Hackers infect Facebook Messenger users with malware that secretly mines bitcoin alternative monero

Cybercriminals are using  Messenger to infect computers with malware that mines cryptocurrency. 

Security researchers the Trend Micro cyber security firm said “Digmine” is targeting as many machines as possible, in order to earn monero – an alternative to bitcoin – for its creators 

It could also help cyber criminals completely take over a Facebook account, the researchers added. 

The bot was detected by cyber security firm Trend Micro, which says “Digimine” is designed to look like a video file.  

Bitcoin, Litecoin, Ethereum and all other major cryptocurrencies crash

It only works when it is spread via the desktop version of Messenger, on Google Chrome. If you open it through Messenger on another platform, such as a mobile phone, Digmine won’t function as it is supposed to. 

However, it can still be considered very dangerous. As well as having the potential to let hackers take over your account, it can also slow your computer down and use your Facebook account to target your friends.

“If the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account’s friends,” the researchers said. 

“The abuse of Facebook is limited to propagation for now, but it wouldn’t be implausible for attackers to hijack the Facebook account itself down the line.”

Security experts recently told The Independent that bitcoin’s rapid recent rise in value might be making unsuspecting computer users more vulnerable to hackers.

It has led to more and more machines being secretly infected with malware that is designed to help cyber criminals “mine” for cryptocurrencies.

“The increasing popularity of cryptocurrency mining is drawing attackers back to the mining botnet business,” said Trend Micro. 

“And like many cybercriminal schemes, numbers are crucial — bigger victim pools equate to potentially bigger profits. The fact that they’re piggybacking on popular platforms such as social media to spread their malware is unsurprising.”

11 useful Facebook features you didn’t know existed

11 useful Facebook features you didn’t know existed

    • Clean up your News Feed

      Most of us are Facebook friends with some people we don’t actually care about, and there are several ways to keep their updates off your News Feed. The easiest option is to head to the column on the left and open News Feed Preferences. From here, you can prioritise friends, unfollow friends, refollow friends you unfollowed in the past and even block specific apps.

    • Change ad preferences

      You can view a list of everything Facebook thinks you’re into and tinker with your ad preferences. A lot more information is displayed on the desktop site than the app, so we’d recommend doing this on a computer. Just open Settings and select Advert Preferences.

    • Manage notifications

      You can get notifications about pretty much anything on Facebook these days, and that can be seriously irritating. Choose what you do and don’t want to be notified about by going into the Settings menu and selecting Notifications. You might be surprised by the number of sections you have to trawl through.

    • Save data

      Facebook automatically plays videos in your News Feed, and that’s a problem if you aren’t on a generous data plan. You can change this by going to Videos in the Settings menu and disabling autoplay. On the app, there’s feature in the left-hand column called Data Saver, which also does this, but reduces the size of pictures too.

    • Reorder your News feed

      You can choose to order the updates that appear in your News Feed by time or importance. Just hit the three buttons next to News Feed Preferences on the Facebook site and choose between Top Stories and Recent Stories.

    • Download your data

      Facebook lets you download all of the immense amounts of data it has on you, including the posts you’ve shared, your messages and photos, ads you’ve clicked on and even the IP addresses that are logged when you log in or out of the site. It’s a lot of information, which you’ll want to get your hands on if you decide to quit the social network.

    • Find nearby places

      Nearby Places is actually a really handy tool, which lets you quickly find and research things like restaurants, hotels, museums and nightlife hotspots around you. It lives in the left-hand column, and also shows useful information like customer ratings, prices and distance.

    • Find free Wi-Fi

      Similarly, Find Wi-Fi is ideal for when you’re bored, running low on data or lost. It shows you all the places in your vicinity that offer free Wi-Fi, so you can head over and either relax or get some work done.

    • Save things for later

      Facebook’s ideal for killing time, but every now and again you’ll stumble across something you’re interested in right as you need to put your phone away. Fortunately, you can save posts for later by hitting the arrow in the top-right corner and selecting the Save option. Everything you save goes straight to the Saved section in the left-hand column.

    • Control tags

      When people tag you in posts or pictures, they don’t have to automatically appear on your profile. You can switch on Facebook’s Review Tags feature by going to Settings and Timeline and Tagging.

    • Delete your account

      To permanently delete your Facebook account, you need to head to Facebook’s Delete Account page. The site can take up to 90 days to process account deletion requests, but once your account’s gone, it’s gone. You can deactivate your account instead, by going to Security and Login in the Settings menu.

    The researchers the malware has infected people in South Korea, Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand and Venezuela, but “it’s not far-off for Digmine to reach other countries given the way it propagates”.

    They have alerted Facebook to the malware. 

    The social media giant said: “We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook and in Messenger. If we suspect your computer is infected with malware, we will provide you with a free anti-virus scan from our trusted partners. 

    “We share tips on how to stay secure and links to these scanners on facebook.com/help.”

    • More about:

    Reuse content

    This content was originally published here.

    Canada trialing use of Ethereum blockchain to enhance transparency in govt funding – National

    The Canadian government has launched a trial to explore the use of  technology in making government research grant and funding information more transparent to the public.

    For the trial, the National Research Council (NRC) is using the Catena Blockchain Suite, a Canadian-made product built on the Ethereum blockchain, to publish funding and grant information in real time.

    When the NRC creates or amends a grant, the pertinent information is stored on the Ethereum blockchain, and posted on an online database that Canadians can peruse.

    READ MORE: Federal government exploring ‘blockchain’ technology to boost innovation economy

    “Blockchains provide the ultimate in transparency and trust, making this technology a brave new world for organizations that strive to conduct transparent business,” the NRC said in a blog post.

    “These are early days yet, but the experiment is expected to provide constructive insight into the potential for blockchain technology and how it may be used for more open and transparent function of public programs.”

    What is the Ethereum blockchain?

    As the NRC website explains, “On the simplest level, blockchains are public ledgers that record transactions shared among many users. Once data is entered on a blockchain, it is secure and unalterable, and provides a permanent record.”

    The high level of security comes from storage of data in encrypted blocks that are decentralized, or stored on a network of computers around the world. This combination of encryption and decentralization ensures that data is practically impenetrable.

    The most well-known manifestation of blockchain technology is Bitcoin, a digital currency that stores all transactions and amounts on a decentralized public ledger. But while Bitcoin’s meteoric rise has garnered it much hype, its utility pales in comparison to Ethereum.

    WATCH: Bitcoin 101 for Canadians: a beginner’s guide to the digital currency

    Whereas Bitcoin is a digital currency, Ethereum is an entire blockchain-based platform whose operations are fueled by the cryptocurrency token Ether. Ethereum’s usefulness stems from its ability to run smart contracts, which are coding operations that make it possible to exchange money or data in a transparent and secure manner.

    READ MORE: Bitcoin’s profitability dwarfed by cryptocurrency rivals Ripple, Ethereum

    The Ethereum platform even comes complete with its own programming language, allowing developers to build applications and services that use its blockchain. The Catena Blockchain Suite, built by Ottawa-based company Bitaccess, is one such application.

    How is the NRC using the Ethereum blockchain?

    Every time the NRC gives a grant to a company or individual, it shares that information with Bitaccess, which stores the data on the secure and tamper-proof Ethereum blockchain. Individual grant information is then posted online.

    Canadians can peruse grant information by monetary value, date, recipient and region. They can also verify grant information by clicking on the Transaction ID link, which takes them to the unique transaction listing on the online Ethereum transaction database Etherscan.io.

    As of Saturday, Jan. 20, the biggest grant listed on the database was an $11,849,901 contribution to an industry R&D project at Ryerson University.

    READ MORE: Quebec poised to become bitcoin mining hub as China cracks down on energy-sapping miners

    The initiative should come as music to the ears of Ethereum’s 23-year-old Russian-Canadian inventor Vitalik Buterin.While much of the talk surrounding the rise of cryptocurrencies has centred on their profit-making potential (the value of the Ether token has risen by over 10,000 per cent in the last one year), Buterin, who invented Ethereum in 2015 aged 19, has been keen to stress the larger mission behind the technology — his website and Twitter timeline frequently refer to the use of Ethereum to distribute power and trust among the masses, rather than focus them on traditional power brokers such as government and banks.

    Ethereum’s inventor Vitalik Buterin speaks during the TechCrunch Disrupt 2017 event in San Francisco, California, U.S., Sept. 18, 2017.

    David Paul Morris/Bloomberg via Getty Images

    On one occasion, he shared an article discussing the use of Ethereum by the UN and European Union to monitor refugee populations and funding, while maintaining that the use of the technology by governments doesn’t necessarily run contrary to the aim of decentralization.

    In November, Buterin tweeted out a poll asking his half a million followers to vote on which institutions they would most like to see adopt blockchain storage.

    With 44 per cent of the vote, the “government” option easily won out.

    This content was originally published here.

