In February, Facebook made its debut into the blockchain space by acquiring Chainspace, a London-based, Gibraltar-registered blockchain venture. Chainspace was a small start-up founded by several academics from the University College London Information Security Research Group. Authors of the original Chainspace paper were Mustafa Al-Bassam, Alberto Sonnino, Shehar Bano, Dave Hrycyszyn and George Danezis, some of the UK’s leading privacy engineering researchers.
Following the acquisition, last week Facebook announced the launch of its new cryptocurrency, Libra which is expected to go live by 2020. The Libra whitepaper involves a wide array of authors including the Chainspace co-founders namely Alberto Sonnino, Shehar Bano and George Danezis. According to Wired, David Marcus, a former Paypal president and a Coinbase board member, who resigned from the board last year, is appointed by Facebook to lead the project Libra. Libra isn’t like other cryptocurrencies such as Bitcoin or Ethereum. As per the Reuters report, the Libra blockchain will be permissioned, meaning that only entities authorized by the governing association will be able to run the computers.
Mustafa Al-Bassam, one of the research co-founders of Chainspace who did not join Facebook posted a detailed Twitter thread yesterday. The thread included particularly his views on this new crypto-currency – Libra.
Thread: as the only research co-founder of Chainspace that did not join Facebook (the blockchain scalability startup that Facebook acquired), people have been asking me about my view of Libra. Here's a thread about it. https://t.co/l88WbTWphv
— Mustafa Al-Bassam (@musalbas) June 25, 2019
On Libra’s decentralized model being less censorship resistant
Mustafa says, “I don’t have any doubt that the Libra team is building Libra for the right reasons: to create an open, decentralized payment system, not to empower Facebook. However, the road to dystopia is paved with good intentions, and I’m concerned about Libra’s model for decentralization.”
He further pointed the discussion towards a user comment on GitHub which reads, “Replace “decentralized” with “distributed” in readme”. Mustafa explains that Libra’s 100 node closed set of validators is seen more as decentralized in comparison to Bitcoin. Whereas Bitcoin has 4 pools that control >51% of hashpower.
According to the Block Genesis, decentralized networks are particularly prone to Sybil attacks due to their permissionless nature. Mustafa takes this into consideration and poses a question if Libra is Sybil resistant, he comments,
“I’m aware that the word “decentralization” is overused. I’m looking at decentralization, and Sybil-resistance, as a means to achieve censorship-resistance. Specifically: what do you have to do to reverse or censor transaction, how much does it cost, and who has that power?
My concern is that Libra could end up creating a financial system that is *less* censorship-resistant than our current traditional financial system. You see, our current banking system is somewhat decentralized on a global scale, as money travels through a network of banks.”
He further explains that, “In the banking system there is no majority of parties that can collude together to deny two banks the ability to maintain a relationship which each other – in the worst case scenario they can send physical cash to each other, which does not require a ledger. It’s permissionless.”
Mustafa adds to this point with a surreal imagination that if Libra was the only way to transfer currency and it is less censorship resistant than we’d be in worse situations, he says, “With cryptocurrency systems (even decentralized ones), there is always necessarily a majority of consensus nodes (e.g. a 51% attack) that can collude together from censor or reverse transactions. So if you’re going to create digital cash, this is extremely important to consider.
With Libra, censorship-resistance is even more important, as Libra could very well end up being the world’s “de facto” currency, and if the Libra network is the only way to transfer that currency, and it’s less censorship-resistant, we’re worse off than where we started.”
On Libra’s permissioned consensus node selection authority
Mustafa says that, “Libra’s current permissioned consensus node selection authority is derived directly from nation state-enforced (Switzerland’s) organization laws, rather than independently from stakeholders holding sovereign cryptographic keys.”
Source – Libra whitepaper
What this means is the “root API” for Libra’s node selection mechanism is the Libra Association via the Swiss Federal Constitution and the Swiss courts, rather than public key cryptography. Mustafa also pointed out that the association members for Libra are large $1b+ companies, and US-based.
