Category: Financial talks at dinner table

Categories
Financial talks at dinner table Life insurance

A Family Conversation on Life Insurance

The Takeaways:

  1. Only half (50%) of the US population owned life insurance policies in 2022, down from 63% in 2011.
  2. The good news is that the “ownership gap” (between people who believe they should have a policy and people who actually own one, sometimes known as “Need-to-Have” gap) for life insurance is smaller (at 18%) than property insurance (up to 54%). The bad news is the gap has been increasing recently.
  3. There are two fundamental types of life insurance: Permanent vs Term. A term life policy is for temporary coverage over a predetermined length of time, typically no more than 30 years, while a permanent policy covers policyholder’s entire lifetime ending in death.
  4. All term life policies only cover death benefit with zero cash value regardless of the length of term, while all permanent life policies accumulate cash value to be used for policyholders before death. Term life policies are much cheaper to begin with, but they all have a specific “expiration date,” after which your premium payment is completely gone if you are still alive. Permanent life policies do not expire and the money you saved will be there — for you or your loved ones.
  5. For policyholders, the most important “must know” concepts are living- versus death-benefits. The former is designed for policyholders’ own welfare before death, while the latter for the named beneficiaries.
  6. For a long time in the past, life insurance has been largely driven by “altruistic” death benefit in the sense that only proven (or presumed) death of the policyholder triggers benefit distribution. However, annuities for guaranteed post-retirement income, critical care insurance for acute illnesses and long term care for chronic illnesses, these have changed the game profoundly.

Last time the Kingstons talked about inflation and central banks in relation to decentralized finance or DeFi. Today they decided to talk about something more practical and mundane: Life insurance.

Lily: Yesterday we talked about inflation and local reservoirs for holding the flood of money directly from central banks. Kim mentioned household savings as the terminal end of reservoirs, and I talked about life insurance policies as an alternative to household savings. Can we talk more about life insurance today? Part of my job involves marketing life insurance.

Kimberley: That sounds interesting, unless Mom and Dad had something else in mind.

Joy: Insurance is fine with me, especially life insurance, as many people bought auto insurance because the law says they must, but I assume life insurance is not as popular as auto insurance.

Lily: I’m glad you mentioned that. My company invited a knowledgeable speaker from a top life insurance company to educate us last week, and everyone feels they are gaining a lot. The speaker made frequent referral to this website called bestliferates.org during his presentation. Check that site out if you are interested. The only thing is that it covers data up until 2020, not the latest. Anyway, in 2020, only about 54% Americans had life insurance.

Kimberly: So barely over half the people are covered by life insurance in this country.

Lily: Yeah. That 54% is called the rate of “market penetration” for life insurance. Here is the bad news: Over the past decade the penetration rate has been moving downward, meaning fewer and fewer Americans have life insurance coverage today than before. In 2011, for example, 63% Americans had life insurance, but only 54% did in 2020, almost a 10% decrease.

Jason: I wish we knew more recent figures, like from last year.

Lily: We do, actually. This website called Statistica.com tells us that in 2022, based on the LIMRA, which stands for Life Insurance Marketing and Research Association, and Life Happens’ 2022 Insurance Barometer study, the penetration rate was 50%, 4% lower than 2020.

Joy: Hmm. Did the speaker explain why the penetration rate is down?

Lily: He did — at least partially. He talked about insurance “ownership gap” or “need gap,” which is the difference between how many people believe they need life insurance and those who actually own one. Sometimes it’s called the “Need-to-Have” gap. So if 50 out of 100 people believe they need life insurance but only 30 of the 50 actually own a life policy, that gap is 50% – 30% = 20%, meaning life insurance companies have a big job to do to get that 20% to buy life policies.

Jason: Wait, what is a “life policy?” Isn’t a “policy” a rule or regulation like “No gun in school” policy or no racial discrimination policy?