    Bitcoin, Ethereum, Ripple, cryptocurrency prices fall on January 16

    bitcoinMarkets Insider

    • The 10 biggest cryptocurrencies by market capitalisation are falling on Tuesday morning.
    • Declining Japanese and South Korean trading volumes blamed for spooking the market.
    • Cryptocurrencies surged in 2017 but have been marked by volatility so far this year.
    • Meanwhile, independent financial advisor deVere plans to launch a crypto app.

    LONDON — The 10 biggest cryptocurrencies by market capitalisation are plunging on Tuesday morning, with all suffering double-digit percentage losses.

    Bitcoin fell as much as 14% in early trade, breaking through both $13,000 and $12,000 levels, but has recovered slightly since then. The decline appears to have spooked the market, with other coins selling off in at the same time.

    Here’s the scoreboard as of 10.30 a.m. GMT (5.30 a.m. ET) and per Markets Insider:

    1. Bitcoin is down 12.9% against the dollar to $11,860.01;
    2. Bitcoin Cash is down 17.3% to $1,971.70;

    Cryptocurrencies have experienced a volatile start to 2018 after a huge rally last year.

    Increased regulatory scrutiny from South Korea has dampened sentiment in the sector. Mati Greenspan, an analyst at trading platform eToro, said declining volumes from Japan and South Korea appeared to be behind Tuesday morning’s sell-off.

    Crypto prices in these markets typically carry a premium, which pushes up average prices globally. Traders in these Asian markets are generally buyers too, meaning that a tailoff in activity could create a big mismatch in buyers and sellers.

    “The volumes have been declining steadily both in Japan and South Korea over the last few days,” Greenspan told Business Insider. “This morning, the combined volume from these two top cryptotrading countries dropped below 30%. Looks like they’re tired of overpaying for cryptos and waiting for the market to even out.”

    Neil Wilson, a senior analyst at ETX Capital, said in an email on Tuesday morning: “Bitcoin faces a regulatory crunch sooner or later and increasingly we see signs of this starting to bite following South Korea’s tentative plans to ban trading on cryptocurrencies and China’s move to shutter mines. Latest developments suggest more regulatory pressures.

    “China is said to be targeting websites and mobile apps that offer exchange-like services, in a bid to block access to platforms that deliver centralised trading on cryptocurrencies. In addition to developments in China, South Korean Finance Minister Kim Dong-yeon reiterated on Tuesday that the government is actively considering an outright ban on crypto trading.”

    Elsewhere in the cryptocurrency space, deVere Group, an independent financial advisor with $12 billion under advisement, announced plans to launch its own cryptocurrency app. DeVere Crypto will let people store, transfer and exchange five major cryptocurrencies, including bitcoin and ethereum.

    DeVere’s CEO and founder Nigel Green said in a statement: “Traditionalists who declare cryptocurrencies ‘a fad’ are akin to King Canute trying to command the tides of the sea to go back.

    “DeVere Crypto is designed to meet the growing need and want to store and transfer cryptocurrencies. It’s meeting the evident demand.”

    EXCLUSIVE FREE REPORT:
    The Bitcoin 101 Report by the BI Intelligence Research Team.
    Get the Report Now »

    NOW WATCH: A crypto expert explains the difference between the two largest cryptocurrencies in the world: bitcoin and Ethereum

    This content was originally published here.

    Institutional Finance Update: Leveraging Digital Technologies, Using Blockchain for Climate Action and Sustainable Development

    5 September 2018: Discussions in recent months have explored how emerging technologies such as blockchain and digitalization processes could serve the implementation of the SDGs and the Paris Agreement on climate change. In August, the World Bank launched a blockchain-operated US$110 million bond, with potential impacts on carbon market trading. Other multilateral institutions have stressed the potential of digitalization technologies for sustainable development. The UNFCCC issued a report that assesses financing climate technology entrepreneurship and actions needed to support overcoming specific challenges in developing countries.

    UNFCCC Urges Support for Climate Action through Climate Technology Incubators and Accelerators

    Innovation can speed up and scale up national efforts to address climate change. But how can innovation be supported to the point that positive social and environmental impacts can be realized, especially in developing countries? This question is addressed in a report by the UNFCCC Technology Executive Committee (TEC), the Climate Technology Centre and Network (CTCN) and the Green Climate Fund (GCF) titled, ‘Climate Technology Incubators and Accelerators.’ The report identifies the need for finance for entrepreneurial activities, and strengthened support systems, along with enhanced linkages to climate technology markets.

    With government support, incubators offer entrepreneurs a physical location and a range of services, including business, marketing, technical and networking, for a few years. They also link entrepreneurs to sources of finance and investment. Accelerators, traditionally more focused on high technology, offer entrepreneurs mentoring, peer review and skills transfer for a shorter period of a few months, in exchange for taking a small percentage shareholding in the resulting venture.

    The report notes that, of an estimated 2,000 technology incubators and 150 accelerators worldwide, only a limited number, fewer than 70, are climate technology incubators and accelerators, of which only 25 are in developing countries. The report outlines existing challenges for innovation in climate technologies, which are largely capital intensive and of a risky nature. In addition, developing countries lack access to non-dilutive low-cost capital. To overcome these challenges, the report presents a list of key actions in the areas of: supporting developing countries in building and strengthening entrepreneurial ecosystems to unlock financing; crowding in private finance and developing financial instruments that reduce risks and opportunity costs for local public and private financial institutions; and exploring new incubation models aiming for financial sustainability. [Climate Technology Incubators and Accelerators] [SDG Knowledge Hub Update on Executive Summary of the Report]

    Using Blockchain Technology for Climate Action and Sustainable Development

    Earlier this year, expert discussions on the use of blockchain technology to improve carbon emission and clean energy trading, climate finance flows, and monitoring and reporting of greenhouse gas (GHG) emission reductions took place during the Bonn climate talks in May. In July, UNFCCC Collaboration Centres for the Latin America and the Caribbean Region and the Regional Platform for Low Emission Resilient Development Strategies (LEDS LAC) continued discussions by holding a webinar, in Spanish, on how blockchain technology is driving global climate action in Latin America. [UNFCCC Press Release] [LEDS LAC Webinar (in Spanish)]

    GCF provides financial support to Bhutan’s Gross National Happiness Commission, the country’s National Designated Authority.

    The World Bank issued bond-i, a two-year US$110 million bond fully managed using the blockchain technology. The launch followed from an Innovation Lab assessment on the impact of blockchain and other disruptive technologies for development, specifically in areas such as land administration, supply chain management, health, education, cross-border payments and carbon market trading. The Commonwealth Bank of Australia is the lead manager of the bond. [World Bank Press Release]

    IDB Supports Digitalization of Ecuador’s Electric System

    The Inter-American Development Bank (IDB) approved a US$100 million loan to help Ecuador improve the reliability of its electric system. The loan is for a 25-year term, with a 5-year disbursement period, a 7.5-year grace period and a LIBOR-based interest rate. Ecuador will use the loan to implement projects that aim at strengthening national transmission and distribution systems, including through equipment renewal and digitalization.

    The funds will also support projects to boost environmental waste management capabilities and institutional strengthening to improve energy prospecting and analysis. In addition, some of the finance will help implement a Gender Action Plan for the electricity sector, including actions to reinforce gender equality in the areas of policy formulation and project planning, generation and management. [IDB Press Release]

    Advancing Clean Energy in India through Capital Investment and Partnerships

    The most important challenge in the rooftop solar photovoltaics (PV) sector is investment support through concessional funding sources, according to a joint study by PricewaterhouseCoopers Pvt Ltd, India, and Climate Investment Funds (CIF). The report titled, ‘Rooftop Solar PV in India: Looking Back, Looking Ahead,’ presents experiences in the rooftop solar PV sector from China, Germany and the US, and assesses India’s growth potential in the sector. Specific attention is given to market evolution in these countries, their respective target markets, business models and financing instruments, as well as key challenges. The report concludes by outlining projected scenarios for India’s rooftop solar PV sector and capital investment required to support its growth. [Rooftop Solar PV in India: Looking Back, Looking Ahead] [CIF Press Release]

    The US-India Clean Energy Finance (USICEF) initiative signed on Tata Cleantech Capital Limited (TCCL), a joint venture between Tata Capital and the International Finance Corporation (IFC), as a new partner to finance and deploy high impact development projects that support clean energy access in underserved regions in India.

    USICEF is a partnership between the Indian Ministry of New and Renewable Energy, the Overseas Private Investment Corporation (OPIC) and a consortium of foundations. It provides project preparation support to catalyze long-term debt financing for distributed solar power from a range of financial institutions. Climate Policy Initiative (CPI), which serves as the Program Manager of USICEF, leverages public and philanthropic funds to catalyze private investment in distributed clean energy in India. [CPI Press Release]

    Leveraging Digital Technologies for Development in Asia-Pacific

    During the Digital Development Forum 2018, held at the Asian Development Bank (ADB) headquarters in Manila, Philippines, the Bank announced that it will deliver integrated solutions in the areas of smart cities, e-government and e-commerce, while implementing digital reforms within the institution itself. ADB reported on projects already underway with a focus on reliable information and communication technology (ICT) infrastructure, skilled human resources, and enabling policies and regulatory environments. [ADB Press Release]

    GCF Supports Climate Action in Pacific, Bhutan

    During its Second Structured Dialogue with the Pacific, held in August in Pohnpei, Micronesia, GCF strengthened partnerships with key stakeholders in the region.

