves.
The main issue with LN is even more fundamental than that. Their argument against other scaling solutions was basically "if we scale on chain the hardware requirements will be hard for regular people to keep up and decentralization will suffer". So instead they went about and created a system where only the wealthy have the capital to commit to open enough channels and route payments. LN is almost totally antithetical to crypto in that it enables the creation of the very thing crypto sought to destroy; gatekeeping payment processors. Bitcoin was co-opted by Blockstream and co. who wanted to become Visa/Mastercard-like rent seeking middlemen.
Opinion part: Monero is technically superior to Bitcoin in basically every way.
>Monero is technically superior to Bitcoin in basically every way
I see how this is true from a privacy perspective, but how does monero solve the issue of the blockchain eventually becoming too large for an ordinary person to run a node on their pc? the bitcoin blockchain is already several hundred gigabytes
As I said, that's just my opinion really. But Monero uses a dynamic block size. The hardware requirements will increase of course. But hardware becomes cheaper over time so the monetary cost of participation does not increase as quickly as LN where the cost of participation is capital directly.
Good question, I don't have an answer for you unfortunately. I have seen people talk about this in the Monero community though so at least they're aware of the issue.
Monero is what everyone used to think bitcoin was.
Now that people are starting to realize what bitcoin actually is, and all the lies and misinformation are falling away, the world is gearing up to pounce on it and fully integrate it into society. People are rapidly realizing that it really is the internet of money.
Monero will still have it's place, but only as the dark money network.
I've actually become increasingly worried that Monero is at pretty significant risk of a nation state 51% mining attack, since it mines with generic CPUs. A government could rent out an AWS fleet to attack the network and if not kill it, at least add a lot of friction via this kind of DDOSing that temporarily blocks people and breaks interest, like they do with Tor services today.
hm okay, room for nuance, there are at about a dozen L2 technologies in deployment right now, each with multiple competitors using a specific technology.
It is yes, and even though the lightning network is considered one of the more secure/safe L2 networks, even it has had bugs (now solved) that potentially could have caused everyone to lose all their money, if those bugs had been taken advantage of.
Can you provide source for this claim? I thought that infura was the dominant infrastructure provider for eth and if it gets taken down, a majority of the apps goes down too.
Well on the same site ethernodes.org, the majority of Ethereum nodes are running on AWS at 45% [0]. Due to this announcement from AWS [1], it is going to become even more centralized.
So the claim of 'extremely decentralized network' is somewhat of a myth and a falsehood.
Ethernodes is known to be inaccurate [0] and is missing a lot of nodes because they can't index nodes that are maxed out on peers or are behind NAT and can't accept incoming connections from nodes they haven't connected to first. I know this for a fact because my own personal node (been online for over a year now) is not indexed on ethernodes, nor are 70% of the peers my node has. Only 2 out of my 15 peers are AWS IP addresses.
As a general rule - its very difficult to get anything close to an authoritative census of a decentralized peer to peer protocol.
Correction: according to your link, only 28% of Eth nodes are running on AWS (1579 of 5632 - click "Network Types").
However, many of these are not mining nodes that secure the network (and therefore security of the blockchain), but instead are nodes run by dApp/web3 developers to handle things like indexing NFTs and the current state inside a smart contract.[1] It is easy to spin up a geth node for a task like this—and by default mining is not enabled. I haven't seen any stats on the total number of mining nodes and their network types.
I agree that too much of the traffic is going through AWS, and I suspect all of these stats will need to be re-examined after the PoS Merge.
Correct me if I'm wrong, but with those L2 tricks the plusvalue of Ethereum gets kinda diluted... and there's already a heavy discussion on the "why should I use it at all".
Most L2s will require users to pay transaction fees in ETH. Some will have fee abstraction where people can pay with tokens, but the rollup themselves will still end up paying ETH on L1.
Ethereum will essentially be a settlement layer for rollups, and everyone will be doing their DeFi, NFTs, etc on the rollups which are almost treated like their own chains.
We're super greatful to saurik for writing up such a great analysis of what he found. If you want to hear some of our key takeaways as the maintainers of the network, you can check out our disclosure post here [1].
If you're wondering WTF Optimism is... we are building an optimistic rollup on top of ethereum. The basic idea is to de-couple blockchain computation from data availability and allow a new operator to exist called a sequencer which can accept transaction requests and submit the calldata to Ethereum Mainnet, but do the computation on Optimism Mainnet. There is an idea of a fault proof which means you can verify that the computation done on Optimism Mainnet followed the exact rules of the EVM, and you can prove this on Ethereum Mainnet. Our fault proof codebase, cannon, was built by another jailbreak legend (geohot) precisely with the goal of running Ethereum's battle-tested code and minimize the chances of bugs like this. It's some really cool stuff. If you're into compilers, VMs, and blockchains alike, check it out! [2]
The protocol is still in active development, it is not done yet, and that's exactly why we set up this bug bounty program. We think bug bounties matter, a lot, and we're proud to now become the record holders of the largest bug bounty payout in history, however we hope to very quickly be beaten by someone else. Developers like saurik, who we've gotten to know recently, are super important for this ecosystem to thrive. Building this stuff is hard, and we want the best hackers in the world to get rich breaking these protocols because if we succeed in this industry, this technology will be the backbone of the world's financial infrastructure — it needs to be secure. Everything we write is also MIT licensed and developed completely in the open.