Lily: I don’t know why an insurance contract is called “policy” or “plan.” If I must guess, it may have something to do with the “contract of adhesion,” meaning in an insurance contract only one party, usually the “insurer” or insurance company, fixes the terms of the contract and the other party, usually the “insured” or policyholder, must accept or reject it. So this is like government or authorities make policy and citizens must obey it.

Kimberly: Back to the ownership gap, I just want to make sure I get it. You said if 50 out of 100 people wanted life insurance but only 30 had it, the ownership gap is 20%. Now, let’s say 45, not 30, of the 50 people had a life policy, the ownership gap would be only 5%, right?

Lily: Right. The good news is that compared with property insurance, life insurance has a smaller ownership gap, meaning more people who want a life policy will get one. I remember reading somewhere that says the ownership gap was huge in properties insurance when we look at property losses from natural disasters. We are talking about trillions of dollars there.

Greg: You are right. The most reliable source for that is reinsurance companies, you know, those provide insurance for insurers, or “insurer of the insurers.” I read …

Jason: So why do we need reinsurance companies if we already have insurance firms?

Greg: Well, it’s a way to control or rather to transfer risk for each insurance company. Think of why we buy insurance. We buy a policy because in case something happens to our home, our auto, our health, our income, or our capability to live a normal life, what can we do about it?  

Jason: Not much. We just hope bad things don’t happen to us.

Greg: This is a common mindset but seriously, there are several common strategies in handling risks. One is avoiding, meaning if driving is risky of traffic accident, we don’t driving at all. Another is risk retention, meaning we simply accept the risk and swallow the consequences.

Jason: These are not insurance, right?

Greg: No, of course not. If everybody is avoiding and accepting risks, there is no business doing insurance. The idea behind insurance is transferring risk, not avoiding, not accepting. Insurance is basically a deal or a contract between insured and insurer, the insured won’t take the risk by themselves because it’s too much for them to take. So they pay the premium money to an insurer and ask them to take the risk for them, in the sense that insurer will pay money to the insured to cover their losses when bad things do happen.

Kimberly: So in that case, insurers need reinsurance just like we ordinary people need insurer?

Greg: Exactly. That’s why reinsurance is called “insurance for insurance companies,” or a contract between a reinsurer and an insurer. Just like we pay premiums to insurers, an insurer also pay premiums to the reinsurer. Anyway, back to the ownership gap in the property insurance world as I was saying, there is a study by Swiss Re, one of the largest reinsurance firms, that says only 45% of global economic losses from natural disaster were covered by insurance in 2022. That means 55% were not insured, which is a shockingly large number.

Kimberly: 55% is for the world, perhaps the US is lower?

Lily: Not necessarily. I remember reading an interesting article on AP news that says our country is Earth’s “punching bag” for nasty weather because of the unique geography. We are hit “by stronger, costlier, more varied and frequent extreme weather than anywhere on the planet.” We also have the two oceans of Atlantic and Pacific, plus “the Gulf of Mexico, the Rocky Mountains, jutting peninsulas like Florida, clashing storm fronts and the jet stream combine to naturally brew the nastiest of weather.”

Kimberly: Interesting! Now, if we take 55% as the ownership gap for property insurance, what is the ownership gap for life insurance?

Lily: Much better actually. The highest life insurance ownership gap came in 2020 at 16% if I remember it correctly. Jason, could you go to the website “bestliferates.org” please? I want to cite numbers there.

Jason: I just found it. Which numbers are you looking for?

Lily: Search for the words “ownership gap” please.

Jason: Sure. It says in 2011 the ownership gap was 7%. The lowest gap was only 3% in 2013, while the highest, like you said, came in 2020 at 16%. But wait, here is another website called Moneygeek.com that has newer figures. In 2022, 50% of Americans had life insurance like you mentioned earlier, but 68% believed they needed life insurance coverage, so the ownership gap is 18%, 2% higher than in 2020.    

Joy: Hmm, I was gonna say that the pandemic finally woke people up for life insurance, but I guess that hasn’t been translated into real ownership figure. Instead of reducing the ownership gap, it increases it.