    Pacific island countries have successfully engaged with GCF, with nine projects approved to date, as well as 19 readiness projects supporting the capacity of countries to respond to the climate change challenge. Countries in the region have also submitted an additional 18 projects for consideration in future GCF Board meetings. At the Dialogue, countries presented the goal of submitting 64 additional project proposals. [GCF Press Release]

    The Government of Bhutan and the GCF scoping mission convened a number of meetings, including a national structured dialogue, aimed at identifying ways for climate finance to help bolster national climate action.

    Bhutan is developing its 12th five-year plan to strengthen, among others, its progress on low-emission and climate-resilient development. For this task, Bhutan is using the GCF country programme, which summarizes a climate action agenda and planned activities with the Fund. GCF provides financial support directly to the country’s National Designated Authority (NDA), the Gross National Happiness Commission. Bhutan is receiving US$400,000 in GCF readiness support to assist its engagement with the Fund. GCF is also in the final stages of approving a US$3 million National Adaptation Plan (NAP) for Bhutan, with a focus on the water sector.

    The SDG Knowledge Hub publishes monthly climate finance updates, which largely focus on multilateral financing and cover, inter alia, mitigation and adaptation project financing news and lessons, institutional events and news, and latest developments in carbon markets and pricing. Past climate finance updates can be found under the tags: Finance Update: Climate Change; and Finance Update: Sustainable Energy.

    This content was originally published here.

    How private is Monero (XMR)? Focus on privacy coins – Crypto Recorder

    The discussion surrounding privacy oriented coins is not slowing down anytime soon. These coins ensure that user activities are not only hidden from the public eye but also untraceable. Governments are aware of privacy-focused coins and to be frank, most of them do not like this idea at all. Cryptocurrency exchanges in Japan have been delisting privacy coins in order to avoid conflict with the regulatory body in the country, the Financial Services Agency (FSA).

    The number of anonymous coins continues to increase in the cryptocurrency industry. Users are slowly becoming aware that most blockchains leave their transactions and details online to be viewed by any interested party. However, some people would rather have these details away from the public not because they are running illegal activities but they feel safe knowing that no one is tracking their operations. It is unfortunate that anonymous coins first became a preferred option for criminals. The situation tainted not only privacy coins but also other cryptocurrencies like Bitcoin (BTC). The crypto industry is slowly but steadily redeeming itself from this criminal notion.

    Anonymous coins like Monero (XMR) cryptographically hide the number of coins that a user sent, received or owns. They are untraceable and cannot be linked by using transaction history via the blockchain. They also ensure fungibility by making sure that all the coins are of the same value and are mutually interchangeable. In addition to that, they are decentralized in a way that all the nodes on the protocol have equal powers as well as control and no authority single-handedly creates the currency. Other privacy-focused coins in the industry include Dash (DASH), Zcash (ZEC), and Verge (XVG) among others.

    Monero (XMR)

    Monero is said to be cryptographically anonymous by default. This is because it utilizes various privacy features. Significantly, stealth address and the ring confidential transactions (RingCT) are top on the list of the features that make Monero private.

    Stealth Addresses

    On the Monero protocol a user can receive payments via a single address. However, the blockchain ensures that links between the user’s address and other people addresses are non-existent. This complex process employs what is known as stealth addresses. In this case, a random one-time address is automatically developed for every transaction done by the sender. This means that all the payments sent to a user are directed to unique addresses on the protocol. In the end, there are no links to other addresses on the blockchain and the recipient remains masked from public scrutiny.

    Ring Signatures come in handy in a situation where the recipient of the coins moves the funds. Ring Signatures mask all the outputs on Monero blockchain ensuring untraceability to the original sender. The outputs are grouped in other transactions on the protocol, this obfuscates the transactions that are being sent and in turn creating a situation of plausible deniability.

    Ring Confidential Transactions (RingCT)

    This technology was introduced by Monero (XMR) in January of last year. It was an improvement of the ring signatures. The new improved version included confidential transactions that cryptographically hide the amount of funds being sent but at the same time, verifying the transaction amount. The details of the transaction remain concealed. Read more on ring confidential transactions (RingCT) here.

    At the time of writing Monero is trading at $135.84 following a 12.75% jump in the last 24 hours. XMR/USD recently traded below $100.00 but found a support at $80.00 before the bulls entered. Monero (XMR) is currently testing $140 but supported at $120 and $95.00.

    This content was originally published here.

    Top 5 Crypto Performers Overview: Stellar, Bitcoin Cash, Cardano, Dash, Monero

    The views and opinions expressed here are solely those of the author and do not necessarily reflect the views of Cointelegraph.com. Every investment and trading move involves risk, you should conduct your own research when making a decision.

    The market data is provided by the HitBTC exchange.

    The crypto markets are showing the first signs of bottoming out. Most cryptocurrencies are well above their yearly lows and are starting new uptrends. Every bull phase has a new set of leaders. Therefore, it is important to note the digital currencies that are pulling the market higher, as these are the ones that are likely to outperform during the move upwards.

    Bitcoin’s (BTC) dominance continues to drop gradually since reaching a high of about 57.80 percent in mid-September. This shows that the market participants are loading up on altcoins. However, a new bull phase cannot start without support from the leading cryptocurrency.

    The good news regarding Bitcoin is that it has stopped falling and is gradually moving higher. Its volume topped $11 billion over the 24-hour period on March 15, a level not seen since April 25 of last year. This shows that market participants are gradually turning bullish on the leading cryptocurrency.

    As the crypto universe emerges from its prolonged bear phase, there will be periods when Bitcoin will lead and other times when altcoins will lead. So, traders should change their strategy accordingly.

    XLM/USD

    Stellar (XLM) is the best performing major cryptocurrency of the past week. It rallied on the back of favorable news, as Coinbase Pro announced support for Stellar on March 13. This move will likely eventually lead to full support on Coinbase’s other platforms. The appointment of Denelle Dixon, former chief operating officer at Mozilla, as the CEO and executive director of Stellar Development Foundation also served as bullish news.

    Additionally, IBM’s push to create a stablecoin targeting blockchain-powered cross-border payment solutions for banks involves a partnership with the altcoin in the form of Blockchain World Wire. The question is, can this adoption and development-based rally continue or will it hit a roadblock ahead? Let’s take a look at the charts.

    The XLM/USD pair is in a downtrend. Both the moving averages are still down and the RSI is in the negative zone. Currently, it is attempting to pullback from the lows, which will face resistance at $0.14861760 and above it at the downtrend line.

    We are yet to see a higher high and a higher low being formed, which will indicate that the downtrend is over. Therefore, for long-term investors, we don’t see any reliable buy setups yet. If the pair turns down from the 20-week EMA, it will again attempt a breakdown to new lows.   

    BCH/USD

    Bitcoin Cash (BCH) was the second-best performer for the week, rising about 15 percent. Though there was apparently no specific news driving prices higher, the digital currency has a history of vertical rallies and waterfall declines. Let’s see where it goes from here.

    After many small range weeks, the BCH/USD pair is looking to move up. The current move is likely to carry it to the 20-week EMA, which is just below the horizontal resistance of $239. If the bulls succeed in breaking out of $239, we anticipate the pair to pick up momentum and rally to $400. The digital currency has a history of sharp rallies; hence, the target might surprise to the upside.

    Contrary to our assumption, if the cryptocurrency turns down from $239, it might extend its stay in the range for a few more weeks. It will turn negative if the bears sink the price below $105.

    ADA/USD

    Cardano (ADA) announced this week that it will be one of the founding members of the  European Commission’s International Association for Trusted Blockchain Applications. The association is an effort to identify the improvements blockchain technology can bring to various industries and formulate a common approach for the European Union.

    The ADA/USD pair has been range bound between $0.036815 and $0.051468. We like it when a digital currency forms a large basing pattern after a prolonged downtrend. Previous attempts to breakout or breakdown of the range did not find any takers.

    Currently, the bulls are trying to breakout of the range once again. The 20-week EMA is just above this level, which might also act as a roadblock. If the digital currency scales above the 20-week EMA, we anticipate a quick rally to $0.082952 and above it to $0.094256. Therefore, traders can buy on a weekly close (UTC time frame) above $0.051468 and keep a stop loss of $0.0350.

    Opposite to our expectations, if the digital currency turns down from the current levels, it will extend it stay in the range for a few more weeks. A breakdown of the range will be a negative sign that can result in a retest of the lows, below which the downtrend will resume.

    DASH/USD

    Dash (DASH) has been making huge inroads in Venezuela as the citizens look at various available avenues to deal with the unstable Bolivar and foreign sanctions, which threaten to derail SWIFT, Visa and MasterCard services. Dash Text has come up with a charity system that is devoid of any human third-party intervention. The donations are directly distributed among the pool of recipients. In other news, Equicex Group, the provider of privacy-focused debit cards, has decided to integrate Dash, which increases the options available for Dash users.

