The State of the Art in Cryptocurrency Privacy

An abridged overview of production systems.

At a recent offsite with the Aragon One team, I presented a lightning talk about state-of-the-art systems for privately buying, selling, and using cryptocurrency.

A PDF of the slides is published here. The slides are pretty self-explanatory, so I’m sharing as-is. If there are any questions or feedback about the content, I’m happy to discuss in the comment section.

This slideshow requires JavaScript.

Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

Hundreds of media accounts were just deplatformed. The need for a decentralized web is greater than ever.

Over the past few days Facebook and Twitter have deplatformed hundreds of accounts with millions of followers in total under the guise of fighting “clickbait” and “spam”. The Washington Post reports:

Facebook said on Thursday it purged more than 800 U.S. publishers and accounts for flooding users with politically-oriented spam, reigniting accusations of political censorship and arbitrary decision-making.

In doing so, Facebook demonstrated its increased willingness to wade into the thorny territory of policing domestic political activity. Some of the accounts had been in existence for years, had amassed millions of followers, and professed support for conservative or liberal ideas…

Just one day after the Facebook purge, Twitter followed suit, deplatforming the accounts of alternative media outlets Anti-Media and The Free Thought Project. Sputnik International reports:

Anti-Media and TFTP aren’t automated bot accounts or spammers. They are run by US citizens who used the internet applications Twitter and Facebook to exercise their First Amendment rights. For that they have been punished — first by Facebook, now by Twitter.

I have friends who were caught up in these purges. Their audiences have been significantly reduced because of this deplatforming. I am generally opposed to “censorship” by media platforms, preferring that readers use their power to mute or block content they do not like rather than have their web browsing experience curated by paternalistic algorithms and “content moderation” teams.

That said, we have to recognize the reality of the situation we find ourselves in: Facebook and Twitter are platforms owned by private companies who have the freedom and the right to deplatform any content they do not like.

The alternative is website owners being forced by the State to host content they disagree with, which seems even worse than the status quo. Hypothetical Lockean squatters rights aside, today’s legal regime supports a company’s right to moderate content off of their platform. So what can we do to protect ourselves from sudden deplatforming by social media administrators?

We get rid of social media administrators.

The future of social media, and the web itself, is decentralized. The same way bitcoin is a decentralized, open protocol that enables anyone to send and receive money without intermediaries, social media platforms will become decentralized protocols that enable anyone to publish and read without intermediaries. The web gets us most of the way there, but there are still vulnerable choke points, such as centralized servers that host content and the ICANN-owned domain name system that routes web requests.

The decentralized web is removing these choke points and replacing them with open protocols that advance the vision of the web’s inventors and early pioneers. Platforms like Blockstack and Ethereum are taking the vision of the web and building in censorship resistance that is stronger than anything possible with the technology of prior generations.

Using BNS and ENS, you can own a domain name that no corporation or government can take away from you. Using Gaia and Swarm you can self-host and back up your content on multiple geographically diverse hosts, preventing take-down by would-be censors. And rather than rely on the good graces of payment processors like PayPal to earn your keep on the web, you can get paid for your content directly by your fans using Lightning and Connext.

Putting this all together, what does the decentralized social media platform of the future look like? It could look like Afari, a Twitter-like application built on Blockstack:


Or it could look like Akasha, a Medium-like application built on Ethereum:


To be sure, it’s early days for these platforms, so they’re not quite ready for prime time yet. And in all likelihood, they could go the way of previous decentralized platforms that attempted to take on the centralized social media giants: at best a niche curiosity, at worst abandon-ware that gets buried in the graveyard of failed projects.

But what this new breed of open protocol-based platforms represents is a turning technological tide, where users don’t have to be sysadmins to take control of their data, where interfaces are familiar and functional, where censorship and deplatforming are nearly impossible. In this world, publishers can post without fear and have a direct relationship with their audience, secure in the fact that no third party can unilaterally take away their online voice and reach.

