forked from cheng/wallet
4721988d95
added a link to it from socil networking
362 lines
18 KiB
Markdown
362 lines
18 KiB
Markdown
---
|
||
title: >-
|
||
Let’s eat SWIFT's lunch.
|
||
sidebar: true
|
||
notmine: false
|
||
abstract: >-
|
||
SWIFT transactions are slow, expensive, and unreliable. And there are a lot of them,
|
||
a mountain of money to be made. SWIFT is being weaponized and shooting itself in the feet.
|
||
Everyone wants to move into the vacuum that has opened up,
|
||
but what moves into the vacuum will be Bitcoin,
|
||
*if* we can handle the scaling problem.
|
||
|
||
SWIFT merely provides an infrastructure for exchanging messages.
|
||
Double spends are resolved by databases of the entities receiving the messages.
|
||
The grotesque profits are made by the banks that use it.
|
||
And the profits for its crypto currency replacement are going to be made
|
||
by the cexs, dexes, daos and wallets that use it.
|
||
With a lions share of the profits made by first dao of the first dex,
|
||
because of first mover advantage.
|
||
|
||
A replacement of SWIFT will not make money.
|
||
It will be a neutral environment in which people can make money.
|
||
So the replacement needs to be funded by software bounties.
|
||
---
|
||
|
||
# Opportunity.
|
||
|
||
People are spending an enormous amount of money on SWIFT transfers.
|
||
How much is hard to know, because the profits are made by the participant banks,
|
||
not by SWIFT, which is a neutral platform and neutral protocol,
|
||
that does not in itself transfer any money, but enables transfers,
|
||
but something in the ballpark of a billion dollars a day.
|
||
If people who create the infrastructure that repaces SWIFT can
|
||
capture a tiny sliver of that, they all get very rich.
|
||
|
||
Incoming international wire transfer fees may range from $10–$30,
|
||
while outgoing fees can be up to $50 or more.
|
||
SWIFT reported an average of 42 million payments and securities transactions per day in 2022,
|
||
indicating a about a billion dollars a day in fees.
|
||
|
||
The World Bank estimates that the average cost of an international bank transfer
|
||
is around 6% of the amount transferred,
|
||
which also indicates about a billion dollars a day in fees.
|
||
|
||
It is difficult for Bitcoin to replace gold as a store of value because of Metcalfe's law.
|
||
Central banks keep gold and do not keep bitcoin,
|
||
because all the other central banks keep gold and do not keep bitcoin.
|
||
If Bitcoin level two replaces SWIFT, then the central banks will need bitcoin,
|
||
and soon enough bitcoin will replace gold.
|
||
This will raise the market cap of Bitcoin to something like ten times its current value,
|
||
but that is small potatoes compared to capturing a tiny sliver of SWIFT fees.
|
||
|
||
# Outline of what needs to exist.
|
||
|
||
SWIFT is a messaging system that handles about five hundred standardized structured messages per second
|
||
(many messages of many types) between a few hundred banks, with certain special security guarantees,
|
||
in particular reliable and provable delivery. To eat SWIFT's lunch,
|
||
need a sharded total order broadcast channel with open entry, without centralization.
|
||
|
||
I am using “total order broadcast channel” in the cryptographic sense.
|
||
It will not be reliable in the ordinary sense, since you may attempt to put a message on it,
|
||
and the message may not get on it, and you have to try again.
|
||
It will not be broadcast in the ordinary sense,
|
||
since most messages are end to end encrypted so that only the two parties can read them.
|
||
What makes it a total order broadcast channel in the cryptographic sense,
|
||
is that if Bob sends a message to Carol over it,
|
||
as part of a protocol where Bob has to send a message,
|
||
and Carol has to send a reply, then if the protocol fails because of Bob, Carol can prove it,
|
||
and if the protocol fails because of Carol, Bob can prove it.
|
||
And both can prove what messages they received,
|
||
and what messages they sent that the counterparty should have received.
|
||
|
||
This more or less corresponds to the Celestia blockchain --
|
||
atomic broadcast and data availability without a massively
|
||
replicated state machine. Transactions being somehow achieved somewhere else.
|
||
|
||
Celestia is an Ethereum data availability layer, which is in some respects the
|
||
opposite of what we want to achieve -- we want a privacy layer so that people
|
||
can communicate and transact without revealing network addresses where valuable
|
||
secrets that could be stolen reside, but the underlying technological problems
|
||
that need to be solved are the same.
|
||
|
||
Celestia uses erasure coding to achieve scaling.
|
||
|
||
Being sharded, can handle unlimited volume.
|
||
And once that exists as a neutral protocol with open entry and no central control,
|
||
can put dexes on it, daos on it,
|
||
uncensored social media on it, web 3.0 on it, and coins on it.