Source – Libra whitepaper
To this there could be an argument that governments can regulate the people who hold those public keys, but a key difference is that this can’t be directly enforced without access to the private key. Mustafa explained this point with an example from last year, where Iran tested how resistant global payments are to US censorship. Iran requested a 300 million Euro cash withdrawal via Germany’s central bank which they rejected under US pressure.
Mustafa added, “US sanctions have been bad on ordinary people in Iran, but they can at least use cash to transact with other countries. If people wouldn’t even be able to use cash in the future because Libra digital cash isn’t censorship-resistant, that would be *brutal*.”
On Libra’s proof-of-stake based permissionless mechanism
Mustafa argues that the Libra whitepaper confuses consensus with Sybil-resistance. His views are Sybil-resistant node selection through permissionless mechanisms such as proof-of-stake, which selects a set of cryptographic keys that participate in consensus, is necessarily more censorship-resistant than the Association-based model. Proof-of-stake is a Sybil-resistance mechanism, not a consensus mechanism. The “longest chain rule”, on the other hand, is the consensus mechanism.
He says that Libra has outlined a proof-of-stake-based permissionless roadmap and will transition to this in the next 5 years. Mustafa feels 5 years for this will be way too late when Group of seven nations (G7) are already lining up the taskforce to control Libra.
Mustafa also thinks that it isn’t appropriate about Libra’s whitepaper to claim the need to start permissioned for the next five years. He says permissionlessness and scalable secure blockchains are an unsolved technical problem, and they need community’s help to research this.
Source – Libra whitepaper
He says, “It’s as if they ignored the past decade of blockchain scalability research efforts. Secure layer-one scalability is a solved research problem. Ethereum 2.0, for example, is past the research stage and is now in the implementation stage, and will handle more than Libra’s 1000tps.”
Mustafa also points out that Chainspace was specifically in the middle of implementing a permissionless sharded blockchain with higher on-chain scalability than Libra’s 1000tps. With FB’s resources, this could’ve easily been accelerated and made a reality.
He says, there are many research-led blockchain projects that have implemented or are implementing scalability strategies that achieve higher than Libra’s 1000tps without heavily trading off security, so the “community” research on this is plentiful; it is just that Facebook is being lazy.
He concludes, “I find it a great shame that Facebook has decided to be anti-social and launch a permissioned system as they need the community’s help as scalable blockchains are an unsolved problem, instead of using their resources to implement on a decade of research in this area.”
People have appreciated Mustafa on giving a detailed review of Libra, one of the tweets read, “This was a great thread, with several acute and correct observations.”
This was a great thread, with several acute and correct observations. Well done. I'm a bit intruiged by the sharding readiness you outlined — do you have more to share on this bit perhaps?
— Eric Wall (@ercwl) June 26, 2019
Another tweet reads, “Isn’t a shard (let’s say a blockchain sharded into 100 shards) by its nature trading off 99% of its consensus forming decentralization for 100x (minus overhead, so maybe 50x?) increased scalability?” Mustafa responded, “No because consensus participants are randomly sampled into shards from the overall consensus set, so shards should be roughly uniformly secure, and in the event that a shard misbehaves, fraud and data availability proofs kick in.”
Isn't a shard (let's say a blockchain sharded into 100 shards) by its nature trading off 99% of its consensus forming decentralization for 100x (minus overhead, so maybe 50x?) increased scalability?
— Eric Wall (@ercwl) June 26, 2019
In one of the tweets it is also suggested that 1/3 of Libra validators can enforce censorship even against the will of the 2/3 majority. In contrast it requires majority of miners to censor Bitcoin. Also unlike Libra, there is no entry barrier other than capital to become a Bitcoin miner.
1/3 of libra validators can enforce censorship even against the will of the 2/3 majority. In contrast it requires majority of miner to censor Bitcoin. Also there is no entry barrier other than capital to become a Bitcoin miner.
— Tamas Blummer (@TamasBlummer) June 26, 2019
Let us know what are your views on Libra and how it is expected to perform.