@hugohanoi - Hugo Nguyen Hugo Nguyen at @hugohanoi
44 Tweets 7 minutes, 30 seconds read

Ethereum’s BS and intellectual dishonesty. A thread. 1/

Some background: About 3 and 1/2 years ago I started looking into PoS systems and published a series of articles documenting my thoughts & findings. 2/ https://t.co/75ka8osSiP https://t.co/LQADs9hb3J

hugonguyen.medium.com/work-is-timele…

hugonguyen.medium.com/proof-of-stake…

hugonguyen.medium.com/proof-of-stake…

Since then, I haven’t paid much attention to Ethereum. Until @TuurDemeester’s and @BitMEXResearch's tweets made me curious. So I take a quick look to see what they’ve been up to. 3/

After all, it’s been more than 3 years. Ethereum people made so much money. They must have thrown billions at finding scaling solutions. Surely there must be some “progress”, right? Nope, just the same BS and more intellectual dishonesty. Let's take a look. 4/

This is one of Ethereum’s most recent articles by Georgios Konstantopoulos and Vitalik Buterin. Published on @paradigm July 20th, 2021. So just 4 months ago. 5/

paradigm.xyz/2021/07/ethere…

The article was likely prompted by concerns raised by @bergealex4 and others back in July on how broken Ethereum has become. The TL;DR is that Ethereum has a vulnerability that could enable reorgs-on-demand services. An existential threat. 6/

Here’s the abstract. It attempts to explain how Ethereum 2.0 (Gasper) will fix the reorgs-on-demand issue. 7/

It starts off with a few definitions, including something called “Finality”. BS #1: Just because you name something “final” doesn’t mean that it is actually “final” in a distributed consensus sense. It is also not “mathematically impossible” to get re-orged. 8/

More on this silly Finality concept, from Gasper’s official paper. Note the naive assumption about always being able to attribute faults to “bad actors” when shit hits the fan. 9/

arxiv.org/pdf/2003.03052…

PoS systems can have no bad actors, but will still “finalize” different things and have disastrous reorgs regardless. An example is when the network gets unexpectedly partitioned due to extraordinary circumstances. 10/

The honest thing to say, like Satoshi did, is that consensus is always probabilistic. Not throwing around a term like Finality. The use of deceptive language is a recurring theme in Ethereum and PoS. (More on this below). 11/

BS #2: Next the article compares PoW with PoS alternatives. But the table curiously lumps together Ethereum PoW and Bitcoin PoW. It then proceeds to claim reorgs are “frequent” in Nakamoto consensus (???). 12/

Bitcon’s orphan blocks have always been rare, and since 2017 _extremely rare_ (one block every few weeks), thanks to the FIBRE network. Otoh, Ethereum’s orphan rate has historically hovered around 6% or higher. 13/

By lumping together Bicoin PoW and Ethereum PoW, the authors pin the “frequent reorgs” problem on PoW. Not because of Ethereum’s own incompetence. How it intentionally chose unsafe PoW parameters that sacrifice security for speed. Quite the sleight-of-hand. 14/

The way the table is presented here is known in psychology as a priming technique. It primes the readers to be against PoW from the outset. This would have an effect on people who already have a bias against PoW, or are neutral. 15/

To emphasize this “frequent reorgs” problem, it also references a Princeton paper called the “Instability of Bitcoin Without the Block Reward”. 16/

Alas, the Princeton paper made several silly assumptions that I and others already debunked. 17/

Side note: I don’t think the @Princeton CS department intentionally attacked Bitcoin to elevate altcoins. It’s simply another case of experts in one domain underestimating interdisciplinary subjects like Bitcoin. 18/

In this case, it was Computer Scientists making highly naive assumptions about the game-theoretic nature of Bitcoin, and conflate long-term versus short-term security. 19/

Back to the article, it then describes its proposed PoS system, Gasper. The key words to notice here, and crucial to understand PoS’s weaknesses, are block “weight” and “pseudorandomly chosen” staking committees. 20/

BS #3: Making the outrageous claim that attackers “do not have a way” to beat the “honest majority of thousands of attesters”. 21/