If you have any motivation to help – whether with design, development, documentation, or testing skills, or even just providing moral or financial support to these projects – I urge you to get involved. The decentralized web wasn’t mature enough yet to save the hundreds of accounts that were just purged by Facebook and Twitter and the many that have been purged before. But maybe, with your help, we can prevent something like this from ever happening again.

Reach out any time through my contact page or the comment section below, let me know how you’d like to help, and I’ll try to point you in the right direction. You can also click through any of the links to projects mentioned above to get in touch with them directly.

Thanks to all involved with organizing and supporting the Decentralized Web Summit.

Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

Blood money

Modern society has an uncomfortable, often contradictory relationship with “blood money”. Here, I use the term “blood money” to describe money that is either gained through the use of violence/ threats of violence (coercion), or comes directly from an individual or organization that employs such tactics as a matter of course. For example, money from a kidnapping ransom or money that comes from a murderous crime syndicate.

At first glance, the issue would seem to be without controversy. Most people would probably say that blood money shouldn’t be knowingly accepted by people who want to keep their conscience clean. There are even laws in place that reflect these values, such as “Know Your Customer” and “Anti-Money Laundering” laws that exist to prevent criminals from using the financial system.

And yet, upon investigation it would appear that society’s aversion to blood money is more rhetoric than reality. This is perhaps due to how deeply blood money has penetrated society, how thoroughly violence and coercion have permeated society’s customs and norms, to the point where in response to breaking the law, as Mike Gogulski has pointed out, “the penalty is always death“. Thus blood money becomes inescapable as it circulates through the economy. Nobody’s hands are completely clean.

This blog post was prompted by a tweet that came across my feed criticizing Elon Musk for suggesting that he could finance taking Tesla private again using money from Saudi Arabia.


Already well known for their public executions and stifling of dissent within the Kingdom, Saudi Arabia is currently under investigation for allegedly sending a “killing team” to Istanbul to murder a Washington Post journalist inside of the Saudi Consulate.

As a primarily deontological ethicist, I sympathize with the point of view expressed by the tweet’s author towards Elon Musk. Back in 2016, I myself took a similar jab at Uber:


And yet at the same time, I also sympathize with the Elon Musks and Ubers of the world, at least when it comes to this specific issue. It’s easy to fall into the trap of coldly calculated consequentialism when you’re making big decisions that affect millions of people and involve the cooperation of thousands of others.

How discerning can you be about the moral purity of your employees, your partners, your investors when you’re dealing with numbers that big? In a world where society runs on blood money, the only choice it appears we have is how dirty we allow our hands to get. It’s impossible to completely isolate oneself from evil, given the totality of modernity. This is evidenced by the vanishingly small number of “uncontacted peoples” left on Earth.

Thus it seems that no one can be pure, and at best we can only negotiate about how bloody we allow our hands to get before we invoke the moral judgement of our peers. As much as we want the issue of blood money to be clean and simple, black or white, it would seem that all of ours hands are dirtied by shades of gray.

Faced with such a reality, the best choice appears to be a mix of deontological ethics and consequentialism: commit to a limited number of specific values (for example, don’t murder, don’t steal, the “golden rule”) and then try to optimize for the best outcomes. Sometimes that may mean tolerating or even partnering with others whose actions run counter to those values, as in the case of Tesla taking money from Saudi Arabia. While Elon Musk might never murder a journalist with his own bare hands, he will tolerate taking money from someone who has in pursuit of a larger goal. For Musk, the ends would justify the means.

I’m reminded of a quote from philosophy professor Will MacAskill on the 80,000 Hours podcast. He says:

…[I]t seems like given the obvious analogy with decision making under empirical uncertainty, we should do something like expected value reasoning where we look at a probability that we assign to all sorts of different moral views, and then we look at how good or bad would this action be under all of those different moral views. Then, we take the best compromise among them, which seem to be given by the expected value under those different moral views.

Elon Musk might make the decision that, while he would prefer not to finance his company with blood money from an organization that murders people, he expects that the outcome will be a net improvement over the outcome if he didn’t take the blood money. He can’t do nothing – everyone has to act, action means decisions, decisions mean consequences, and so we must try to act in a way that leads to the best possible outcomes.

