Ethereum: The Story of Casper the Unfriendly Ghost!

A lot of the industry is treating this as new but it has been on the Ethereum team’s roadmap, including this post from Vlad back in 2015.  In plain English, Casper the Friendly Ghost as they call it is the roadmap and implementation that the Ethereum team is beginning to test.  It is the process of how they will switch their network from PoW (mining) to PoS (Proof of Stake).  I will admit I am not envious of how they will go about this task and it is a big job, but the implementation has me shaking my head.  Before anyone cries foul or FUD, I am speaking from an IT and business perspective because the security issues in the crypto world are puzzling to me.

A lot of the key features of this Casper protocol are for example how they plan to “penalize bad nodes” or nodes who misbehave, broadcast false/fake transactions/confirmations etc..  Why should this be possible in the first place?  No one should be able to run a node if they aren’t trustworthy but there is no basis on this elevated privilege in cryptocurrency networks like Ethereum.  Strangers off the street are being trusted to be honest and not mess with the network.  That’s not how business or the world works, nor is it how IT works if you want to stay safe and stay operating.

The craziest part that “has me shaking my head” is the fact that “Validator Nodes” which are essentially “bonded” by depositing at least 1500 ETH which the Ethereum network and team controls.  The onus is then on the node runner to secure the node, keep it running reliably, preventing DDOS attacks and risks that the actions of other nodes could cost you money.  Make no doubt about it, the team is clear you could lose some or all of your money through no fault of your own as a Validator Node.

But let’s back up here, this is an improvement over the current issues but is it solving anything?  At first mining worked to secure the network and stop centralization.  But here we are today where big players with big money and ASICs have centralized most cryptocurrencies, something that wasn’t supposed to happen.  It is clear the small players will hardly play any role in the network of Ethereum with this change to Casper.

Getting back to the security aspect.  What is to stop extremely wealthy people who don’t care about money or have more than enough money to run the majority of Validator Nodes?  Nothing stops them from losing all of their money and they don’t have to care about it if they could setup a one-time heist to fool enough users or even a single user for a single targeted transaction.  Massive bank-heist type frauds would be possible with collusion and owning enough Validator Nodes, and clearly only the wealthy could pull this off.  It would be immoral but not illegal and I would say the Casper system, with bonded node validators is enabling and encouraging it.

Casper is well-intentioned but to me it shows that the cryptocurrency world is far out of touch with basic norms of computing and IT security.  There has got to be a better way that prevents this in the first place.

Ethereum and virtually all coins are already centralized from the start.  This is and continues to be the case since the developers must be trusted whether you like it or not.  Why don’t some teams just centralize under a trustworthy community rather than depending on the honesty and integrity of strangers, or worse inviting only the wealthy to centralize and participate?

One coin I feel that meets my criteria for a secure, functional, fast and affordable coin for both users and business is from the anonymous Sonajin Team (or Team Satoshi 2.0 if I’m correct).    I believe the coin will revolutionize cryptocurrency and will be the best poised for mass adoption.  Naturally I’m going to add that I have bought into it and have a stake, both for my own interest but also with the expectation that it will be a historically smart choice to own some XSJ.

Bitcoin vs Bitcoin Cash

This has been one of the most controversial issues in cryptocurrency.  The Bitcoin Cash Hardfork emanates from this issue of what amounts to basically a setting in a config file.

The issue was real back then with Bitcoin only having a 1MB (megabyte) blocksize.  You would think 1MB could store a lot of transactions and this was fine until Bitcoin exploded and began to be used by millions worldwide (something not exactly expected or planned for by the original devs).  Bitcoin can only do 7 transactions per second which is way too slow and what was happening is that the entire block was already fully utilized as soon as it was mined.  It would be like your banks ATM or POS machine crashing before you could do a transaction.  In other words Bitcoin was overloaded and couldn’t keep up with the transactions that were being demanded causing slow processing that could take days to send some Bitcoin!

Some of the devs felt that this wasn’t an issue and wanted to keep things the same as Satoshi created them (with the 1MB blocksize). They felt Bitcoin was never meant to be used for payments such as a cup of coffee and that very slow transactions weren’t an issue.  They also voiced concerns that a larger blocksize would stop people from running full nodes and increase centralization since a larger blocksize requires more computing power.