Unlike PoW, to become attesters is cheap, rendering the whole “thousands of attesters” as toothless as AWS instances. A rich holder could split up & shuffle his stake into many pieces to get more votes. These so-called weights can be manipulated without any additional costs. 22/

BS #4: Delegating the difficult task of consensus-finding to an all-magical pseudorandom entity. In Gasper, the staking committees are chosen by a random oracle. Pay attention to the bottom footnote in this section. 23/

Because PoS does not perform any work, it must generate its randomness from somewhere else. Whereas PoW mining injects entropy (and along with it, fairness) into the system. The use of a random oracle seems like a small problem, but in reality it is the _entire_ problem! 24/

If the source of randomness isn't truly random, it can be exploited. If it is random but relies on a centralized oracle, there’s no point in having this decentralization facade. The system is simply centralized. But PoS designers very predictably hand-wave this problem away. 25/

All these concepts also sound strangely familiar. It’s because I have written about exactly the same things 3 years ago. On PoS systems like DFINITY. So much for progress. 26/

BS #5 Next comes the most ridiculous claim: PoS can achieve distributed consensus with just ~ 50% of the network being honest, which is comparable to PoW (51%), but with none of the costs. Too good to be true? Because it is. 27/

This directly contradicts all prior research that says PoS cannot be secure unless there’s a 2/3+ honest majority. If true, Vitalik & co should get a Turing Award. 28/

It does say that there are “subtle attacks” that only require ~25-49% of attesters (being dishonest). But it also claims there are “known fixes” to these problems. So convenient. Do tell us what these “known fixes” are? 29/

The only link I can find is a PR on

ethereum.org

Oh no! This “Key PR” was closed with no replacements in sight. What’s more, it was closed in March, months before this claim was made. What’s going on? So much for “known fixes”. Looks like we need to take back that Turing Award. 31/

Next paragraph: the all-powerful Finality concept strikes again. It’s amazing what a crazy person can imagine in their head by just keeping making stuff up. 32/

BS #6: The illusion of progress Like a snake that eats its own tail, here’s the typical picture of Ethereum progress: Problem X is solved by Y. But Y has this small problem Z. Z would work if somehow it goes back to X being solved. 33/

It always goes back to Finality. It always goes back to the Random Oracle. The system is always one PR away from being perfected. 34/

Let’s quickly look at some other Ethereum activities. Rollups have been trendy as of late. What are they? “Rollups are solutions that perform transaction execution outside the main Ethereum chain (layer 1) but post transaction data on layer 1.” 35/

Sounds familiar? Because it should. "Rollups" are Bitcoin’s default mode of operation: computations are never on-chain, only proofs. 36/

So after all the years of meandering, of wanting to be the “world computer”, Ethereum comes full circle, back to Bitcoin’s tried and true architecture, with tons of complexity added in the process. Are "rollups" Ethereum's acceptance of defeat? 37/

If I have free time I’ll look more into rollups and the fancy terms they throw around later. A quick glance and “optimistic rollup” already looks suspect: reframing a security issue (it’s unsafe) as an emotional issue (it’s optimistic). 38/

A note on the deceptive use of language. Finality Weak Subjectivity Inactivity Leak Optimistic Rollup and more See the pattern? These are all terms with strong inherent bias - designed to reframe or downplay issues. Pure marketing BS. 39/

These patterns of behaviors are consistent throughout the years, going back to Vitalik’s project just before Ethereum: the quantum computer vaporware. The dude is 27 year-old and has been doing this for 7+ years, you can’t no longer chalk it up to naivety or innocence. 40/

Another one for good measure (and laugh). BS #8: Ethereum tech lead frames “looking up past balances” as stalking (?!) behavior. Hmm... 41/

BS #9: Or implying 175GB of Ethereum chain data is a fair comparison against a Bitcoin full node. It’s not. 175GB is just garbage data without any verification. 42/

I consider Ethereum the mother of all scams in this space, so it will always deserve its own special walk of shame. Yet this is the kind of BS that VCs like @a16z & @paradigm are promoting to millions of people. Whether it’s ignorance or willful malice, only they will know. 43/

author avatar
Followers 13.7k Following 1.6k
Twitter : @hugohanoi
Top