So Musk decides, I’m not directly harming anyone by taking the money, in fact I’m using the money to help people, and I’m not responsible for how the Saudis use the returns on their investment in Tesla, so I will take their blood money and use it to make the world a better place. (Of course, this is hypothetical; I’m not sure what Elon Musk’s real justification for taking the money would be.)

In a poll I started in response to this issue, respondents were nearly evenly split on the question of whether it is morally wrong to accept blood money in the pursuit of noble goals, with those answering “no” only narrowly coming out ahead and about a third of respondents abstaining from the question altogether:


Written responses ranged from “Yes it is morally wrong because it legitimizes bad behavior” to “No it is not wrong to take the money but it is wrong to pay it back” and finally “The ends justify the means”; essentially samples across the whole spectrum of possible answers. And I’m not sure any one of them is the “right answer”.

I ask myself if I would take the blood money. Regardless of what I’d intend to do with it, I feel certain that the answer would be “no”. But then I wonder, what about blood money two or three steps removed from the source? How faded would the blood on the money have to be for me to feel comfortable taking it?

And for that question, I don’t have a good answer.

Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

New year, new job 2018 edition

I have some exciting – if somewhat belated – news to share. As you could probably tell from the title of this post, I have a new job. In November I accepted an offer to join the Aragon team as their new Community Lead!


Aragon is a project that I have been following since I first met the co-founder Luis Cuende at a Blockstack meetup in San Francisco. I was excited when they released the alpha version of their testnet client in early 2017 and blown away when they went on to raise $25 million later that year in the fourth-largest crowdfund and the second-largest token sale at the time.

After leaving Abra in July 2017, I took a few months off to explore the cryptocurrency space and see what other opportunities were out there. I considered several offers but kept my options open. The market had changed significantly since my last job search less than a year earlier. One significant change was that there were many projects outside of the Bay Area hiring for remote positions. Aragon was one of those projects.

I reconnected with the Aragon team while I was attending the Crypto-Economic Security Conference in Berkeley, CA. Zooko Wilcox, CEO of Zcash, knew I was looking for a job and had generously offered me one of the tickets his company was given for sponsoring the sold-out event. I accepted the ticket and went to the event, looking forward to meeting new crypto people in the Bay Area and watching interesting talks by the presenters.

I was surprised and delighted to meet María Gómez, Strategy and Operations Lead at Aragon, in person at the event (we’d previously met online while I was working at Abra). María asked what I was doing at the time. I told her I was looking for a new full-time gig, something in a marketing or community role. She told me that Aragon was hiring a Community Lead to replace their then-Community Lead Tatu Kärki, who was transitioning into a Communications Lead role. The rest, as they say, is history.

Within a few weeks, I had gone through several rounds of interviews and flew to Finland to do a trial week with Luis and Tatu. We worked on several community projects throughout the week, and on what would have been Thanksgiving day in the US, they offered me something to be extra thankful for: an opportunity to join the Aragon team as their new Community Lead. I gladly accepted, and have been dutifully serving the Aragon community ever since. Join us!

P.S. Aragon is hiring!

New job FAQ

Congrats on the new job! What does Aragon do?

Thanks! Aragon is building a platform that makes it easy to create and participate in Decentralized Autonomous Organizations, or “DAOs” for short. In the future, the Aragon project itself will be run as a DAO on the Ethereum blockchain. The Aragon DAO will be governed by holders of Aragon Network Tokens (ANT), an ERC-20 token that was sold in mid-2017 to raise the funds needed to develop the Aragon software.

Is $ANT a good buy?

Maybe! DYOR.

What’s it like being part of an Ethereum project?

Although I’ve been following the Ethereum project since its inception in 2013, I haven’t been closely involved since the very early days. After leaving Abra I took some time to explore all the projects that have formed in the ecosystem in the intervening time. Many of the smart contract applications that first got me excited about Ethereum have begun to come to fruition, including p2p prediction markets, asset exchanges, gambling platforms, and, my personal favorite, DAOs. This, along with the amazing team that Luis and Jorge have assembled, is what led me to join Aragon.