Lily: That seems to be the case. Life insurers really need to do a better job for reducing that ownership gap to a single digit.

Jason: The same website, I mean “Moneygeek.com,” also tells us that of the 50% owning a life policy, 59% bought on their own, while 23% received a policy from employers. The remaining 18% had life coverage from both sources.

Kimberly: Maybe it makes sense to add that 59% and 18% together: These are the people who actively bought life policies on their own, which is 77% or nearly 80%. The other 23% perhaps don’t count as much because they were given a policy by employers or someone else. After they retire or leave the job, they may or may not have life insurance.

Lily: You are right. Employer provided life policies are a part of employment benefit and are almost always group life policies. Many group life policies automatically terminate once the employee leaves the job. Some companies may offer “portable” policies that continue to cover you after retirement but that’s rare and there is no guarantee. Therefore, if a life policy was given by the employer, the person may not continue after retirement.

Jason: Wait, what is group life insurance?

Joy: It’s a type of insurance offered by employers or organizations to employees or members. There is a single “master” contract between the employer and the insurer, but covers everyone or at least full time members for the employer. Each employee or member receives a certificate of coverage. Because of its coverage to many people, its price is usually lower. This is just like buying stuff from Costco, when many shoppers buy in bulk from the same place the price goes down.

Greg: I wonder whether we should completely ignore group life policyholders. The way I understand it, employer-sponsored group life insurance comes in two types: Basic and Supplemental. Basic group life insurance is a policy offered as an employee’s benefit, typically free or highly affordable. In addition, they are often guaranteed issues, meaning you will qualify regardless of your age or medical history.

Kimberly: That makes sense: If someone is still working, they can’t be too old nor too sick. But why would anyone buy supplemental policy if they have the basic policy?

Joy: Because a basic life policy is what its name says: Basic, in the sense that it only provide basic or barebone coverage. I remember reading an article on Forbes Advisor that says the basic policy typically pays the amount that’s equal to one year’s salary, or a lump sum that is, depending on the employers,  typically only around $25,000 according to a survey of compensation. That’s not enough for many if not most people.

Kimberly: So people buy additional supplemental policy to get more coverage for themselves or for someone else?

Joy: Both. They can choose to add additional coverage for themselves, or they can buy additional coverage for spouses and children. It is also called voluntary life insurance and typically bought from the workplace. You obviously need to have basic insurance before you buy supplemental. According to the article by nerdwallet.com, “Maximums typically hover around $500,000 but can reach into the millions of dollars. In some cases, managers or high-level executives have access to higher amounts than rank-and-file employees.”

Kimberly: Basic policies are guaranteed issue, how about the supplemental policy?

Joy: Generally no. At the minimum, health questions or even a life insurance medical exam may be needed. Employees usually will have to buy it with their own money, although for spouse or child the prices are generally cheap.

Kimberly: You talked about having a master contract for the entire group of employees. How does the employer sponsored group life insurance work?

Lily: Most group life are term life policies, sometimes you need to renew it every year, called Yearly Renewable Term or YRT. Other times term life policies last longer, ranging from 5 to 30 years. The most popular term is 20 years, followed by 10 year and then 30 years, according to an insurance survey report. Regardless of the length of the term, it’s still term, meaning there is an “expiration” day when the term is over. In general, all term life policies are cheaper than permanent life, meaning you pay lower premium. A group term life policy covers many people, so it’s even cheaper than individual life policy.  

Jason: Other than being cheaper, is there any other difference between term- and permanent-life insurance?

Lily: The most obvious difference is that term life provides temporary or limited time protection while permanent life is “permanent,” meaning the coverage is there for the entire life of the policyholder.

Kimberly: Do they really mean that? What if someone lives to the age of 100? Will her permanent life insurance policy still cover her?

Joy: I’m glad you asked. I was reading this article of Forbes Advisor. It says, “many forms of permanent life insurance issued prior to 2004 have maturing dates of 100,” meaning even a permanent life insurance will expire before death. What is bad is that “the policyholder (and their heirs) get nothing, despite decades of paying into the policy.”