    The DASH/USD pair continues to trade between $56.214 and $103.261. The bulls are attempting to push prices above the resistance of the range. The 20-week EMA is placed just below $103.261 levels. We expect the bears to defend this resistance. If the price turns down, then the consolidation will stretch out for a few more weeks. The trend will turn negative if the bears sink the digital currency below the range.

    Conversely, if the bulls succeed in breaking out of the overhead resistance, it can move towards the next levels of $175 and $224. Aggressive traders can buy a breakout and weekly close (UTC time frame) above $103.261. The initial stop loss can be kept at $56 that can be quickly raised if the price moves northwards or fails to build upon gains following the breakout.

    XMR/USD

    In Monero (XMR) news, the altcoin completed a hard fork on March 09 that will help improve its privacy, security and ASIC resistance. Following the update, the hash rate of the Monero network plunged by about 90 percent from 1.14Gh/s to 162.14Mh/s. Additionally, two new Monero trading pairs were added by top global exchange Binance. Given these developments, the cryptocurrency came out this week as the fifth best performer. Can it improve upon its performance?

    The bulls are attempting to carry the XMR/USD pair above the resistance of the range at $60.1470 and the 20-week EMA at $62.50. If successful, a quick rally to $81, followed by a move to $114.840 is probable. The long-term target is $150.

    Traders can buy on a close above $62.5 and keep a stop loss of $38, which is just below the bottom of the range. As the price moves higher, we would suggest trailing the stops higher to reduce risk.

    On the other hand, if the price turns down from the overhead resistance, the virtual currency will remain range bound for a few more weeks. The trend will turn negative on a breakdown of the current range.

    Market data is provided by theHitBTC exchange. Charts for analysis are provided by TradingView.

    This content was originally published here.

    A hacker stole $31M of Ether — how it happened, and what it means for Ethereum

    Yesterday, a hacker pulled off the second biggest heist in the history of digital currencies.
    Around 12:00 PST, an unknown attacker exploited a critical flaw in the Parity multi-signature wallet on the Ethereum network, draining three massive wallets of over $31,000,000 worth of Ether in a matter of minutes. Given a couple more hours, the hacker could’ve made off with over $180,000,000 from vulnerable wallets.
    But someone stopped them.
    Having sounded the alarm bells, a group of benevolent white-hat hackers from the Ethereum community rapidly organized. They analyzed the attack and realized that there was no way to reverse the thefts, yet many more wallets were vulnerable. Time was of the essence, so they saw only one available option: hack the remaining wallets before the attacker did.
    By exploiting the same vulnerability, the white-hats hacked all of the remaining at-risk wallets and drained their accounts, effectively preventing the attacker from reaching any of the remaining $150,000,000.
    Yes, you read that right.
    To prevent the hacker from robbing any more banks, the white-hats wrote software to rob all of the remaining banks in the world. Once the money was safely stolen, they began the process of returning the funds to their respective account holders. The people who had their money saved by this heroic feat are now in the process of retrieving their funds.
    It’s an extraordinary story, and it has significant implications for the world of cryptocurrencies.
    It’s important to understand that this exploit was not a vulnerability in Ethereum or in Parity itself. Rather, it was a vulnerability in the default smart contract code that the Parity client gives the user for deploying multi-signature wallets.
    This is all pretty complicated, so to make the details of this clear for everyone, this post is broken into three parts:

    1. What exactly happened? An explanation of Ethereum, smart contracts, and multi-signature wallets.
    2. How did they do it? A technical explanation of the attack (specifically for programmers).
    3. What now? The attack’s implications about the future and security of smart contracts.

    If you are familiar with Ethereum and the crypto world, you can skip to the second section.

    1. What exactly happened?

    There are three building blocks to this story: Ethereum , smart contracts , and digital wallets .
    Ethereum is a digital currency invented in 2013 — a full 4 years after the release of Bitcoin. It has since grown to be the second largest digital currency in the world by market cap — $20 billion, compared to Bitcoin’s $40 billion.
    Like all cryptocurrencies, Ethereum is a descendant of the Bitcoin protocol, and improves on Bitcoin’s design. But don’t be fooled: though it is a digital currency like Bitcoin, Ethereum is much more powerful.
    While Bitcoin uses its blockchain to implement a ledger of monetary transactions, Ethereum uses its blockchain to record state transitions in a gigantic distributed computer. Ethereum’s corresponding digital currency, ether, is essentially a side effect of powering this massive computer.
    To put it another way, Ethereum is literally a computer that spans the entire world . Anyone who runs the Ethereum software on their computer is participating in the operations of this world-computer, the Ethereum Virtual Machine (EVM). Because the EVM was designed to be Turing-complete (ignoring gas limits), it can do almost anything that can be expressed in a computer program.
    Let me be emphatic: this is crazy stuff . The crypto world is ebullient about the potential of Ethereum, which has seen its value skyrocket in the last 6 months.
    The developer community has rallied behind it, and there’s a lot of excitement about what can be built on top of the EVM — and this brings us to smart contracts.
    Smart contracts are simply computer programs that run on the EVM. In many ways, they are like normal contracts, except they don’t need lawyers or judges to interpret them. Instead, they are compiled to bytecode and interpreted unambiguously by the EVM. With these programs, you can (among other things) programmatically transfer digital currency based solely on the rules of the contract code.
    Of course, there are things normal contracts do that smart contracts can’t — smart contracts can’t easily interact with things that aren’t on the blockchain. But smart contracts can also do things that normal contracts can’t, such as enforce a set of rules entirely through unbreakable cryptography.
    This leads us to the notion of wallets . In the world of digital currencies, wallets are how you store your assets. You gain access to your wallet using essentially a secret password, also known as your private key ( simplified a bit ).
    There are many different types of wallets that confer different security properties, such as withdrawal limits. One of the most popular types is the multi-signature wallet.
    In a multi-signature wallet, there are several private keys that can unlock the wallet, but just one key is not enough to unlock it. If your multi-signature wallet has 3 keys, for example, you can specify that at least 2 of the 3 keys must be provided to successfully unlock it.
    This means that if you, your father, and your mother are each signatories on this wallet, even if a criminal hacked your mother and stole her private key, they could still not access your funds. This leads to much stronger security guarantees, so multi-sigs are a standard in wallet security.
    This is the type of wallet the hacker attacked.
    So what went wrong? Did they break the private keys? Did they use a quantum computer, or some kind of cutting-edge factoring algorithm?
    Nope, all the cryptography was sound. The exploit was almost laughably simple: they found a programmer-introduced bug in the code that let them re-initialize the wallet, almost like restoring it to factory settings. Once they did that, they were free to set themselves as the new owners, and then walk out with everything.

    2. How did this happen?

    What follows is a technical explanation of exactly what happened. If you’re not a developer, feel free to skip to the next section, since this is going to be programming-heavy.
    Ethereum has a fairly unique programming model. On Ethereum, you write code by publishing contracts (which you can think of as objects), and transactions are executed by calling methods on these objects to mutate their state.
    In order to run code on Ethereum, you need to first deploy the contract (the deployment is itself a transaction), which costs a small amount of Ether. You then need to call methods on the contract to interact with it, which costs more Ether. As you can imagine, this incentivizes a programmer to optimize their code, both to minimize transactions and minimize computation costs.
    One way to reduce costs is to use libraries. By making your contract call out to a shared library that was deployed at a previous time, you don’t have to re-deploy any shared code. In Ethereum, keeping your code DRY will directly save you money.
    The default multi-sig wallet in Parity did exactly this. It held a reference to a shared external library which contained wallet initialization logic. This shared library is referenced by the public key of the library contract.


    // FIELDS
    address constant _walletLibrary = 0xa657491c1e7f16adb39b9b60e87bbb8d93988bc3;

    The library is called in several places, via an EVM instruction called DELEGATECALL , which does the following: for whatever method that calls DELEGATECALL , it will call the same method on the contract you’re delegating to, but using the context of the current contract. It’s essentially like a super call, except without the inheritance part. (The equivalent in JavaScript would be OtherClass.functionName.apply(this, args) .)
    Here’s an example of this in their multi-sig wallet: the isOwner method just delegates to the shared wallet library’s isOwner method, using the current contract’s state:


    function isOwner(address _addr) constant returns (bool) {
    return _walletLibrary.delegatecall(msg.data);
    }

    This is all innocent enough. The multi-sig wallet itself contained all of the right permission checks, and they were sure to rigorously enforce authorization on all sensitive actions related to the wallet’s state.
    But they made one critical mistake.
    Solidity allows you to define a “fallback method.” This is the method that gets called when there’s no method that matches a given method name. You define it by not giving it a name:


    function() {
    // do stuff here for all unknown methods
    }

    The Parity team decided to let any unknown method that sent Ether to the contract just default to depositing the sent Ether.


    function() payable {
    // payable is just a keyword that means this method can receive/pay Ether


    if (msg.value > 0) {
    // just being sent some cash?
    Deposit(msg.sender, msg.value);
    } else {
    throw;
    }
    }