Now is a very exciting time to be involved in the open-source cryptocurrency community. There’s no shortage of funding for extremely ambitious projects, including important blockchain research and development work. It seems like the only limitation right now is the supply of engineering talent and the imagination necessary to build the p2p future so many of us envision. I’m excited to help Aragon overcome these limitations in our own community and share what we create with the broader p2p ecosystem.

Are you still working with Bitseed?

Yes! I think 2018 will be a big year for Bitseed. We have started shipping orders for Bitseed 3, the next-generation version of our plug-and-play bitcoin full nodes. And we’ll also soon be relaunching our developer community so that devs who are interested in helping us improve Bitseed have an easy way to get involved and work together.

The kind of projects I’m really excited to work on with the Bitseed community include adding support for Layer 2 protocols such as Blockstack and the Lightning Network. Then Bitseed owners could have a node that not only secures their bitcoin transactions, but can also resolve decentralized domain names for them or even earn bitcoin by providing liquidity to the Lightning Network. Future work could even include using the node as a decentralized storage device or a crypto-incentivized mesh router. The possibilities are endless.

If you’re interested in helping us with any of these projects, please get in touch.

So what’s next for John Light?

Bitseed 3 ships this month, the Bitseed developer community relaunches shortly after, and Aragon goes live on Ethereum mainnet sometime in Q1/Q2 2018. I’ll probably be traveling a lot for Aragon community events this year, so if there are any cool crypto events you think I should be at let me know in the comments below or ping me on Twitter or @light in the Aragon Chat.

Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

A Brief History of Blockchain Name Systems

This past weekend I attended the Aaron Swartz Day Hackathon at the Internet Archive in San Francisco. This event, which celebrates the life and work of Aaron Swartz, is organized in multiple cities around the world every year around the time of Aaron’s birthday (November 8). Since 2015, I have been attending the SF event and giving variations of a talk about blockchain name systems.

Here’s the description of this year’s talk:

Aaron Swartz once published a blog post entitled “Squaring the Triangle“, hypothesizing that a blockchain could be used to create a name system that had secure, decentralized, and human-readable names, thus “squaring” Zooko’s Triangle.

Since that post was published, numerous blockchain name systems have been developed, putting Aaron’s idea into practice. This talk will give a brief overview of the most popular blockchain name systems in production and show some of their applications.

Systems covered include Namecoin (the OG BNS), Blockstack, and the Ethereum Name System. Without further adieu, here’s a video of my talk from Aaron Swartz Day 2017 Day 2, A Brief History of Blockchain Name Systems.

Aaron was an incredibly inspiring individual, and it was a great honor to be invited to speak at this special event celebrating and building on his legacy. If you have a chance to attend one of these events in a city near you, I encourage you to go and participate!

RIP Aaron Swartz, you are gone but not forgotten.

Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

What appcoin startups have in common with Midwest logging companies

Logging companies in the 19th century Midwest had a problem. In the remote forests where they set up shop, cash was hard to come by. Still, workers needed to be paid so they could buy food and other basic necessities. So the logging companies came up with a solution to the cash shortage: they would print their own currency.

This private currency, known as “scrip“, was denominated like U.S. currency and redeemable for goods and services exclusively at company-run stores. If a worker who received scrip in lieu of cash wanted to spend their paycheck elsewhere, the scrip would often trade at a steep 10 percent to 25 percent discount. Exchanging scrip for cash would result in additional exchange fees. And so most business was done at the company store.

Company scrip for the Network Age

Fast-forward 125 years and private currencies are once again being used by cash-strapped companies to keep operations running smoothly. Only this time, the companies are high-tech software startups instead of Midwest logging companies, and the currencies they are issuing aren’t simply a stand-in for cash. Private currencies have become a core part of new business models emerging around digital networks.