Kimberly: That IS terrible. Are they still doing that?

Joy: Not according to the Forbes article, which tells us that in 2018, there were 94,000 “Centenarians” according to the Census Bureau, meaning people who lives past 100. I won’t be surprised if we now have 100,000 centenarians in this country.

Jason: So how do they fix the expiration problem?

Joy: Interestingly they did it in a scientifical way in 2004 using the so called “mortality table.” If you don’t know, mortality table, which is also called life table or actuarial table, is a statistical table that lists the rate of deaths by ages, or more accurately the probability of death over ages. This table is used not just by insurance but also governmental agencies like the Social Security Admin. For example, when you are before your first birthday in the US, your death probability is 0.005837. But when you are 119 year old, you have a death probability of 0.972793, which is close to certainty. Previously the maximum was 100, but after 2004 it is 121 year old.

Kimberly: The new mortality table would offer extended coverage but what about those who bought the policy much early, before 2004?

Joy: Good question. The answer is provided in the same Forbes article: “Many insurers, in addition to updating their mortality tables beyond age 100, have added a Maturity Extension Rider (MER) to existing policies issued long ago to extend their coverage.” In other words, even though the old mortality table did not have anything above 100, the old policyholders will still be covered by a rider or extension.

Lily: We’ve been talking about permanent life policies and now I want to go back to comparing term and permanent policies. The difference is not absolute because once the term expires when the policyholder is still alive, she can (1) renew or extend it for another term; (2) convert to a permanent policy, or (3) stop the contract altogether. In that case the person loses life insurance, which is not recommended.  

Joy: The key difference I believe is that a term life policy gives no value to a policyholder, because it is all about death benefits, meaning the insurance firms pay the beneficiaries money when the policyholder is dead before the term is over. That death benefit is guaranteed. Let’s say you bought a 20-year term life policy and 20 years later if you are still alive, you get nothing back from the policy — unless you switch to a permanent life policy or extend it to another 10 years.

Greg: This is why they say term life is a “using it or losing it” policy. The insurance company that sells 30 year term policy is betting that you won’t die within 30 years, so they get to keep your premium money without paying you anything. This is also why they charge so low a premium, especially for young people, who are unlikely to die in 30 years.

Jason: Sounds like insurance company has good deal: It can collect premium from term life policyholder but not paying death benefit to anyone — unless the policyholder died before the term is over. They should go around finding more people who they believe will still be alive after 30 years and then sell term policy to those people, right?

Greg: It’s tricky to say that insurance companies make money by term life premium. It’s true that term life premium becomes a source of income for an insurer, and if a term life policy paid no death benefit, the insurer would make money from the premiums paid by the policyholder. The same goes to some insurance policies that go unclaimed. Any expired term life policies or unclaimed policies are good news for insurance firms because it means they have collected decades of premiums without paying out any claims.

Joy: I have a feeling that you have more to say on how insurance firms make money. It’s getting late and let’s stop here as we’ve had a long meal today.

Categories
Cryptocurrencies & NFTs Financial talks at dinner table

Algorithmic Stablecoins Require Right Mindset + Reserve

The Kingstons continued their conversation on stablecoins, especially on algorithmic stablecoins, the purest form of truly decentralized stablecoin that, in its extreme case like TerraUSD, may have nothing tangible to back it up in case of breaking the peg.

Kimberly: We haven’t talked about algorithmic stablecoins yet, and I feel we have to because they are more in troubles these days, like the Terra Luna stablecoin.

Greg: You are right. But first thing first, not all algorithmic stablecoins were born equal. I know many people are talking about TerraUSD and using that as a convenient case against all stablecoins. I recently went to an investment conference and one speaker there brushed away all stablecoins as “failed experiment” citing the Terra case. But Terra, or more accurately “UST” as the stablecoin in the Terra ecosystem is called, is an exception because it relies on smart contract algorithm, very little on full or excess backup reserve.

Kimberly: So does it mean having solid backup reserve is the key for the success of stablecoins?