Very happy to answer any questions, I'll check this thread for the rest of the day — AMA :)
I've been wondering what the hardware requirements for running Optimism's infrastructure are relative to just running a Mainnet node. If Optimism can process more transactions than the main chain, does that mean state growth is also much higher? How is Optimism thinking about this problem as it moves to decentralize the sequencer in the future?
This is a fantastic question for pretty much every scaling solution out there — as the initial engineering work on rollups finish, many of the fundamental scaling problems re-emerge on L2. Right now, our system's hardware requirements are very similar to L1 mainnet, but the state is growing.
There are two solutions in the future: statelessness, and block-producer/verifier asymmetry. Statelessness (and related concepts like state expiry) has been under active research in Ethereum for years, and we've recently started our own contributions with a new stateless Ethereum client [1]
The other part of the solution is to leverage asymmetries between the hardware requirements of block producers and verifiers. TLDR: this lets you have high HW requirements for sequencers, but still secure the network with laptops. Vitalik recently wrote about this; you can read that here [2]
I have a question: why did you make transaction data from before the Nov 11 upgrade unavailable? How hard would this have been? It's just serving the same immutable transactions that were there before, right? People were expecting these to be available for planning and tax reporting.
Even finding out about them after the fact was difficult because the cause of missing transactions wasn't made public on the user-facing site. For months the maintainers fielded questions from people on the discord that could have been satisfied by an announcement on the website. And even the announcements on discord came slowly.
The Nov 11 upgrade radically changed how Optimism's backend worked. Transactions after 11/11 are executed in a VM that's much closer to the EVM than before. It's still possible to run nodes that access these pre-11/11 transactions, but because of the way Etherscan and geth are designed, it's unfortunately not as simple as just serving the same data again.
Etherscan CSV exports are the best solution we had that didn't require significant modifications to Etherscan's backend. You should be able to use the CSV feature to export all of your relevant pre-11/11 transaction data (transactions and ERC20/ERC721 transfers).
While we did our best to communicate this months in advance on our twitter, blog, discord, and documentation, it's hard to reach everyone and we totally agree that this is not ideal. At the time, we had to prioritize progress, but we've since made a firm commitment to not to update the chain in this way going forward. So, this shouldn't be something people will need to worry about in the future.
>While we did our best to communicate this months in advance on our twitter, blog, discord, and documentation, it's hard to reach everyone and we totally agree that this is not ideal
That doesn't look like your best. Here's the blog you refer to[1]:
The only pinned tweet is a cute meme about the whitelist change, nothing to head off frustrated users wondering where transaction history went. (I don't know how to link a historical post in context but I can assure it was not evident on the Twitter feed why I was missing transaction history, and there are no such warnings before.)
The only reason I even got on the Optimism Discord is because none of these places had any information! And then, even when I went to the Discord, and go to #announcements, and look at what was being announced in the runup and release, the loss of transactions still isn't mentioned! [2]
Maintainers talk about the upgrade, to be sure, but not this implication of it.
So no, I don't know how can justify the claim that you made a serious effort to alert users.
You're right that we could have been better communicators about this. We prioritized our concerns with applications that could break during the upgrade, and we biased our public communications towards developers as a result.
For example, you're right that a notification on our homepage, in addition to our docs, would have been a good reminder to users. We'll work on getting a blog post and better documentation up that explains exactly how to access data from before 11/11. We really appreciate the candid feedback here.
We're a very fast growing startup tackling a herculean task, so we're bound to make mistakes and this is one of them — I hope you can understand. We want to be much better communicators going forward.
>For example, you're right that a notification on our homepage, in addition to our docs
I don't remember it being in the docs either, as that would have also saved me from signing up on the Discord.
And this isn't an issue of prioritization. Remember, your overworked volunteers and maintainers on the Discord are still spending hours every day fielding questions in #user-support that could have been answered by a link in prominent places. You're wasting more person-hours than you would have with effective communication and trivial updates in prominent places.
You didn't even benefit your own goals by leaving those out!
So no, I guess I don't understand what the huge barrier is to putting out these important notices.
But he said "sorry" (somewhat) politely and pulled the "we are fast growing startup"-card .. so you are obligated to forgive him?
It seems quite clear to me (as a third party to this) that the lack of communication w.r.t. this behavior was intentional. Trying to fix a mistake without having to admit having made it in the first place...
Civil discussion is going to collapse even further if bad actors don't stop with the dark patterns.
