When you have to perform the same stupid tedious complicated task every day, eventually you don't even notice how stupid, tedious, or complicated it really is.
Online #security is seriously hampered by the fact that a lot of the requirements put on users seem stupid, tedious, and initially also complicated.
In this article, Luis Lubeck and I look at ways in which security for users can be made more bearable, or even ... fun, dare I say.
☢️ 🦴 🎯 You should seriously consider if you want to be a successful #startup #founder!
Going into business is not for the faint of heart, and being prepared is important.
So is critically analyzing any and all advice you read or are given.
Reminder: just because someone has tens of thousands of followers and lots of positive comments doesn't mean they are automatically right or an expert.
And yes, that applies to me too.
Think before you act.
Well, that didn't take long.
A day after my previous video there was a Sybil attack on the XEN cryptocurrency. Except, the attack was really on an exchange - FTX, which offers free crypto withdrawals, and didn't check the maximum gas it allocates to this.
As a result someone found an arbitrage opportunity. Use smart contracts to spawn off lots of Ethereum addresses, deposit small amounts of ETH in the exchange, then withdraw and in the same transaction claim XEN crypto, with FTX paying for it. A day later, mint the XEN and immediately sell on a DEX.
More on that in this episode.
The last week has seen the XEN ERC20 token taking up the largest share of Ethereum transactions.
So why should a humble token with no defined utility or extra whistles and bells be achieving that?
The answer is that:
🆓 the token is free to mint (except for gas)
💰 there's no pre-mint,
📉 for an added dash of FOMO, the first people claiming it get the most,
🏦 it has staking (🚩),
with a lot of provisos and some untested tokenomics behind it.
In this video, I go through what XEN is, why it's different most of of the tokens out there, who is behind it, and how it implements a novel distribution mechanism.
I only spent a morning investigating the contract, looking into the main founder, and playing with some of the tests to see if I could engineer any attacks on the contract (I couldn't).
It's not a thorough audit, but it's more than most of the reporters out there commenting on this token will have done.
In summary, I'm cautiously optimistic about the safety of this token (but use a new address if you interact with it, just to be sure).
And as for whether it has legs?
No idea. I only give technical and sometimes sociological explanations, not financial advice.
Investors bring in money for P2E projects, but they expect to take out more in the long run. That includes most players, who typically expect to invest time to extract money.
So how is a P2E game supposed to build a proper revenue stream and become sustainable?
The P2E angle may be great initially for raising capital and attracting a particular type of user base, but in the long run you need more.
The obvious answer is to look at traditional game revenue strategies, of which there are three main ones:
1. charge per copy (or subscription)
2. in-game items
3. advertising or brand promotions
More on that in the episode.
What's the most important rule for play to earn games?
In the previous episode I talked about what could be called "the first law of P2E games", or perhaps "The fundamental theorem of P2E economics", but Mark Skinner pointed out to me that there is a more important one: The zeroth law of P2E games. And it doesn't just apply to P2E. What that is, is revealed in the episode.
It's so obvious a lot of people forget about it.
The problem with most P2E games is that they are not sustainable. Why would that be?
It turns out that the answer is very simple: the amount of value being put in by players over time is less than the amount the players want to take out.
More on that in the episode.
There are a number of myths about blockchains that keep getting repeated. For example, that proof-of-work is a "cryptographic puzzle", that blockchains "build trust", and the most insidious of all: that blockchains "are immutable".
In this episode, I explain why blockchains are not immutable. With the aid of not one, not two, but three examples.
Staking cryptocurrency assets can serve a purpose for projects - for example, raising liquidity for a decentralized exchange. And I approve of that kind of use, because it serves a purpose.
Unfortunately the use of staking in many projects amounts to nothing more than a complicated Ponzi scheme (and I don't use that phrase lightly).
I suspect that it is a decision that is often just not thought through - the project founders are enthusiastically deciding, "Hey, let's implement a DAO! And let's provide staking!" without considering the ramifications.
More on this in the episode.
This is the sound track to a video in which I define what a metaverse is through the use of a banana.
The banana is not a simile or a metaphor, it is an actually metaverse.
It won't make much sense in just audio, just as the metaverse is apparently going to be about more than sound. If you are fortunate enough to have vision, you can watch the video at https://youtu.be/PE5uE-gfxRQ
It's midsummer (or Juhannus as they call it) here in Finland at the moment, and although I enjoy the importance and the traditions of this time to the Finnish people, I am an outsider. I don't fully connect in the way they do.