Greg: I would say so at this early stage of stablecoins, which have yet to establish widely accepted trust or even broad awareness. But reserve matters even with public trust because trust does not fall from the sky but must grow up from the ground. Reserve provides the rich soil for trust to grow. To see it from a crisis prevention perspective, there is an article in Investopedia that says it well: Reserves are an antidote to panic.

Joy: The recent story with Tether proves how important reserve is. According to an article from blockworks.co, after the crash of UST, Tether investors rushed to redeem or to get rid of more than $16.3 billion worth of Tether token or “USDT” as the largest stablecoin is called. They either switched to dollars or to rival stablecoins like the second largest stablecoin USD Coin or “USDC.”

Emily: These names are confusing sometimes. But I guess they all start with USD, which stands for “US dollars”, right?

Joy: Right. The last letter tends to separate them. The “T” in USDT stands for Tether, “C” in USDC means Circle, the issuance entity for the USD Coin or USDC, while “T” in UST stands for Terra. BUSD is an exception because it uses the first letter of “B” to indicate the issuer of Binance.

Greg: The two stablecoin giants, number one ranked USDT by Tether and number two ranked USDC by Circle, clearly understand how important reserve is for getting public trust. After the crash of UST, these two stablecoins both tried to convince the public that they are financially fine with reserves. Circle announced they would publish weekly reserve report from now on, and Tether released an assurance report on its reserves by an auditing company MHA Cayman.

Joy: It’s interesting that Tether could only get a Cayman Island based auditing firm to write the report, not by a US based auditor. Its reserve composition is also less transparent than USDC is. I was worried that USDT would lose its crown as the top stablecoin. But in the end, although it experienced the largest “run” away that forced Tether to “burn” 20% of USDT token, Tether managed to keep its dollar peg and also the title of the largest stablecoin.

Greg: I wasn’t too concerned because USDT is centrally controlled and far better reserved than UST. During times of uncertainty, people always look for things they are familiar with, and having central control and backup reserve are the comforting factors.

Kimberly: Mom says USDT “burned” tokens, what does it mean?

Greg: “Burning” and “minting” are the two basic operations for changing the market supply of digital token or coin. I use “tokens” and “coins” interchangeably because digital coins are nothing but tokens. When they are “burned,” it means to send them to addresses or digital wallets that can only receive — never release or return — the token, as if they were dollar bills burned to ashes. Burned coins have been removed permanently from market circulation and the total coin supply is reduced.

Kimberly: But why do we want to do that? Are we having too many coins in circulation than needed?

Lily: Let me guess: The “law of scarcity” applies. When the USDT price drops below the peg, say one USDT only buys $0.989 instead of $1.00, it signals that the demand for USDT is lower than its supply, as more investors would keep dollars than USDT. Tether must “burn” some USDT tokens to take them out of circulation to push the value of USDT up to $1.00, all because things in short supply have higher value, other things equal.

Joy: And in the opposite scenario Tether must “mint” USDT when its price rises above the peg. Say one USDT coin can sell at $1.015, which means more investors want USDT than dollar. “Minting” USDT then increases the coin supply to push the price down to $1.00 peg.

Lily: So the story says “when USDT price drops, burn, when it rises, mint!”

Greg: To “burn” is to decrease USDT supply or equivalently to increase its scarcity; to “mint” is to increase USDT supply or decrease its scarcity. Think of the price of watermelons: In the summer more watermelons are available, and we can get one for just $4.99 even in the Bay Area. In the winter the supply of watermelons is decreased, so we must pay a higher price like $8.99. Now, if supermarkets want to keep the same price, say $6.99 throughout the year, they will put some watermelons into storage in the summer and release them from storage in the winter — assume a watermelon can be stored for months. Burning USDT is like putting watermelons into storage in the summer to raise its price from $4.99 to $6.99, while minting USDT is like releasing watermelons in the winter to lower its price from $8.99 to $6.99.

Kimberly: That makes sense. Do other stablecoins work the same as Tether’s USDT?

