Could blockchain could decentralize finance by establishing trust and security without government regulations? In “What Is Decentralized Finance?” (September 1, 2022), computer engineers Adam Goad and Austin Egbert are back with Walter Bradley Center director (and computer engineering prof) Robert J. Marks to discuss how such a system might work. Or maybe not. It didn’t work with decentralized autonomous organizations… But then again, this might be simpler.
A partial transcript, notes, and Additional Resources for the first half follow.
What difference would decentralized banking make to the average customer?
Robert J. Marks: When you pay Uber for a ride, you use a bank or a third party like PayPal, or Visa, or MasterCard, or something. Decentralized banking, hopefully, will let you pay for the Uber driver directly without a third party. So Adam, what is centralized finance? What is decentralized finance, and why should I care?
Adam Goad: Good question. Centralized finance is the system we have Whenever you want to pay for something, you take out your credit card, swipe it, and it goes over the internet. The bank figures out who you’re trying to pay and sends them some money, if you [have the money in your account]. The currency is also regulated by the government. We have the Federal Reserve Bank and they have all sorts of control over how much money is printed, setting interest rates, all sorts of things.
With decentralized finance, you do not have these central authorities with this power over the currency. Like you said, if you want to pay that taxi driver, you could just send a transaction directly, using Bitcoin or Ethereum, or something. Those currencies cannot be blocked. They do not run through a centralized exchange of any kind. They can be sent just through the distributed system of the blockchain that we talked about previously. The record would be in the public ledger. You sent him money, he could confirm that, and you can both go along your way.
This has several benefits. It prevents any kind of centralized regulation. You can have regulation in a decentralized finance. Last time we spoke briefly about DAOs (decentralized autonomous organizations). Several of these larger decentralized finance projects (DeFis) are run as DAOs, where people who have invested money in them get a say in how it is run.
It is run purely as code. Anyone can confirm this code and what it’s doing, and that it’s doing what it says it’s doing. People can make proposals and vote on changes to the code. And the code can only be changed if everyone approves these changes, or at least a majority, or whatever the rules are for that particular DAO for how many people must approve.
Robert J. Marks: So the bottom line is that individual users have more control and transparency over their finances. I like that. You don’t have to go through a third party. How does this work? How do the blockchains enter into this in order to establish trust and stability. In terms of the decentralized finance, what’s the role of blockchain here?
Adam Goad: You mentioned trust. The blockchain adds trust because it is a trustless system. It does not require you to trust anyone in order to use it.
Robert J. Marks: Okay. This is interesting because I’ve seen the word trustless and “trustless” doesn’t sound good. But in the context of crypto, it means you don’t have to trust any human. So trustless always refers to humans. Is that right?
Note: “A trustless system means that the participants involved do not need to know or trust each other or a third party for the system to function. In a trustless environment, there is no single entity that has authority over the system, and consensus is achieved without participants having to know or trust anything but the system itself.” – Binance Academy
Adam Goad: If you want to transact on a blockchain, in order to use funds in an account, you need the private cryptographic key for that account. That’s a long string of letters and numbers that you should keep private, because anyone who has that string can have complete control over the funds in that account. Using that private key, along with your public key — which in most cases is your address or a derivative of it, you can encrypt any transaction and send it off to the blockchain. It’s encrypted in such a way that it can be confirmed that it was signed by your private key as long as someone knows the public key. And the public key can also be derived from the way it was signed.
After the blockchain — and anyone else who wants to — is able to confirm that I sent this transaction to the chain, the ledger (the chain itself) would then have a record that my account sent the money to your account. And you can go check the chain. You can use various services that will check it for you and just tell you your balance. You’ll know that I have sent you the money and there it is. We didn’t have to talk to any banks. We could’ve used any number of Ethereum nodes, or any other kind of chains, nodes distributed all over the world, without a centralized authority having a say in things.