Often referred to as “appcoins”, these new private currencies are being used by issuers to simultaneously fund their businesses and bootstrap networks around their products. Unlike the company scrip of the past, appcoins are neither denominated in another currency nor redeemable for a fixed quantity of goods. Instead, the issuer designs their product in such a way that users have to dispose of some quantity of the appcoin to receive the value offered by the product. As a result, demand for the product results in demand for the appcoin, creating a virtuous cycle of adoption and price discovery.

The power of incentives

For early adopters of the appcoin, this virtuous cycle can result in a significant financial return, similar to the way that an early investor in a company can earn significant returns if the company is later successful and the value of their equity increases substantially. For example, if an early adopter of a product receives appcoins when there are only 1,000 users and the appcoin is valued at 100 satoshis each, and several years later the product has over 100,000 users and the price of the appcoin has increased to 10,000 satoshis each, this results in a 10,000 percent “return” for the early adopter.

The potential for financial return creates an incentive for people to adopt an appcoin product early on, even when the “cost” to doing so may be higher than using a more established alternative (for example, using a new social network app when there aren’t as many people to connect with as on other, more established apps). This incentive helps bootstrap the network, giving the app a fighting chance in the face of well-funded incumbents and speeding up the time-to-critical-mass that gives the network value and makes the app “sticky” for end users (or so the theory goes).

The future of appcoins

I have written before about why I am skeptical of appcoins. Disintermediation and centralization remain my top concerns. But given that there is no sign of the appcoin trend slowing down, with even “mainstream” apps with millions of existing users announcing plans to release an appcoin, it is worth thinking about what it would take for appcoin issuers to address these concerns and succeed with this model.

Appcoin issuers could reduce the likelihood of disintermediation by ensuring that there is as little friction as possible when exchanging currencies to use their app, while simultaneously doing all they can to increase the value of using the appcoin. And to minimize the risk that centralization has on the long-term value of their appcoin, issuers could create a succession plan to cede control of development to a more decentralized open source community.

The long-term future of appcoins is unknown. They could overcome these and other challenges and become a powerful tool for building products and bootstrapping networks. Or, they could disappear as dramatically as they appeared, destined to be a footnote in the pages of history like the company scrip that came before.

Featured image via

Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!

Bitcoin as the Trust Layer of the internet

In today’s era of ICOs, appcoins, and “permissioned blockchains”, I am often asked about what I think about the future of bitcoin. Will it still be relevant in 20 years? Will it ever be used as anything but “digital gold”? I believe the answer is “yes” to both of these questions.

Get you a blockchain that does both

First to answer the question “will bitcoin ever be used as anything but ‘digital gold’?” This idea of bitcoin as “digital gold” has been embedded in the minds of Bitcoiners since the beginning when bitcoin mining was first analogized to the process of gold mining, and the inflation curve was compared with the rate of gold production. Since then, however, this analogy has created what I see as an artificial and unnecessary debate about whether bitcoin is “digital gold” or “electronic cash”. The answer is that bitcoin is both.

Bitcoin the token is like a digital form of gold. The supply is limited, it gets harder to mine over time, and it’s valuable for monetary, industrial, and creative uses. At the same time, bitcoin transactions work a lot more like cash than a credit card payment. Transactions are expensive to reverse once confirmed, requiring a certain amount of computational “force” to pry coins out of the wallet of a recipient. And with the activation of Segregated Witness just weeks away, it will soon be possible to send bitcoin transactions worth fractions of a cent. Try that with the physical cash!

Beyond bitcoin as money

The feature that makes bitcoin valuable as both “digital gold” and “electronic cash” is the security or immutability of the blockchain. The computational guarantee that transactions are expensive to reverse provides a solid foundation upon which many useful applications and “Layer 2” protocols are being built. For example, enterprises are recording hashes in the blockchain to create verifiable timestamps for valuable datasets, and engineers are registering domain name records on the blockchain to create a more secure web architecture.