Greg: Yes and no. All stablecoins have the “burn” and “mint” operations but they do that somewhat differently. The two largest stablecoins, Tether’s USDT and Circle’s USDC, are both centrally controlled, which means they rely on a central authority to determine when to “burn” and when to “mint.” Algorithmic stablecoins are smarter as they rely on smart contract to automatically control burning or minting.

Kimberly: Speaking of algorithmic stablecoins, what about the most famous one, the UST? Does it use burning and minting as well?

Greg: Of course but in its own unique way. Basically it played a “seesaw” game using the stablecoin UST and a governance coin called “LUNA.”

Emily: What’s a governance coin?

Greg: It’s a coin that offers voting right to its owner, like stockholders voting for company issues. For our purpose it’s better to think of LUNA as a “sister” or a “utility” coin because it’s used as a tool or incentive to help UST maintain its peg with dollar.

Kimberly: How do the two work out together?

Greg: At the first glance you may think the design is clever. The Terra ecosystem has a special deal for trading between LUNA and UST. It says whenever investors swap LUNA token for UST or sell UST to buy LUNA, they can do that at a guaranteed fixed price of $1 — even though the prices of UST and LUNA are subject to market fluctuation. We can think of LUNA and UST as “identical twins” and if a LUNA owner wants to buy UST, or a UST owner wants to buy LUNA, the price will always be fixed at $1.00. This part of transaction sounds simple. But here is what gets complicated: The prices of LUNA and UST will both vary on the open market. This creates an opportunity for arbitrage.

Kimberly: It’s complicated indeed. Please give an example and explain what arbitrage is.

Greg: Let’s say in the stablecoin open market the UST is currently priced at $1.02, meaning one UST token or coin can sell for $1.02, 2 cents above the $1.00 peg. Meanwhile, say the current price of LUNA token is $0.50. I’m making it up because the real price of LUNA now is around $0.0001. If UST and LUNA were not “identical twins” with a price guarantee, LUNA owner will have to pay $1.02/$0.5 = 2.04 tokens to get 1 UST coin. With the price guarantee, whoever holding LUNA tokens will only pay $1.00/$0.5 = 2 LUNA tokens, not 2.04. Meanwhile everyone else without LUNA token have to pay $1.02 to get one UST coin. The saving of 2 cents is not much but comes risk-free because Terra system sets up that way. In addition, if I own one a lots of LUNA tokens and use them all to buy UST coins, the profit adds up quickly. This is how arbitrage works, which is nothing but legitimate ways to make money by taking advantage of price differences.

Kimberly: So Terra knew there would be price breaking away from the peg and designed the seesaw game to encourage arbitrage as a way to bring UST price back to the peg, right?

Greg: Yes. Now what would happen when investors all rush to get UST using every LUNA token they have? The price of UST will go down while LUNA price will go up. Why? Two ways to understand it. The first is to think about watermelons again: When all supermarkets are flooded with watermelons in the summer, they will lower the price for quick sale. This works the same for UST. When investors are buying UST, the market will be flooded with UST tokens, just like the watermelons in the summer. The UST price will go down. The other way to look at it is to think of the “burning” and “minting” operations. When investors are buying UST, new UST tokens must be minted, and the spent LUNA tokens will be burned. This also leads to a lower price of UST and a higher price of LUNA.

Kimberly: You just described the scenario when UST goes above the $1.00 peg. How about UST price going below the peg, which is more likely to happen as we all know?

Greg: It works the same way as a seesaw game. Say one UST coin only sells at $0.985 rather than $1.00 in the open stablecoin market, but within the Terra system one UST coin can still sell $1.00 worth of LUNA, which is 2 tokens. Guess what investors will do? Everyone will sell UST at $1.00 to buy 2 LUNA tokens, because in the open market one UST coin only gets you the equivalent of $0.985 in LUNA, which is $0.985/$0.5 = 1.97 tokens. From there the watermelon story repeats itself, in the sense that LUNA price goes down and UST price goes up. Again, arbitrage helps bring UST closer to the peg.