Privacy on a blockchain is different from privacy at a bank
Robert J. Marks: Interesting. It does seem though, like blockchain has replaced the bank as the third party. So what’s the advantage of using blockchain instead of a bank?
Adam Goad: So, it’s not that blockchain doesn’t tell anyone what’s going on, instead it tells everyone what’s going on.
Robert J. Marks: Okay. So blockchain knows how much you paid the Uber driver?
Adam Goad: Yes. And everyone else in the world can know too. But what they don’t know is who you are, or who you paid or, why.
Robert J. Marks: Oh, now that’s interesting. If they don’t know who I am, who I paid, or why I paid them, then that looks like a lot of privacy. So that’s the advantage that this decentralized finance gives, is that right?
Adam Goad: Exactly. All that’s recorded is that this address paid this address this much at this time. Who owns those addresses? Why did they feel the need to send that money? None of that is stored. And you’d have to know a lot about someone to figure it out.
Robert J. Marks: Where do these decentralized finance blockchains live? Do they live on your computer?
Adam Goad: The blockchain lives on anyone’s computer that wants to have a copy, pretty much. It can be fairly intensive. So you need a pretty powerful computer if you want to be what’s known as a node. A node is a computer that stores a copy of the blockchain and helps to process the blockchain.
As new transactions come in, you can also set up a miner on a node, to try to mine new transactions. And basically then, if someone wants to send a transaction, they send that transaction to a node. That node will send it through the network, to get it to the miners, to get it put onto the chain.
Robert J. Marks: So it’s just like everybody has copies of the blockchain, but nobody knows what’s inside of the individual links on the chain, if you will. Is that right?
Adam Goad: Nope. Everyone knows what’s inside every link.
Robert J. Marks: Oh, they do know what’s inside every link, but they don’t know who it is, or why you paid it. Okay.
Adam Goad: Right. There’s a website you can go to called Etherscan. It is one of the most popular websites. You can use it to browse any transaction you want on the Ethereum blockchain. You can search them by who sent them, who received them, when they were sent, all sorts of things. And you can look at every single transaction ever sent if you wanted.
Robert J. Marks: Oh my goodness. Okay. Well, I bet you, the IRS is happy about that, aren’t they? By the way, if you know that person A was a transaction on one of the chains of the blockchain, do you know that person A was also a participant in blockchain 36?
Adam Goad: On a single chain, yes. You can say, “Okay. If I know that this person sent this transaction, then I now know the Ethereum address,” whichever chain it is. And you can look at all the other activity for that address. And you can see where it sent money. You can see who those people sent money to. It’s all there.
Austin Egbert: But on a separate blockchain, that address isn’t the same as the address they might have on a different blockchain?
Adam Goad: Correct. So in order to figure that out, you would have to see them try to send the funds through to the other blockchain using various services. Or, if they did it through a centralized cryptocurrency exchange, you could have the exchange. You could force them to report to you what addresses they sent to and such, because the way the centralized exchanges work, such as Coinbase, they are subject to government regulation. So when you sign up for an account on one of them, if you’re going to be transacting at a certain amount, some of them, I think there is a small amount you can do without having to do this.
Hedder Do centralized cryptocurrency exchanges provide privacy?
Adam Goad: But if you get to a certain level, you are acquired to complete what is known as know your customer, KYC. And that’s a process where you have to go through and prove your actual identity to the exchange. You have to send them a copy of your driver’s license, or something like that, so that they can then tell the government who you are and file your taxes accordingly.
Robert J. Marks: But this is only for certain blockchains, is that right?
Adam Goad: This is anytime you want to use a centralized exchange. So the centralized exchanges are by far the easiest way to get money in and out of cryptocurrency. So they will let you hook up to your bank account, or hook up to your credit card, and put your us dollars into cryptocurrency through their service.