Despite snickers from veteran Bitcoiners over the “blockchain not bitcoin” rhetoric that dominated the FinTech press cycles in 2015, it turns out that both camps were off the mark. Permissioned blockchains are beginning to show real utility as auditable, cryptographically-secured, shared ledgers of record between disparate parties in given industries or business ecosystems. But to really gain the benefits of the blockchain, operators of these permissioned systems are realizing that they need a common “trust layer” that can be used to resolve disputes over conflicting transaction histories.

Thus we come full circle as “blockchain not bitcoin” becomes “blockchain with bitcoin”. The bitcoin blockchain is beginning to fill that need for a neutral “trust layer” upon which distributed applications and shared ledgers are being built. Developers are beginning to “anchor” snapshots of their databases into the bitcoin blockchain so that they can compare histories over time and catch any discrepancies in their records. They are also utilizing bitcoin’s Layer 2 protocols to create secure PKI and payment systems for their applications. It’s looking more and more like there will be many blockchains secured by bitcoin.

The bitcoin network of blockchains and applications

In the not-so-distant future we will see hundreds of blockchains processing trillions of transactions and thousands of applications with billions of users, all secured by bitcoin. There will be machines sending each other nanopayments for bits of information or joules of electricity, people transferring money overseas and across the internet, and applications anchoring data to and retrieving verifiable information from the blockchain.

These interactions will happen across layers of protocols that form fractal networks to enable robust and scalable application ecosystems. Sidechains and interoperability protocols like Interledger will enable trust-minimized transfers of bitcoin across different blockchains, each with their own unique features and applications. For example, people will be able to pay for Turing-complete smart contracts with bitcoin on the Rootstock sidechain, and the Liquid sidechain will enable faster, more discreet transfers of bitcoin between exchanges and wallets. The days of using altcoins for anything but pump and dumps and niche experiments will be a distant memory.

Keep It Simple, Silly

The reasons why I believe bitcoin will be the Trust Layer of the internet and not a competing open blockchain are twofold:

  1. Bitcoin already has a massive network effect, giving it a strong lead over competitors, and
  2. The bitcoin blockchain is relatively simple, which is great from a security perspective. As computer security expert Bruce Schneier has said, “Complexity is the worst enemy of security.”

The most obvious runner-up for the “Trust Layer of the Internet” title is ethereum, a cryptocurrency that has an impressive amount of hype for how unstable the network is. To its credit, ethereum is still very much a work in progress, and the hype is more due to overzealous startups and crowdsale investors than any concerted effort on the part of the core development team. That said, while ethereum seems to have the potential to catch up to bitcoin’s network effect, by its very nature it will never compare when it comes to simplicity.

I believe that the Trust Layer of the internet demands the simplicity of bitcoin’s limited scripting language, because it is much easier to reason about when analyzing the security properties of the system. With ethereum, it is fundamentally impossible to know whether or not a contract will be deployed that could crash the nodes in the network since anything is possible with a Turing-complete scripting language.

My personal view on this is that if you need Turing-complete contracts, you can use a sidechain or permissioned blockchain for that. Then if there’s a problem, it doesn’t damage the Trust Layer, the problem is isolated to the other blockchain. The same goes for any other experimental, novel, or exotic blockchain use-case.

Due to the costs of transacting on open and decentralized blockchains at-scale, most people will choose to transact off-chain anyways. Since the scripts required to support a range of off-chain transaction security models are relatively simple, it’s reasonable to conclude that bitcoin is “good enough” to serve as the Trust Layer upon which everything else is built.

My vision for the bitcoin application stack

After watching the evolution of bitcoin and the blockchain technology ecosystem over the last few years, the stack of protocols and services that developers are using to build the next generation of digital applications is becoming more clear to me. It looks something like this:

Bitcoin as the Trust Layer of the internet

Of course, developers won’t have to use each “brick” or even each layer in the stack when building their applications. But each component will be available for building centralized and decentralized applications alike, and at the bottom of the stack sits the Trust Layer, the decentralized arbiter of truth and justice – the bitcoin blockchain.

Email is probably the most popular decentralized messaging protocol. Add yourself to my email contacts if you would like to stay in touch!