    But they took it a step further, and herein was their critical mistake. Below is the actual code that was attacked .


    function() payable {
    // just being sent some cash?
    if (msg.value > 0)
    Deposit(msg.sender, msg.value);
    else if (msg.data.length > 0)
    _walletLibrary.delegatecall(msg.data);
    }

    Basically:

    • If the method name is not defined on this contract…
    • And there’s no ether being sent in the transaction…
    • And there is some data in the message payload…

    Then it will call the exact same method if it’s defined in _walletLibrary , but in the context of this contract.
    Using this, the attacker called a method called initWallet() , which was not defined on the multisig contract but was defined in the shared wallet library:


    function initWallet(address[] _owners, uint _required, uint _daylimit) {
    initDaylimit(_daylimit);
    initMultiowned(_owners, _required);
    }

    Which calls the initMultiowned method…


    function initMultiowned(address[] _owners, uint _required) {
    m_numOwners = _owners.length + 1;
    m_owners[1] = uint(msg.sender);
    m_ownerIndex[uint(msg.sender)] = 1;
    for (uint i = 0; i < _owners.length; ++i)
    {
    m_owners[2 + i] = uint(_owners[i]);
    m_ownerIndex[uint(_owners[i])] = 2 + i;
    }
    m_required = _required;
    }

    Do you see what just happened there? The attacker essentially reinitialized the contract by delegating through the library method, overwriting the owners on the original contract. They and whatever array of owners they supply as arguments will be the new owners.
    Given that they now control the entire wallet, they can trivially extract the remainder of the balance. And that’s precisely what they did.
    The initWallet: https://etherscan.io/tx/0x707aabc2f24d756480330b75fb4890ef6b8a26ce0554ec80e3d8ab105e63db07
    The transfer: https://etherscan.io/tx/0x9654a93939e98ce84f09038b9855b099da38863b3c2e0e04fd59a540de1cb1e5
    So what was ultimately the vulnerability? You could argue there were two. First, the initWallet and initMultiowned in the wallet library were not marked as internal (this is like a private method, which would prevent this delegated call), and those methods did not check that the wallet wasn’t already initialized. Either check would’ve made this hack impossible.
    The second vulnerability was the raw delegateCall . You can think of this as equivalent to a raw eval statement, running on a user-supplied string. In an attempt to be succinct, this contract used metaprogramming to proxy potential method calls to an underlying library. The safer approach here would be to whitelist specific methods that the user is allowed to call.
    The trouble, of course, is that this is more expensive in gas costs (since it has to evaluate more conditionals). But when it comes to security, we probably have to get over this concern when writing smart contracts that move massive amounts of money.
    So that was the attack.
    It was a clever catch, but once you point it out, it seems almost elementary. The attacker then jumped on this vulnerability for three of the largest wallets they could find — but judging from the transaction times, they were doing this entirely manually.
    The white-hat group was doing this at scale using scripts, and that’s why they were able to beat the attacker to the punch. Given this, it’s unlikely that the attacker was very sophisticated in how they planned their attack.
    You might ask the question though — why don’t they just roll back this hack, like they did with the DAO hack ?
    Unfortunately that’s not really possible. The DAO hack was unique in that when the attacker drained the DAO into a child DAO, the funds were frozen for many days inside a smart contract before they could be released to the attacker.
    This prevented any of the stolen funds from going into circulation, so the stolen Ether was effectively siloed. This gave the Ethereum community plenty of time to conduct a public quorum about how to deal with the attack.
    In this attack, the attacker immediately stole the funds and could start spending them. A hard fork would be impractical–what do you do about all of the transactions that occur downstream? What about the people who innocently traded assets with the attacker? Once the ether they’ve stolen gets laundered and enters general circulation, it’s like counterfeit bills circulating in the economy — it’s easy to stop when it’s all in one briefcase, but once everyone’s potentially holding a counterfeit bill, you can’t really turn back the clock anymore.
    So the transaction won’t get reversed. The $31M loss stands. It’s a costly, but necessary lesson.
    So what should we take away from this?

    3. What does this attack mean for Ethereum?

    There are several important takeaways here.
    First, remember, this was not a flaw in Ethereum or in smart contracts in general. Rather, it was a developer error in a particular contract.
    So who were the crackpot developers who wrote this? They should’ve known better, right?
    The developers here were a cross-collaboration between the Ethereum foundation (literally the creators of Ethereum), the Parity core team, and members of the open-source community. It underwent extensive peer review. This is basically the highest standard of programming that exists in the Ethereum ecosystem.
    These developers were human. They made a mistake. And so did the reviewers who audited this code.
    I’ve read some comments on Reddit and HackerNews along the lines of: “What an obvious mistake! How was it even possible they missed this?” (Ignoring that the “obvious” vulnerability was introduced in January and only now discovered.)
    When I see responses like this, I know the people commenting are not professional developers. For a serious developer, the reaction is instead: damn, that was a dumb mistake. I’m glad I wasn’t the one who made it.
    Mistakes of this sort are routinely made in programming. All programs carry the risk of developer error. We have to throw off the mindset of “if they were just more careful, this wouldn’t have happened.” At a certain scale, carefulness is not enough.
    As programs scale to non-trivial complexity, you have to start taking it as a given that programs are probably not correct. No amount of human diligence or testing is sufficient to prevent all possible bugs. Even organizations like Google or NASA make programming mistakes, despite the extreme rigor they apply to their most critical code.
    We would do well to take a page from site reliability practices at companies like Google and Airbnb. Whenever there’s a production bug or outage, they do a postmortem analysis and distribute it within the company. In these postmortems, there is always a principle of never blaming individuals .
    Blaming mistakes on individuals is pointless, because all programmers, no matter how experienced, have a nonzero likelihood of making a mistake. Instead, the purpose of a postmortem is to identify what in the process allowed that mistake to get deployed.
    The problem was not that the developer forgot to add internal to the wallet library, or that they did a raw delegateCall without checking what method was being called.
    The problem is that their programming toolchain allowed them to make these mistakes.
    As the smart contract ecosystem evolves, it has to evolve in the direction of making these mistakes harder, and that means making contracts secure by default.
    This leads me to my next point.
    Strength is a weakness when it comes to programming languages. The stronger and more expressive a programming language is, the more complex its code becomes. Solidity is a very complex language, modeled to resemble Java.
    Complexity is the enemy of security . Complex programs are more difficult to reason about and harder to identify edge cases for. I think that languages like Viper (maintained by Vitalik Buterin) are a promising step in this direction. Viper includes by default basic security mechanisms, such as bounded looping constructs, no integer overflows, and prevents other basic bugs that developers shouldn’t have to reason about.
    The less the language lets you do, the easier it is to analyze and prove properties of a contract. Security is hard because the only way to prove a positive statement like “this contract is secure” is to disprove every possible attack vector: “this contract cannot be re-initialized,” “its funds cannot be accessed except by the owners,” etc. The fewer possible attack vectors you have to consider, the easier it is to develop a secure contract.
    A simpler programming model also allows things like formal verification and automatic test generation. These are areas under active research, but just as smart contracts have incorporated cutting-edge cryptography, they also should start incorporating the leading edge of programming language design.
    There is a bigger lesson here too.
    Most of the programmers who are getting into this space, myself included, come from a web development background, and the blockchain toolchain is designed to be familiar for web developers. Solidity has achieved tremendous adoption in the developer community because of its familiarity to other forms of programming. In a way, this may end up being its downfall.
    The problem is, blockchain programming is fundamentally different from web development .
    Let me explain.
    Before the age of the client-server web model, most programming was done for packaged consumer software or on embedded systems. This was before the day of automatic software updates. In these programs, a shipped product was final — you released one form of your software every 6 months, and if there was a bug, that bug would have to stand until the next release. Because of this longer development cycle, all software releases were rigorously tested under all conceivable circumstances.
    Web development is far more forgiving. When you push bad code to a web server, it’s not a big deal if there’s a critical mistake — you can just roll back the code, or roll forward with a fix, and all is well because you control the server. Or if the worst happens and there’s an active breach or a data leak, you can always stop the bleeding by shutting off your servers and disconnecting yourself from the network.
    These two development models are fundamentally different. It’s only out of something like web development that you can get the motto “move fast and break things.”
    Most programmers today are trained on the web development model. Unfortunately, the blockchain security model is more akin to the older model.
    In blockchain, code is intrinsically unrevertible. Once you deploy a bad smart contract, anyone is free to attack it as long and hard as they can, and there’s no way to take it back if they get to it first. Unless you build intelligent security mechanisms into your contracts, if there’s a bug or successful attack, there’s no way to shut off your servers and fix the mistake. Being on Ethereum by definition means everyone owns your server.
    A common saying in cybersecurity is “attack is always easier than defense.” Blockchain sharply multiplies this imbalance. It’s far easier to attack because you have access to the code of every contract, know how much money is in it, and can take as long as you want to try to attack it. And once your attack is successful, you can potentially steal all of the money in the contract.
    Imagine that you were deploying software for vending machines. But instead of a bug allowing you to simply steal candy from one machine, the bug allowed you to simultaneously steal candy from every machine in the world that employed this software. Yeah, that’s how blockchain works.
    In the case of a successful attack, defense is extremely difficult. The white-hats in the Parity hack demonstrated how limited their defense options were — there was no way to secure or dismantle the contracts, or even to hack back the stolen money; all they could do was hack the remaining vulnerable contracts before the attacker did.
    This might seem to spell a dark future.
    But I don’t think this is a death knell for blockchain programming. Rather, it confirms what everyone already knows: this ecosystem is young and immature. It’s going to take a lot of work to develop the training and discipline to treat smart contracts the way that banks treat their ATM software. But we’re going to have to get there for blockchain to be successful in the long run.
    This means not just programmers maturing and getting more training. It also means developing tools and languages that make all of this easier, and give us rigorous guarantees about our code.
    It’s still early. Ethereum is a work in progress, and it’s changing rapidly. You should not treat Ethereum as a bank or as a replacement for financial infrastructure. And certainly you should not store any money in a hot wallet that you’re not comfortable losing.
    But despite all that, I still think Ethereum is going to win in the long run. And here’s why: the developer community in Ethereum is what makes it so powerful .
    Ethereum will not live or die because of the money in it. It will live or die based on the developers who are fighting for it.
    The league of white-hats who came together and defended the vulnerable wallets didn’t do it for money. They did it because they believe in this ecosystem. They want Ethereum to thrive. They want to see their vision of the future come true. And after all the speculation and the profiteering, it’s ultimately these people who are going to usher the community into its future. They are fundamentally why Ethereum will win in the long run—or if they abandon Ethereum, their abandonment will be why it loses.
    This attack is important. It will shake people up. It will force the community to take a long, hard look at security best practices. It will force developers to treat smart contract programming with far more rigor than they currently do.
    But this attack hasn’t shaken the strength of the builders who are working on this stuff. So in that sense it’s a temporary setback.
    In the end, attacks like this are good for the community to grow up. They call you to your senses and force you to keep your eyes open. It hurts, and the press will likely make a mess of the story. But every wound makes the community stronger, and gets us closer to really deeply understanding the technology of blockchain — both its dangers, and its amazing potential.
    P.S. If you’re a dev and you want to learn more about smart contract security, this is a really good resource.
    Errata: This article originally said that Gavin Wood was the developer of the contract, which is incorrect. Gavin is the founder of Parity and pushed the fix to the contract, but was not the original developer. It also originally claimed that $77M additional funds were vulnerable, but this doesn’t count all of the ERC20 (ICO) tokens that were vulnerable. The total amount is actually $150,000,000+ if you include all ERC20 tokens. As of the time of writing this (July 21st 4PM EST), the total value of the assets saved by the white-hats was $ 179,704,659.