And so I also find myself dispassionately analyzing it every year. It makes me think about how significant culture is to all the societies out there.
But the great thing about traditions and culture is that they can be changed for the better, because they're arbitrary.
The bad thing about them is that they can be abused to manipulate people.
And the amusing thing about them is ... well: 🧄
In this episode, I explain what the "ERC" in ERC-20 and ERC721 means, and then delve into the history of the term, all the way back to a couple of years after the summer of love, namely 1969.
Handling intellectual property rights continues to cause headaches in the NFT world - we've seen problems with the BAYC terms and conditions, Tiffany & Co.'s lawyer removing clauses from their NFTiff agreement on the fly as the community pointed out over-reaching license terms, and now upset in the Moonbirds community as the pixelated owl images are licensed under the CC0 license.
In this episode, I talk about the latter, and discuss why I think we're having problems.
It really boils down to two things:
- lack of understanding of intellectual property law by ordinary buyers of NFTs, and
- lawyers and the legal framework failing to catch up with a shift in the intellectual property landscape
The latter is more important, in my opinion.
Edited boiler-plate license agreements don't cut it in the NFT world, but that's what we're seeing.
When you start reading about self-sovereign identity and decentralization of credentials, and stuff like that, it starts to sound very complicated very quickly.
And yet, when I got my hands dirty and implemented decentralized identity and access management in the Orthoverse, it took less than a screenful of code to get the basics working.
In this episode, I talk about how IAM works in the centralized, the federated (i.e. outsourced centralized) and decentralized worlds, and as an added bonus, I talk about how NFTs could tie into this.
Which they already do in the Orthoverse.
If you want to join me in this metaverse/NFT experiment, get your Orthoverse land token at https://orthoverse.io for a few US dollars worth of ETH.
A few weeks ago the authorities in the US started clamping down on Tornado.Cash, a dApp for "mixing" cryptocurrency to hide its origins. Sometimes mixers are used for criminal reasons, and sometimes for personal privacy reasons, but that aside:
The incident clearly reveals a well-known flaw the the whole decentralized applications stack, namely the user interface in the form of websites.
In this episode I talk about how the underlying smart contract still works, but inexperience users (i.e. most of them) can't use it without that interface, and how decentralized websites may emerge to prevent interface censorship.
Ethereum has a royalty standard for NFTs, namely ERC-2981.
It's disappointingly simple.
The reason for that is because at the moment, smart contracts can't enforce royalties, they can only suggest them.
In this episode, I explain how ERC2981 works. Prepare to be underwhelmed.
If you're more into software development than anything else then, like me, your first reaction to the word "marketing" is probably going to be "yuck".
And your second to fourth words will be "Not for me."
Unfortunately, you're wrong.
Whether you're in a tech company, pushing an open source project out there, or presenting the world with your latest hobby activity, if you actually want people to pay attention, you're going to have to do some marketing.
In this episode, I explain why, and point out that it's not that hard to go from "rubbish marketing" to "kind of acceptable marketing". Because it takes very little to make the transition.
I continue to see a lot of confusion over the meaning of the term "decentralized" in the blockchain space.
In this episode, I talk about where I think that confusion comes from, and present a simple linguistic tool that you can use to actually ask meaningful questions and get sensible answers when it comes to the underlying issues.
Issues that are being badly addressed due to the inadequacies of language and a failure to dig deeper and actually understand what it is that you are asking when you say, "Is this blockchain project decentralized?"
I was asked last week, "what is the difference between a CBDC and USDC?"
I can see why some people might be confused - in the case of the United States' central bank, the Federal Reserve: their CBDC would be a "digital dollar", and USDC is a kind of "digital dollar" too.
In this episode, I explain the different in terms of the entities involved, their aims, and the potential impact on our lives.
I find the best way to understand what is going on in a given technology is to actually get my hands dirty and install, configure, and run the underlying software.
Last weekend I configured an Ethereum testnet node - the Göerli testnet to be precise - to examine what is involved in running all the client software and staking some ether (göETH in this case - I don't have $64000 dollars spare to try the mainnet).
In this episode, I talk about the various components required, and a bit about how they work and what they do: - the execution node, - the beacon chain node, and - the validator