Robert J. Marks: I don’t know if you remember, but the FBI at one time was monitoring telephone calls and they didn’t monitor who called who, but they did say A called B, A called C, C called D, and then B called D. And so they built up this tree of interconnections and they maintained that they were not violating anybody’s privacy, because names and telephone numbers weren’t associated with that.
But they build up this great tree with lots of clusters and they could, if they found out one node, like if they found out the identity of A, all of sudden, the other ones begin to fall down with certain probability, with that knowledge. The blockchain, as you’ve described, it kind of reminds me of that. Is there any truth in my analogy?
Adam Goad: Yes, you have it exactly right. If the FBI, or any other law enforcement agency is trying to track down some kind of criminal who’s using cryptocurrency, they most likely know what transactions they’re trying to follow. They just don’t know who is on the other end of those private addresses. So as soon as they figure out who owns one of them, it’s the same thing. They can try to guess who owns these other ones based off when they were paid and how much they were paid and how often, such like that, exact same sort of thing.
Robert J. Marks: Interesting. I listened to the book American Kingpin (2017) about a guy who called himself “Dread Pirate Roberts.” He ran a website through Tor, which is a very private internet service, and they sold drugs. The government, I think through the DEA, went through and tracked all of the finances, because one of the people in the DEA bought some drugs from this guy and he knew where it went. And there all of a sudden he was able to determine all of the other places that this money came from. And they determined who it was, but they didn’t find the identity (until) after some shoe leather investigation where they had to go out and use normal intelligence. It’s just a fascinating book.
So they eventually found him through this process that we’re talking about, just like the FBI tallying all of these telephone calls.
How can hackers steal from the blockchain
Robert J. Marks: Blockchain hackers stole nearly $1.3 billion with 79 hack events, through the first quarter of 2022. And so in three months they were able to steal $1.3 billion. Reading deeper, though, it seems that the blockchain hackers took advantage of flaws in the project code, which I guess maybe in some ways was made public…
Adam Goad: Well, to comment on that theft first a bit: I’m, of course, not familiar with every case but a lot of times when people have the cryptocurrency stolen, it is because they fell for some kind of scam.
Robert J. Marks: They were kind of phished in a way?
Adam Goad: Yes, exactly. They personally gave out the secure key to someone, or they downloaded something onto their computer that was able to then trick them into doing something, or they submitted a transaction to something that was not what they thought it was.
A lot of what you might have found are known as “rug pulls.” Someone sets up a project, whether it be an NFT, a new coin, or a decentralized finance system. They tell everyone it’s the newest bestest thing. And they convince all these people to invest in it. But really all they’re going to do is take all the money everyone puts in and run away.
Robert J. Marks: I see. I like to pride myself on the fact I’m very hard to phish. But I have a bunch of websites and I ran them on a host called Bluehost. I got this email from Bluehost one time. It says, “You have too many files on the host server. You need to remove some. Click here to log in.” So I clicked there, it took me to the Bluehost page. I entered my name, I entered my password. Then I hit return and nothing happened. I was phished. What they had done is, they had taken an exact duplicate of the Bluehost site and they had replicated it. I was phished.
The next day all of my files had viruses and I had to contact somebody to scrub all my files and I moved them off Bluehost onto another server. And you think that you’re immune to phishing But man, I fell into that so easily. I guess I have to be less naive in the future.
I’ve heard is that (cryptocurrency) encryption is very difficult to break. That the only way that you can actually break it is through the weakness of the human element.
Adam Goad: I have not heard of any case where a cryptocurrency of any kind was hacked by breaking the encryption. I’ve only heard of cases where it was a human error that caused the flaw or something.
Next: The futurist finance world of flash loans and hypernodes
You may also wish to read: Why didn’t decentralized organizations work in the crypto world? DAOs broke down when people tried to make them interact with the outside world. Adam Goad tells Dr. Robert Marks, as soon as you get a human involved, that human can do something that the code is not telling it to do.
Note: If you want to read or listen to the first three episodes, you will find links to all parts at the bottom of this page.