    This content was originally published here.

    Crypto Discussions at Highest Level: The OECD’s Love of Blockchain Obscures Its Fear of Bitcoin

    For several years now, the Organization for Economic Co-operation and Development (OECD) has been cautiously enthusiastic about blockchain technology. Beginning with a 2014 working paper titled, “The Bitcoin Question” the intergovernmental organization has been considering the economic possibilities opened up by distributed ledgers and cryptocurrencies — and, on the whole, it has found these possibilities exciting, even if such working papers “do not necessarily reflect the official views of the Organization or of the governments of its member countries.”

    But for the most part, reports on “Blockchain Technology and Competition Policy” and “Corporate Governance” — among other subjects — have struck a largely ‘wait-and-see’ tone. They’ve outlined the areas in which distributed ledger technology (DLT) could potentially offer innovations, yet they’ve also affirmed that institutions should acquire a more complete understanding of DLT and how it works before integrating it into their operations. As June’s report on corporate governance concluded, “it may be worth exploring” is the kind of phrase often encountered in such analyses.

    However, this preliminary phase in the OECD’s standoffish evaluation of DLTs is drawing to a close. On Sept. 4 and 5, it held its first-ever Blockchain Policy Forum in Paris, where a range of public officials and private leaders came together to meet, to network and, most importantly, to explore just how blockchain technology is being and will be used by businesses and governments. Over the course of the two-day conference, scores of delegates presented a wide variety of use cases of DLTs, from self-sovereign identity to competition law. And in the process, they began to map a way forward for those organizations that have entertained the notion of trialing blockchain tech without actually taking that all-important first step.

    Bitcoin for central bankers

    The OECD’s first foray into reports and policy recommendations regarding blockchain came with its June 2014 working paper, “The Bitcoin Question: Currency Versus Trust-Less Transfer Technology.” Like many traditional institutions that represent the mainstream global economy, the general position expressed by the report’s author was that Bitcoin is “volatile” and has “an important scalability problem,” and that “a raison d’être for Bitcoins is to carry out illegal activities.”

    But as has been seen with such Bitcoin-detractors as, say, Mark Carney and Yanis Varoufakis, the report also sung the praises of the blockchain — as it referred to the underlying protocol. According to author Adrian Blundell-Wignall, the special advisor to the OECD secretary-general on financial markets:

    “[The blockchain] is the key innovation in this technology — that is, a technology that removes the need for a trusted third party and the intermediary costs associated with such institutions (banks, credit card companies, payment companies, non-bank financial intermediaries).”

    Expanding on the theme of disintermediation, the working paper surveyed the different benefits blockchain technology — rather than Bitcoin — could deliver for businesses, institutions and the global economy more generally. Blundell-Wignall wrote, noting that the imposition of regulation may increase costs for crypto exchanges and other blockchain-based service providers:

    “This technology has the potential to reduce transactions costs for retail spending with credit cards, e-commerce costs and money transfers. But such companies are intermediaries too, and it should not be forgotten that competition in the cryptocurrency world is fierce, and new decentralized technology innovations may reduce costs dramatically.”

    Having noted the scalability issues Bitcoin encountered at the time (but which are now being addressed), the paper’s author extolled Ripple as an example of a DLT-based system that enables banks to transfer remittances at a fraction of the usual cost and of the usual speed. And while it acknowledged that Ripple may not be the “ultimate winner” in the cryptocurrency race, it concluded by advising the OECD’s member states to seriously consider looking at comparable, less decentralized blockchain-based technologies.

    “Policymakers do need to focus on how to ensure that the new technologies operate in the most socially-useful way. That is, it should be possible to make use of a new technology to facilitate the medium-of-exchange transporter and ledger functions and increase competition in financial services, while eliminating the ‘anonymity’ problems [of certain cryptocurrencies].”

    Which blockchain?

    In sum, the working paper recommended blockchains that don’t attempt to usurp the power of governments and central banks over a nation’s money supply, but that still retain certain aspects of Bitcoin’s transparency and efficiency. And since then, succeeding reports and papers from the OECD have elaborated on this blockchain-friendly approach, with more recent documents outlining particular applications of DLTs.

    In June, the Directorate for Financial and Enterprise Affairs Competition Committee published an issue paper that outlined the implications blockchain tech would have for competition policy and regulation. As with virtually every other report published by or on behalf of the OECD, almost half of the paper dedicated itself to introducing just what ‘the blockchain’ is, offering an indication of how public bodies are still very much in the early stages of their flirtation with DLT. It goes, as if a sizeable proportion of its readers have never heard of either Bitcoin or blockchains before:

    “The most prominent example of a blockchain thus far is Bitcoin. Bitcoin is a non-permissioned or public blockchain, meaning that there is no restriction on who can spend Bitcoin or take part in verifying the authenticity of blocks of transactions in the blockchain (an energy intensive process known as ‘mining’).”

    To be fair, despite retreading what must be very familiar ground for anyone who’s even glanced at a technology website in the past couple of years, the paper does go on to examine how competition policy will have to be updated in view of blockchain adoption. In particular, it highlighted the need of a public debate on whether competition authorities should be given access to blockchains in order to police markets and corporations.

    “This might enable them to monitor trading prices in real-time, spot suspicious trends, and, when investigating a merger, conduct or market, have immediate access to the necessary data without needing to impose burdensome information requests on parties.”

    Interestingly, it also underlined the possibility of blockchains being used by companies to collude or “tacitly coordinate” in a way that hurts competition, perhaps by enabling members of a trade cartel to know when another member has failed to comply with the terms of the cartel, and by enabling the cartel to mete out punishment accordingly — possibly by the use of smart contacts. The report’s author, Antonio Capobianco, wrote:

    “The potential transparency offered by a market-wide blockchain might also help firms in oligopolistic markets to coordinate tacitly without any direct or indirect contact, or any agreement to do so. Might full access to observe a market-wide blockchain constitute a ‘plus-factor’ that competition authorities might consider to suggest that parallel conduct was the result of coordination among the parties?”

    The paper also placed specific attention on the use of blockchain to facilitate anti-competitive behavior, on monopolies in the cryptocurrency industry — e.g., companies, crypto exchanges — on setting technical standards, and on ensuring competitive neutrality in the face of subsidies for blockchain adoption. Together, such a focus reveals that the OECD has begun to grapple with how blockchain technology will affect businesses, national economies and international trade. And even if it didn’t attempt to address how any of this would be achievable on a technical level, it treats the widespread adoption of blockchain tech as if it were an inevitability, something which any startup or corporation working within the industry must welcome as an encouraging vote of confidence.