|
||
|
||
And the first thing that should go on it is a dex that can exchange
|
||
Bitcoin, Liquid Bitcoin, Liquid Tether, Lightning, and Liquid Lightning.
|
||
And the next thing that should go on is the Aqua wallet.
|
||
But it needs to be a neutral open protocol, not owned by anyone,
|
||
and especially not owned by Blockstream.
|
||
Because Blockstream will gain value by being able to send or receive
|
||
a money bearing message to anyone.
|
||
|
||
At present each dex has its own messaging platform that does not talk to any of the others.
|
||
Bisq has a custom platform that runs on Tor, while Particl uses a fork of Bitmessage.
|
||
And each platform lacks some of the features a dex needs,
|
||
for which the dao of each dex has ad-hoc workarounds requiring frequent human intervention,
|
||
such as Bisq's painfully slow and unreliable mediation and arbitration system, which most
|
||
of the time winds up resolving issues that computers can and should solve automatically.
|
||
|
||
If one party goes down and stays down in the middle of a Bisq transaction, it gets
|
||
resolved by humans to the disadvantage of the unresponsive party, a simple rule
|
||
that machines should execute automatically.
|
||
|
||
Such a channel needs a distributed consensus as to what messages went on it.
|
||
Consensus is a hard problem, that gets a whole lot harder when you have sharding.
|
||
But a whole lot easier when the platform does not have to resolve double spends,
|
||
but merely provide a total order that enables other systems to
|
||
communicate about their resolution.
|
||
|
||
In existing dex communication platforms messages have value because of their relationship to other blockchains,
|
||
and it is those other blockchains that resolve double spends.
|
||
This is the equivalent of the way SWIFT does it.
|
||
|
||
And Bob can prove it even if his message is supposed to appear on one shard,
|
||
and Carol’s response on a different shard
|
||
|
||
Because SWIFT does not carry money, sharding its cryptocurrency equivalent
|
||
is a much easier problem than sharding a blockchain.
|
||
If two incompatible messages are sent over Swift,
|
||
the equivalent of a double spend on Bitcoin, the conflict is resolved outside of Swift,
|
||
and then messages resolving the conflict are sent within Swift.
|
||
|
||
# Scaling
|
||
|
||
Bitcoin hit its scaling limit in 2016-2017. Lightning still has capacity,
|
||
but high level one fees have ended growth in the number of lightning channels,
|
||
so it is going to hit its scaling limit soon.
|
||
And we are very soon going to be facing vastly increased demand for transactions.
|
||
|
||
Blockstream’s plan is to use the layer two bitcoin blockchain,
|
||
Liquid, to take over from SWIFT. Liquid can handle a lot of transactions per second,
|
||
but to really take over from Swift, we are going to be taking Visa’s role in international transaction,
|
||
and that will need Liquid Lightning, a layer three.
|
||
Which theoretically exists, but has no useful consumer wallet and has no useful Liquid lightning network,
|
||
because its command line wallet is only barely usable by a Linux guru
|
||
who is running exactly the right version of Linux.
|
||
Which is OK, if you have half a dozen Linux systems running on
|
||
your private network and several shelves full of computers
|
||
with no keyboards or video screens running in your basement,
|
||
which you interact with over ssh and xrdp.
|
||
|
||
The collapse of SWIFT is happening now, and Blockstream’s replacement for it is happening now.
|
||
The internal collapse of the US$ is a few years off,
|
||
and we need to have crypto currency ready to replace it.
|
||
And I don’t think that even liquid lightning Bitcoin can handle that.
|
||
Going to need recursive snarks with snark based sharding.
|
||
BitcoinOS are addressing that. When last I looked their solution was far from ready,
|
||
but it does not yet urgently need to be ready.
|
||
|
||
To take over from SWIFT, lightning is unlikely to suffice.
|
||
Going to need Liquid. Since Liquid uses polynomial commits, it
|
||
might be possible to shard it, but the path to that is unclear,
|
||
in which case replacing SWIFT is going to need to need Liquid Lightning.
|
||
|
||
For Liquid Lightning to be any use, going to need more than Boltz
|
||
for exchange between lightning and liquid lightning.
|
||
Third parties will not want to build on a network wholly owned by a single party,
|
||
for fear that once that party gets Metcalfe law network lockin,
|
||
it will, like SWIFT, enshitify the network, as so many beneficiaries of Metcalfe's law have done.
|
||
To replace SWIFT will need liquid lightning, and liquid lightning
|
||
will need to be exchangeable on a dex,
|
||
a dex on which Boltz may well be the largest single liquidity provider,
|
||
but only one liquidity provider of many.
|
||
|
||
To take over from Visa in international transactions,
|
||
Lightning and Liquid are unlikely to suffice, due to scaling limits,
|
||
going need Liquid Lightning, which theoretically exists, but not really.