Seesaw Game by UST/LUNA Coins

Lily: It just came to me that the seesaw game played by UST works much like the central bank: Fed sells government securities to banks to reduce the money supply in order to raise the interest rate; Fed buys government securities from banks to increase money supply in order to lower the interest rate. Fed has a goal of keeping the inflation rate at 2%, just like stablecoins have a goal of $1.00 peg with the dollar. Fed manipulates government securities just like UST relies on arbitrage with LUNA to stay on peg.  

Kimberly: If so, why has UST failed so miserably while the Fed has been playing the same seesaw game for decades or centuries and it works fine.

Greg: It goes back to the backup reserve that we’ve been talking about. Fed has the deepest pocket that Terra can never match. Nobody will worry about Fed default because it has all the cash they want to buy securities. Terra on the other hand was severely under-reserved. An article published by Coindesk.com tells us that before its collapse in May 2022, UST had a market capitalization of $18 billion, but its reserve was less than $4 billion. 

Joy: The way I see it, we also have a mindset problem. In other words, there is more to stablecoin than scarcity. We need to understand social psychology to be successful in major innovations. Understanding public mindsets allows us to foresee things before price changes or more importantly before crisis hits. The sustainability and value stability of stablecoins demand more than scarcity. Meanwhile, many in the crypto world, from Satoshi to the Terra co-founder Do Kwon, only focus on scarcity. Satoshi and his followers believed controlling the total supply of Bitcoin to 21 million is enough to control inflation. Do Kwon believed playing a seesaw game between two coins of UST and LUNA is enough to keep the value of stablecoin stable. Reality has proven them wrong. Bitcoin has been a lousy “inflation hedge,” while UST had a free fall in value. It’s the willingness to adopt that plays a more important role.

Greg: Sounds interesting. How does the “willingness to adopt” works?

Joy: It’s about convincing as many people as possible, not just the current investors in UST or LUNA. To do that, we have to understand what public hidden concerns are and offer insurance or assurance. I want to cite the example of FDIC for bank deposits. FDIC works its wonder since 1933 not because it sits there waiting for scarcity to show up. Instead, it preemptively offers a signal of assurance to all depositors by promising a coverage of up to $250,000 to boost public confidence.  

Emily: What is FDIC?

Joy: Its full name is “Federal Deposit Insurance Corporation”. It’s a great way to ensure the safety and security of funds for all depositors. FDIC was founded in 1933 and ever since then it claims that not a single depositor has lost one penny of the deposited funds under its coverage.

Greg: Good point. I wish the Terra folks understood this before betting everything on UST and LUNA. It’s easy to ignore the big picture and single out scarcity and technicality — it’s easy to be penny smart and pound foolish. Many things done by central banks are not replicable by an entity because behind the Fed is the silent but almighty “Uncle Sam” who holds a unique and exclusive power of collecting taxes from every taxpayer. Fed should always issue a warning before making a policy move that says “Danger, do not try it at home!”

Emily: I want to go back to bank runs. Mom says investors were running away from Tether and redeemed $16 billion USDT for dollars, is that the same as bank runs?

Joy: Running away from a stablecoin is not the same as running away from a bank. The biggest difference still comes down to backup reserve. They also have different business models. With banks nobody can ask them to hold all the deposit, because banks make money by lending the deposits out or by investing the deposits in something else. To ask banks keeping all deposited money in their vaults is asking for bankruptcy.

Emily: Why is that?

Joy: Let’s say Bank of America receives $100 million from depositors in a month, if the Fed asks it to keep 10% of the deposits, Bank of America will lend $90 million out to earn higher interest to keep its door open. The Fed will never ask the bank to keep 100% of deposit.

Kimberly: But what if all depositors rushed to get their money out, no bank can pay them all and will be forced to shut down, right?

Joy: That’s where FDIC comes into play. Also, Tether has limited itself to institutional or large investors as it demands a minimum fiat withdrawal or deposits of $100,000. Clearly it is not for general public.  