    It’s not only reports and working papers that the OECD has produced with respect to blockchains. In March, its director of financial and enterprise affairs, Greg Medcraft, delivered a presentation at the OECD Friends of Going Digital Meeting in Paris. Titled, “The OECD and the Blockchain Revolution,” it urged policymakers to be “proactive and forward-looking” in how they treat blockchain from a regulatory standpoint, and to work closely with “key stakeholders” — i.e., people and groups within the industry — on drafting appropriate standards and laws. “This will help us avoid regulatory knee-jerk reactions and resist the temptation to jump in before we properly understand developments,” Medcraft explained, while still cautioning his audience on “high-profile theft of assets like Bitcoin, and scam Initial Coin Offerings.”

    And aside from policy recommendations, blockchain technology has received indirect support from the OECD by way of appearing in its “Embracing Innovation in Government” reports for 2017 and 2018. In its 2017 edition, for instance, it reported on the use of blockchain-based in the Colombian 2016 peace referendum (related to the end of the conflict between the national government and the Revolutionary Armed Forces of Colombia—People’s Army [FARC] rebels).

    “[The] tech nonprofit Democracy Earth Foundation set up a digital process that allowed Colombian expats, who were unable to vote through the official process, an opportunity to participate in a plebiscite on whether to approve a peace treaty. This process raised interesting questions for governments about the future use of blockchain in electoral processes, and in the public sector more broadly, and could potentially lead to new ways to ensure the integrity of the election process.”

    In much the same way, other reports issued this year take a generally positive attitude toward DLT. In “Blockchain Technology and Corporate Governance” (also published in June), the author — Vedat Akgiray, professor of finance at Bogazici University — focuses on how DLT is likely to make corporate governance more accountable and efficient.

    “All users on the network can see trading by managers, activists and corporate raiders. Legal insider trading channels are no longer needed. Disguised derivatives hedging, backdating and similar undesirable actions are almost impossible on a blockchain network.”

    In another working paper from June, “Blockchain Technology and Its Use in the Public Sector,” Jamie Berryhill, Théo Bourgery and Angela Hanson — all present or former members of the OECD’s Observatory of Public Sector Innovation — argue that blockchain technology has the potential to increase automation, efficiency and knowledge within the public sector. In particular, the authors note “at least 46 countries around the world have launched or are in the planning stages to launch over 200 blockchain-related initiatives.”

    This is another encouraging seal of approval for the adoption of DLT — and to further reinforce this point, the authors run through many of the specific areas in which blockchains are witnessing usage, writing:

    “Just about every area of the public sector could benefit from blockchains in some way.”

    According to the paper, these areas include , , financial services and banking, land title registry, supply chain management and logistics, benefits, public energy utilities, contractor management, , , fraud detection, and facilitating interagency operations.

    The report is perhaps the most positive and encouraging the OECD has produced to date, not least because it was written by employees of the organization — rather than by outside experts who may not reflect its views. In its conclusion, its authors state:

    “In the future, centralized authorities could become increasingly irrelevant in the context of blockchain technologies, or their role could shift to providing a platform and governance for decentralized services rather than being at the centre of every transaction. It is imperative that the public service builds its knowledge in this area and consider its possible applications and how it may affect its role.”

    The Blockchain Policy Forum

    But while such reports find the OECD taking the step of addressing specific areas in which blockchain tech can be applied, two points of caution need to be made. Firstly, these papers are still often written in decidedly general and preliminary terms: The corporate governance report, for example, failed to name any single blockchain that can or could deliver the kinds of benefits it outlined in its conclusion, while none of the above documents attempted to unpack the different types of distributed ledger — e.g., permissionless or permissioned, (PoW) or (PoS) — and explain which ones might be useful for certain functions. Similarly, the conclusion of the public sector paper offers the familiar reminder that blockchains still need “to be understood in order to understand the potential solutions to a range of challenges.”

    Secondly, these reports are also fairly limited in their number, in that only four such papers have been published by the OECD this year, with each handling a limited area of application. And given that the OECD has the power only to issue model tax conventions, policy recommendations and research papers, its reports have no legal weight or official force whatsoever with respect to its member states.

    However, the beginning of this month marked something of a turning point for how the OECD regards blockchain tech. On Sept. 4 and 5, it held its inaugural Blockchain Policy Forum — which, as the name suggests, had the aim of discussing the best practices and constructive policies related to the use of DLTs. Accordingly, it kicked off with a ‘high-level’ talk on how blockchain tech can be harnessed to produce ‘better policies,’ with OECD Secretary General Angel Gurría providing the opening remarks, in which he stressed the need for international cooperation and alignment on how blockchain technologies are developed, used and regulated.

    “Blockchain is a tool. And the idea is, to what extent can we make the tool a standard so that, when it is a generally accepted standard, it can then become part of the regulatory process — therefore mandatory in the regulations, so that it can serve the policy purposes better.”

    Yet, as Gurría quickly made clear, the OECD’s enthusiasm for blockchains does not extend so far as believing that DLT is likely to supplant the role of governments and of international institutions such as itself:

    “But let’s not confuse what this is about: Again, the role of government is in setting the policy, and then seeing what they absorb into the regulations, what tools they absorb into the regulations. That is the role of government and it cannot be substituted. But once you [introduce blockchain], once you have it as a standard and you start applying it, then of course it just goes on and on and on. It just keeps giving.”

    Put differently, the OECD regards blockchain as a technology governments can exploit to improve their efficiency, rather than a technology that might conceivably make governments — or at least certain governmental functions — redundant. Still, even if the vast majority of the speakers and guests at the Forum were united with Angel Gurría on this point, they nonetheless had plenty of encouraging things to say about blockchain tech, with many speakers citing multiple examples of how DLTs are already being used throughout the globe. Similarly, many spoke about how the governments they represent had already taken decisive action to foster the development of the blockchain industry, while some had even worked to nurture cryptocurrencies as well.

    “Now, with the emergence of distributed ledger technology and digital assets, Bermuda is once again demonstrating its ability to be a center of innovation,” said David Burt, the Premier of Bermuda, during his speech on Tuesday morning. “As the first country anywhere to introduce comprehensive ICO and digital asset business legislation, Bermuda aims to be a model for the world […] Over the past nine months, we have delivered the first phase, which includes a robust compliance environment, with bespoke legislation for ICOs, digital asset service providers, and the banking of digital assets in Bermuda. Our legislation is designed to provide clarity, certainty and consistency, with protections for investors, consumers and service providers.”

    David Burt, the Premier of Bermuda

    Such positive statements were common, with the prime minister of Serbia, Ana Brnabić, as well as the state secretary of Slovenia, Tadej Slapnik, also explaining to the assembled audience how their respective nations had already begun benefiting from the emergence and harnessing of DLT and crypto. However, as the first day progressed, this initial mood of optimism was tempered with qualifications regarding the limits of what blockchain tech could do, and regarding the legitimacy of Bitcoin and other cryptocurrencies. During a Q&A discussion David Burt said:

    “The challenge is that there [are] so many people who actually believe that this is a technology that can be used for bad. And the question is how do you change that from a policy perspective, to make sure that it’s something that can be used for good? And I think that’s the most important thing that can come out of the policy discussions which we’re having, is to get us to a place where that mindset can begin to change, and people can start talking about not Bitcoin, but can start talking about the different type of applications that can make lives better.”

    Despite the general excitement surrounding blockchain tech, this kind of cryptocurrency stigmatization was common. During the “Blockchain at the Frontier of Trust” session on the first day, the moderator, President of the Chamber of Digital Commerce Perianne Boring, asked the audience to participate in a poll, in which attendees were asked to respond with the percentage of Bitcoin transactions they believed were ‘illicit.’ As the image below reveals, 57 percent of the audience believed that anything from 1 percent — 25 percent of BTC transactions are for illegal purposes. Meanwhile, 17 percent and 10 percent of the audience went for 25 percent — 50 percent and 50 percent  — 75 percent, respectively. Only 13 percent of the audience went for 1 percent or less, which Boring revealed was the correct answer, indicating the gulf between perception and reality — even among ‘enlightened’ leaders and experts — when it comes to crypto.

    Indeed, during the “Blockchain and Economics: Global Impacts” speeches, Lord Meghnad Desai — the Emeritus Professor of Economics at the London School of Economics — presented the familiar argument that Bitcoin is not money. In fact, Desai also blamed the cryptocurrency for sowing public confusion and concern with regard to blockchains.

    “I think calling the very first cryptocurrency ‘Bitcoin,’ was really very harmful, because it looked like it was money, but it’s not money. Money has to be a means of payment, and a unit of account, and a store of value. It is just a store of value. It’s not a means of payment; it’s a very expensive means of payment, and it’s an uncertain store of value. So now that we call [cryptocurrencies] ‘tokens,’ had originally Bitcoin been called a ‘ZenToken,’ which I think is my favorite word for Bitcoin, nobody would have bothered, nobody would have had these fears about blockchains and all these specters.”