He states that Optimism doesn’t have a native gas token and native currency, and eth balances are implemented using ERC20 tokens with OVM instead of the native balance mechanism
However the exploit is using selfdestruct to transfer and create the remaining balance to the target address, effectively creating new tokens out of thin air.
> This means that, when a contract self-destructs, its balance is BOTH given to the beneficiary AND ALSO KEPT. If the contract had 10 ETH, 10 ETH are CREATED from thin bits and handed to the beneficiary.
But I thought from this explanation that contracts don’t have a balance because ETH is stored in an ERC20 contract, and is set to 0. How can the contract have balance (10 ETH) to transfer on selfdestruct when optimism doesn’t have a native balance?
Would it help if that paragraph had said "10 OETH"'instead of "10 ETH"? (I am going to go change it regardless, as that is probably at least theoretically less confusing; but, like: is that sufficient?)
Whats the best way to replicate these states on localhost?
When using the L1s, it is easy to fork the current state of the network with Brownie and bang at smart contracts for free using fake gas on localhost. Reserving any advantage or unexpected behavior you find for the bug report, or redeploying it on mainnet for the bug bounty paying the gas just that one time
But with L2s in the mix, especially Optimism, how would one do the same? Would it be like two instances of Brownie in virtual environments? Kind of like having a cluster of microservices booted up in Vanguard on localhost?
Yeah, so to run your own Optimism full node--the "whole stack"--you need 1) a normal Ethereum full node of some kind, 2) an Optimism data-transport-layer service (which scrapes the L1 looking for L2 transactions and provides a web service to access just that data), and then 3) an Optimism l2geth instance (which is an Ethereum node modified to read its transaction batches from the DTL).
Speaking of "bug bounties", I use the term liberally as a euphemism for hacking these contracts and taking everything for yourself under the observation that company/community bug bounty systems are broken and undervalued for the value they provide. Although seen as a euphamism now, I think the term is accurate especially when looking at how bounty was used in the American frontier or Wild West.
You made $2,000,042 from this without any drama, in a quick timeline even though it was technically outside of the scope of the program! I think many in the hackernews audience would have liked to have known that from the get go. Many people ignoring blockchain would pivot immediately to at least doing smart contract bug bounty research on the side just from knowing that alone, learning the extremely lucrative and marketable skills in the process. If you formatted the article to the bug-bounty timeline to payout format. You should even show some people a material thing that what you bought with it, because many people still don't understand that this is analogous and convertible to money in your bank account especially at these convenient amounts.
How much could you have seized with this bug at the time?
> I use the term liberally as a euphemism for hacking these contracts and taking everything for yourself under the observation that company/community bug bounty systems are broken and undervalued for the value they provide.
> ...because many people still don't understand that this is analogous and convertible to money in your bank account especially at these convenient amounts...
FWIW this project doesn't have its own token (this L2 uses ETH as its currency just like the base layer), so the bug bounty payout is denominated in actual USD.
Whether they paid in ETH priced in USD, or a stablecoin, or a USD wire to your bank account, many people aren't aware that getting paid in this space is that lucrative and that liquid and that simple.
saurik is pretty famous, I would estimate that most serious players in this space know the money is here. What is good about this post and the fact it's on top of HN is that maybe the average HN reader will be curious and help shift the crypto narrative on HN from negativity to at least neutrality.
Yeah it would be great and more on brand for this forum to have neutrality
The actual communities for most projects and general crypto are obnoxious, and probably what has helped push or keep this community to negativity, i could see it flipping to neutral though, judging by the emails I get there are plenty builders and educated proponents here
Look at how the crypto-sphere reacted at FEDs returning "stolen" coins to Bitfinex like all praise and "justice served". Only HNers actually raised "hey guys why do you even crypto if FEDs will decide who owns what".
It all ends up being Government-coin and they like it.
To me, this is Exhibit A of the oddly incoherent nature of discussions that appear here. What you wrote is a random mixture of ideology, misinterpretation of what happened, and the wrong forum for it.
Where would one even start?
US Govt hasn't returned the bitcoin to Bitfinex. Bitfinex has stated they would apply for getting it returned. This is the process these things take. All that has occurred is a DOJ/FBI seizure, indictment and arrest. I don't know what reaction you referring to and your sentences are ideological hyperbole that have nothing to do with the technology. This is a technology and industry forum. The technology allows any possessor of the private key to assume control over the entries in that private key.
The Dan olsen analysis is very clear about how lucrative and liquid it is, and where those come from. Ethics wise, that liquidity comes from the scams and you're part and parcel to them by participating
Even if that was something to care about, the entire economy works that way. I don't feel that it is a role of the state to whitelist what money can go into what economy, and even though it has assumed that role in the fiat system it is not successful.
So just go where the action is. Don't scam people yourself while you are at it.
(This has hopefully been fixed; the way I added SSL to my website--which I only the night before last--was "ridiculous" and apparently not at all up for the challenge :/. I thankfully had given myself a backup plan--offloading the SSL to nginx--which I was able to switch to quickly, but I should have really pushed my update today with that configuration.)