|
||
|
||
To take over in internal transactions when the US$ collapses,
|
||
Liquid Lightning is unlikely to suffice. Going to need recursive snarks,
|
||
which allow a sharded blockchain. Bitsnark's plan is
|
||
[Grail](https://assets-global.website-files.com/661e3b1622f7c56970b07a4c/662a7a89ce097389c876db57_BitSNARK__Grail.pdf),
|
||
a bridge between level one Bitcoin and a shardable level two bitcoin based on recursive snarks.
|
||
|
||
# Existing messaging systems
|
||
|
||
Every interchange blockchain bridge and every dex has its own ad hoc,
|
||
incomplete, and unsatisfactory messaging system,
|
||
and the design for this swift killer was primarily motivated by
|
||
the messaging systems of Particl and Bisq, and in particular by
|
||
Particl's adoption of Bitmessage for its purpose.
|
||
If there was something much better, and more scalable, than Bitmessage, everyone could use it.
|
||
So the first step is to create a better, and more blockchain friendly, Bitmessage.
|
||
|
||
We need something like Particl to enable a dex that exchanges
|
||
bitcoin, lightning, liquid bitcoin, liquid tether, liquid lightning bitcoin,
|
||
and liquid lightning tether,
|
||
for SWIFT is a nexus of third parties and third parties are not going to build on a cex.
|
||
A major reason that Particl is not very satisfactory is that Bitmessage is not very satisfactory.
|
||
|
||
# Plan
|
||
|
||
For a dex, one needs a a social net that
|
||
allows end to end encrypted conversations and allows
|
||
pseudonymous identities to conceal their network address, since if
|
||
one is doing trades of blockchain currencies on
|
||
a dex, exchanging one crypto currency for another,
|
||
one has make public offers without revealing the network
|
||
address of a computer that could be stolen, or
|
||
a person who could be subjected to rubber hose cryptography, and
|
||
engage in securely private human to human conversations
|
||
about the resulting transactions, also without revealing one's
|
||
network address.
|
||
|
||
For liquid lightning to work, needs an exchange between level one
|
||
lightning, liquid lightning,
|
||
tether lightning, bitcoin, liquid bitcoin, and tether.
|
||
|
||
And the early adopters are not going to get aboard if the wallet is
|
||
locked to a cex, locked to Boltz, fearing
|
||
that once Boltz gets Metcalfe's law on its side, it is going to
|
||
enshitify the network.
|
||
|
||
Early adopters will want a dex, on which Blockz happens to be the
|
||
major, but entirely replaceable, supplier
|
||
of liquidity, so that if it turns evil, as corporations that have a
|
||
Metcalfe's law lockin tend to do, the
|
||
dex will become dominated by less evil alternatives.
|
||
|
||
And a dex, a dex that exists for the perfectly respectable purpose
|
||
of exchanging level one bitcoin
|
||
for level two (lightning, grail, and liquid) bitcoin, tether, and level
|
||
three (liquid lightning) bitcoin needs a
|
||
privacy social net.
|
||
|
||
For a liquid lightning network to exist, needs a dex, the dex needs
|
||
to have a privacy social net. But that would make the dex just one little
|
||
island.
|
||
|
||
Rather the dex needs to be *in* a privacy social net, which can have
|
||
many dexs
|
||
|
||
To handle swift volumes, we need a liquid lightning network to
|
||
exist, for it to exist there has to be
|
||
a liquid lightning dex that mediates the exchange of liquid lightning for
|
||
other crypto currencies,, and such a dex needs a mechanism for communicating
|
||
publicly and privately without revealing one's network address.
|
||
|
||
Therefore, need a privacy protocol that is an update to bitmessage,
|
||
with additional capability of zooko names and total order broadcast, reliable in the cryptographic sense.
|
||
|
||
This messaging functionality is the crypto currency equivalent of that provided by SWIFT to the banks.
|
||
|
||
A total order broadcast in the cryptographic sense being that if one has
|
||
a transaction protocol in which Bob is supposed
|
||
to send a message to Carol, and Carol supposed to send a
|
||
corresponding response to Bob, the blockchain
|
||
can prove who dropped the ball -- so one can have contracts on the
|
||
blockchain that have one outcome if Bob failed to
|
||
send the message, and a different outcome if Carol failed to reply.
|
||
|
||
This makes possible a whole lot of useful dex capabilities, which do
|
||
not yet exist on any dex, but could and should.and Particl lack.
|
||
|
||
# The big problem
|
||
|
||
The urgent important problem that crypto currency has to solve is privacy and scaling.
|
||
|
||
But cannot solve it just by creating a currency that is private and scales,
|
||
because scaling is not a competitive advantage over ten thousand scamcoins,
|
||
five thousand shitcoins, and two dozen altcoins,
|
||
until you reach a market capitalization of thirty billion dollars,
|
||
which is when scaling started to bite bitcoin in 2016-2017, and privacy alone
|
||
is not an advantage over Monaro, Litecoin, ZCash, and Grin.