    Given this semi-hostility toward Bitcoin and other cryptocurrencies, it was unsurprising to find that the prevailing definitions of ‘the blockchain’ largely detached it from the kinds of decentralized ledger on which currencies such as Bitcoin are based.

    “So there are technical differences, but in general parlance, we generally talk about the blockchain industry as a blanket term that includes distributed ledgers. Blockchains are a subset of distributed ledgers, the key difference being, instead of updating the decentralized ledger transaction by transaction, they do it almost in a batch process […] When people talk about blockchain or they talk about DLT, they really do so, at least in a general business purposes, as [two things] that are synonymous.”

    Here, R3’s MD Charley Cooper underlined how the OECD and many of its invited guests tend to regard permissioned, even largely centralized ledgers as equivalent to decentralized, permissionless blockchains.

    No panacea

    Even forgetting the overly negative perception of cryptocurrencies at certain points, there was still a general, sober recognition running throughout the Forum that DLT won’t be a panacea for the all world’s ills. Correspondingly, there was also the recognition that it won’t completely live up to some of its unique selling points, such as its ability to create ‘trustless’ relationships, systems and/or networks.

    “The ledger itself, or the applications that are built on top of it, allow various types of business activity or other activities to be conducted without a middle person, without a third party,” explained Charley Cooper. “That is trustless. However, trust doesn’t disappear […] you do need to trust the software and you need to trust the people that built it […] when you, as an entity, are trying to decide whether or not to deploy an application or deploy a blockchain solution within your organization, it’s not totally trustless in the sense that you need to be comfortable with the software itself, that it was built appropriately, and that it was built to the specifications that you need for your entity.”

    Still, while the first day was characterized by a wide-lensed perspective on DLT that regarded it with cautious enthusiasm, the second day saw a higher number of panels and talks that specifically addressed particular applications of blockchains. From health, migration, development, SME financing and water to transport, energy, agriculture and infrastructure, the second day witnessed multiple parallel discussions, and each offered clear examples of how blockchain technology is primed to solve important problems.

    “We started with 100 people, six months later we had 10,500 people, another six months after that we had over 100,000 people on the system,” explained Bernhard Kowatsch of the World Food Program, which began an initiative last year to use DLT to process cash-for-food payments to refugees. “Now, with the 100,000 people that we already have on the system, up until now we have processed more than $23 million through the blockchain system so far. Which means it’s no longer a smallish kind of thing; obviously we take this very seriously.”

    And even though the first-ever Blockchain Policy Forum didn’t produce any concrete guidelines or proposals on how businesses, institutions and nations should work with DLT, the fact that it has taken place is an important step for blockchain technology. By providing a platform through which groups and institutions were able to explain how they’ve successfully used blockchains to improve their operations and services, the OECD has made it much likelier that other groups and institutions will follow in their wake. And with the idea and practice of blockchain spreading, the prospect of positive standards being introduced by the OECD and other governmental — or intergovernmental — organizations moves closer, as does that of increasing blockchain adoption more broadly.

    This content was originally published here.

    Bitcoin’s Theoretical Price Ceiling Is Now $100k Per Coin – Bitcoin USD (Cryptocurrency:BTC-USD)

    Introduction

    The question of if a floor exists in the price of Bitcoin ()()(OTCQX:GBTC), and if so, what is that figure, has become a hot topic recently.

    I would argue that the floor is determined by the probability of finding a gap between the fundamentals and the price. In other words, how many standard deviations below or above the price target are we at now? Any number is possible, but the extremely low and extremely high are both very rare, and therefore much less likely to occur. That’s the best we can do with the price floor. Watch the fundamentals and the rest is statistics.

    However, the price ceiling is different. This is because we know there is a strong relationship between network activity and the price. To put it more succinctly, the more network activity we have, the higher the price. But, there are limits to network throughput, and this puts a lid on the price in the short to medium term.

    We have seen this limit tested recently, when the Bitcoin blocks filled up. This gave us the upper limit on the maximum number of daily transactions that people were willing to pay, because of the price of the fees. I would call this the “soft limit” because you could squeeze more out of it, but it’s just not practical because it’s expensive.

    The soft limit and the hard limit change over time as new technology comes online, such as SegWit, Schnorr Signatures, and The Lightning Network.

    Network Fees and Bitcoin Price

    Near the end of 2017 and the beginning of 2018, we tested the soft limits of the Bitcoin network. The high price for Bitcoin was around $19,475 on December 17th, 2017. The average fee was $62.50 on December 22nd, just five days later.

    The price is the red line (left axis), and the fees are the red shaded area (right axis). See below:

    Image Source:

    The high number in daily transactions took place on December 13th, 2017, which was four days before the peak price.

    Image Source: blockchain.com

    Now, what’s changed since then? Well, the price has gone down, but also we have new technology online. SegWit is the biggest change, so let’s look at that real quick to refresh our memory. Below is a chart showing SegWit adoption.

    Image Source:

    SegWit was active during the last bubble, but only 12.5% of the network was using it at the time. Just in the last couple weeks, we had a spike over 53%, and the trend is clearly pointed upwards.

    Recall that SegWit changes the maximum block size calculation by swapping out block size for block weight. The more SegWit transactions are used, the larger the block can become, up to a maximum of around 4MB, which is 4 times the current block size. So, speaking in theoretical best-case-scenario terms, 100% SegWit adoption would enable the Bitcoin network to process 4x as many transactions per day.

    If we take the max daily transactions from last year, 490k, and SegWit was being used around 12.5%, that means we were already receiving a 50% daily TX increase from the technology back then. Today, we could get a benefit of 212% from this upgrade.

    The maximum number of daily transactions (soft limit) without SegWit is around 327k per day. With adoption levels around 53% as of this month, this puts the daily maximum number of transactions at 693k per day.

    Now, stick with me because the number of daily transactions and the price in log scale are highly correlated. Earlier this year, we saw the price/predicted using this model hit a Z-score of over 5.

    For that to happen today, the network would have to hit its maximum throughput of 693k transactions per day, and then the price would explode through the roof and top out around $100k per bitcoin before the high fees caused another price collapse.

    If you’re a spreadsheet junkie and you want to follow along, these are the steps you would follow:

    1. Take the maximum network throughput of 693k daily transactions today (327k daily transactions plus 53% of a 400% increase from SegWit).
    2. Take the log base ten of that number, which is 5.8407.
    3. The predicted “fair price” (a Z-score near zero) at this level of activity would be $7,420, based off regression analysis of the price and number of daily transactions going back to 2010.
    4. The highest Z-score of price/predicted this year was just over 5, the highest price over predicted was just over 13.
    5. In order to find the equivalent price in terms of Z-score, find a number that generates a Z-score, by determining what ratio of price/predicted gives you a value slightly over 13 (which was the highest recorded this year).
    6. That figure in log scale is very close to 5.
    7. Convert 5 back into linear scale, and you get $100,000.

    You should see something like this when you run the regression of log price and log daily transactions.

    Image Source: Author’s Regression Analysis

    When you plot the Z-scores over time, you should see something that looks like this:

    Image Source: Author’s charts

    What we’re essentially doing here is re-creating a bubble by rewinding history, and then mapping those findings onto today. Will there actually be a speculative bubble today, or next week? Probably not, but remember this is just an exercise to see if it did happen, what would the maximum price be; the price ceiling (in this case the soft limit).

    Image Source: Author’s Excel Worksheet

    Max Price and Actual Price (Year to Date)

    I looked at the number of transactions per day that could be processed by the Bitcoin network, and then attempted to find the theoretical maximum number of transactions if we added in the gains from SegWit. Then, I mapped that value along with the current price divided by the max price. This was the result.

    Image Source: Author’s Charts

    Here we’re looking at max capacity in terms of the hard limit. Using this method, it appears that the maximum price on January 1st would be somewhere around $45k per Bitcoin. However, when we add in the extra capacity and compare it with where we are now, today’s price seems to be quite a bargain, hovering around 6% of the maximum we might expect with peak usage and the FOMO premium added on top.

    Conclusion

    The price of Bitcoin is strongly correlated with the network activity. You can think of this in terms of value transmitted, number of users, number of transactions, or any other way if you can find a good data source and justify your reasoning.

    If the network usage exceeds, or even nears its peak capacity, fees will spike and drive people away. This is what happened in the last bubble when the network could not sustain the rapid growth.

    As the network gets upgraded, a higher theoretical price becomes possible. However, since the price can also be very volatile, the price at any given point is not likely to be the exact value we predict. Therefore, using a statistical model to find probability of distance from the mean seems to make the most sense.

    This article was first released to members of Crypto Blue Chips, along with other research that can’t be found anywhere else (such at the BVIPE).

    Disclosure:I am/we are long BTC-USD.

    I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it (other than from Seeking Alpha). I have no business relationship with any company whose stock is mentioned in this article.

    This content was originally published here.