The Bitcoin Cash team disagreed and did a hardfork which is essentially a copy and counterfeit of the original Bitcoin.   The only real change they made was the blocksize to 8MB which means faster and cheaper transactions than the original Bitcoin.

There were problems initially with potential reply attacks since to get this Bitcoin Cash you have to use your real Bitcoin wallet/private keys to receive it.  This meant that nefarious wallet creators could steal your coins from the real Bitcoin network if you didn’t move your original coins to another wallet first.  There is also the threat of a replay attack.  Replay attacks work on the fact that both chains are identical.  If you send a transaction on one chain, an attacker could see it and then broadcast the transaction on the other chain to their own address.

This is one big reason I don’t like hardforks aside from the confusion, scams and devaluation, it’s one more huge problem to have a reply attack.

These issues are why I believe hardforks shouldn’t be possible.  If it means the blockchain is not 100% open source and permissionless then this is acceptable.  Open Source is currently what makes most currencies vulnerable.  Let’s take it back to the secure, traditional IT methods of a secure server vs client model (where the secure server should be Bitcoin or whatever currency we are talking about).

My money is on the real Bitcoin.  Bitcoin Cash could have been interesting if they did more than just increase the blocksize and didn’t copy the blockchain.  I pick the original Bitcoin for the long run.

Cloud VPS Server Comparison by Techrich

Recently a friend asked me to compare ourselves to other large Cloud providers.  It didn’t take me long to think about it, considering essentially Techrich and Compevo architecture are identical. This wasn’t by accident, but by my own principles on how an IT company should function.  Since designing what is now known as the “Super High Performance Cloud Architecture” back in 2009. I knew I wanted Techrich to be smart on security, strict on reliability, and strong on IT protocols.

This infographic probably says it the best but I’ll do my best to explain it as well (explanation below the infographic).

Techrich Cloud VPS Server Hosting Comparison

In a nutshell most of the other Cloud architectures out there rely heavily on a shared storage pool for their VPS’s. We don’t do this.

Some companies have even gone down completely when one of their “main shared storage nodes” was hacked or had a hardware failure.

The problem with shared storage nodes/SANs (Storage Area Networks)

The problem with this architecture is that multiple physical hostnodes rely on a single point of failure for storage.  Not only that, but you can imagine the performance issues that shared network bandwidth cause when multiple hostnodes are competing for the same disk IO resources from a single shared node.

Now I know some companies have redundant shared storage but this is not good enough for both performance, security and reliability reasons.

The Techrich way of doing things is that we have tons of individual nodes that are active/failover.  This eliminates the possibility that a shared storage fault could take offline multiple hostnodes.

In our architecture we have Cloud in a 1-to-1 structure, that means data is live replicated to a standby server which does nothing but wait in case the main server fails or has an issue.

By doing this the performance is also higher, since storage is all local, you get the benefit of Cloud architecture but none of the high risks or performance issues that traditional “shared storage” Cloud brings you.

That’s the Techrich advantage and why we developed our own proprietary and hybrid system to accomplish this.  To date we’ve never been hacked or had any downtime and this is because of the architecture we’ve pursued while sparing no expense in delivering what we feel is the best product.  This is what I’d recommend all of my colleagues and friends to do if they went Cloud.  If they were going to use a shared storage cloud I’d recommend that they just make their own with a few dedicated servers or even a single dedicated server can sometimes be better, more affordable and reliable in the long-run.

When these large Cloud companies like Amazon and Alibaba started out, we did wonder would we lose out to customers who valued price over quality, security and reliability?  We were shocked when the opposite ended up happening- there was a sudden rush of sign ups, and not only that, we had to order a ton of extra servers to keep up with the demand.  I had my IT support staff double and working overtime to meet the crazy rush. It was a good problem to have, but it forced me to grow a lot faster than predicted.

In fact we’ve now noticed a trend that the bottom feeders (scammers, hackers, spammers) have gone to the cheap Cloud companies and a lot of larger players have moved to us.  This is in part, because companies who are more tech and privacy orientated who don’t want to be in a PRISM country or be at risk of the NSA being given access to their sensitive, private and proprietary business/ client information  (which is mandated for large-Cloud providers operating out of any PRISM country), so they moved to us and remain with us.

Now we get clients who even run small or middle scale businesses who have found us and switched to us simply because they do not want to be on something as risky as Amazon or Alibaba. I guess you could call Techrich and Compevo, the original IT business security company. And I plan to keep it that way.