|
||
|
||
Further, all the recursive snark libraries are bleeding edge and rough around the edges.
|
||
|
||
So, the path is to create a privacy social net tool first.
|
||
A tool where you can securely have public and private conversations
|
||
without your IP being discoverable. Bitmessage done right.
|
||
|
||
A Dao that facilitates stuff done with crypto currency,
|
||
such as Bisq and Particl, needs such a social tool,
|
||
and what they have is rather broken.
|
||
|
||
A Dao can organize over such a tool in ways that flagrantly fail the Howey test.
|
||
Which is to say, it can openly organise in a way that is
|
||
efficient and transparent to investors, a sovereign corporation,
|
||
while existing daos are dancing around the Howey test,
|
||
and so are opaque and disorderly.
|
||
|
||
So, create, not a crypto currency, not a dao, but an environment for such daos.
|
||
Among them daos for trading crypto currency.
|
||
A dao that facilitates crypto currency transactions needs a trade currency
|
||
and dao ownership currency (substitute for shares).
|
||
These are apt to be one and the same, to obfuscate the Howey test,
|
||
but they need not be and probably should not be.
|
||
|
||
There are a whole lot of capabilities that a crypto coin needs
|
||
-- and we see that even in things that are well funded by many large corporations,
|
||
these things are generally missing.
|
||
|
||
Blockstream does not have a satisfactory lightning wallet,
|
||
and their business plan depends on the existence of a satisfactory lightning wallet.
|
||
Litecoin has demonstrated atomic exchange between
|
||
Bitcoin, bitcoin lightning, Litecoin, and Litecoin lightning,
|
||
but does not have a dao in which to do it. Particl is not quite working,
|
||
and Bisq lacks important things and still, after all these years,
|
||
has known major bugs which can cause the loss of lots of money.
|
||
|
||
Blockstream's aqua is sort of a lightning wallet, and sort of not.
|
||
It is not quite what they need, and lack. And very few people are using it.
|
||
It is not really a proper connection to the lightning network.
|
||
It is what they could come up with in a hurry.
|
||
|
||
This stuff is hard and takes a long time to write.
|
||
|
||
My initial business plan was: Plan A: Issue a private and scalable currency --> ????? --> profit
|
||
|
||
Revised business plan. Plan B: Issue a privacy social net that conceals IP addresses.
|
||
Bitmessage does this OK, but it is abandonware and mighty rough around the edges,
|
||
and being written in python, really cannot be fixed.
|
||
Large python projects accumulate such technical debt that only the original programmer
|
||
can fix them, and become ever more fragile to minor,
|
||
obscure, and seemingly irrelevant changes in their environment.
|
||
|
||
An important use case for Bitmessage was selling services for crypto currency
|
||
to people who did not want to reveal their IP address.
|
||
This use case becomes a lot more convenient if we can lift crypto transactions on existing privacy currencies
|
||
(Litecoin and Monaro) and semi secure currencies (lightning) into the communication channel,
|
||
as Nostr does a sort of mostly OK job of lifting lightning
|
||
into the communication channel.
|
||
First such use, following the footsteps of Nostr tips.
|
||
|
||
Get existing Daos to use it
|
||
|
||
Get new Daos to use it. A Dao that wants to openly organise in an efficient manner transparent
|
||
to investors (which is to say in violation of the Howey test) is going to want a very private privacy blockchain on which to issue its shares. Such a dao
|
||
(a sovereign corporation) will
|
||
want to organise over a privacy social net, and its shares to be a privacy coin.
|
||
|
||
And now, it is back to plan A. (almost) A privacy blockchain
|
||
on which anyone can issue a daocoin. Or a shitcoin or scamcoin.
|
||
|
||
But the privacy blockchain does not need to be fully scalable.
|
||
It does, however need to be future compatible with the technologies
|
||
that make full scalability possible. But we delay in the hope that by currency time,
|
||
recursive snarks libraries do not have quite so many rough edges
|
||
|
||
The size of this project is illustrated by how many other big well funded
|
||
projects need some key element of this project, and do not have it.
|
||
|
||
The core of my plan has always been Web 3.0, a privacy social net,
|
||
and everything else is just monetization,
|
||
because software never gets done properly
|
||
or properly maintained without someone making money off it.
|
||
|
||
And I look at all these people doing Web 3.0 stuff,
|
||
or doing projects like particl that really require Web 3.0,
|
||
and they are not done.
|
||
|
||
And so, all the larger moving parts that have to be part of the
|
||
ultimate coin, have to be part of something that has more immediate
|
||
utility, and is part of a business plan that will bring the project
|
||
closer to completion, and product of that completion closer to
|
||
getting past the cold start problem.
|