Kimberly: Now we know how banks make money, what’s the business model for stablecoins? I mean how do they make money?

Greg: There is an article on the website Binzinga.com that talks about that. There are several ways. They can charge issuance and redemption fees. When an investor pays dollar or other collateral to get stablecoin, she’ll be charged “issuance fee.” When the investor wants to get rid of the stablecoin and get dollar or other collateral back, she’ll be charged “redemption fee.”

Joy: Centralized stablecoins makes money mainly through short term lending and investing. One example is Tether loaned $1 billion to Celsius Network in October 2021. The latter would pay Tether an interest rate of 5% to 6% per year, which means Tether received between $50 to $60 million dollars per year. 

Kimberly: So this works just like banks.

Joy: Except the required amount in reserve is usually higher — much higher — for stablecoins than for banks because FDIC does not cover stablecoins.

Greg: Lending is not the only way stablecoins make money. The other way is investment. Stablecoins are backed by assets, but not necessarily all by cash. For example, in July 2021, 61% of USDC reserves were in cash or cash equivalents while the rest was invested in a variety of assets such as Certificates of Deposit, corporate bonds, municipal bonds, U.S. Treasuries and commercial paper. They can invest in money market funds like commercial papers and better yet, treasury bill.

Emily: What is treasury bill?

Joy: It’s called “T-bill” for short. It’s short term debt issued by the Treasury Department to borrow money from the public. Its term ranges from 4 to 52 weeks, meaning an investor can buy T-bill today and the Treasury Department will pay her money back no later than the 52nd week. Because of the short time, T-bill will not pay interest, but investors can buy at a discount price from the par value.

Emily: What’s par value?

Joy: Par value is the face value of the T-bill. It’s the amount of money that the Treasury Department promises to pay the investor back when the bond reaches the maturity date. For example, say I bought a T-bill of $1,000 that is mature in 4 weeks. If the T-bill is discounted at 20%, I will only pay $800 today to receive the bond and after 4 weeks, the Treasury Department will pay me $1,000 to get the bond back.

Greg: Tether is not the only stablecoin doing the lending business. The second largest stablecoin, USDC, also does that. Jason, please check the market caps for top stablecoins from www.coinmarketcap.com.

Jason: It stays USDT ranks number three overall but the largest stablecoin by market cap. Its price is $0.9991. USDC is right behind Tether, with a price of $1.00.

Kimberley: How is USDC doing better than Tether in pegging?

Joy: According to an article by gemini.com, USDC has central control just like Tether does. Also like Tether, USDC is fully backed by reserve. What sets USDC apart is that its reserve is held at regulated US financial institutions, just like commercial banks do in the traditional finance. Furthermore, it’s audited by a U.S. accounting firm that issues monthly report on the reserves backing USDC.

Kimberly: If I remember correctly, Tether holds its reserve to itself, not to outsiders, right?

Joy: That’s right, and that may explain why the article from blockworks.co says only Tether knows what exactly its backup reserve is made up of. This also made it harder for Tether to obtain a creditable auditor willing to issue public reports about its reserve.

Lily: So the real lesson is that people are willing to invest in crypto and use stablecoins as long as (1) they are fully reserved, preferably in stable fiat; and (2) their reserve information is transparent and verifiable.  

Joy: I would add another lesson: it’s a good thing that we have different stablecoins at the same time, because it helps speed up the learning process. Think of it, if we only had Tether, we’d have to wait to see how it performs during bad times before trying anything else. Now we can compare different models of stablecoins and pick up the best.

Lily: Following your logic, having price ups and downs is also a good thing, because it provides a good testing environment for different stablecoins.

Greg:  The article on blockworks.co has an informative chart showing prices of top four stablecoins since May 1st: Tether or USDT, USD Coin or USDC, Dai and Binance USD or BUSD. We know one thing for sure: the demise of UST or TerraUSD has more negative impact on USDT than on anything else. Binance USD even has price higher than the peg, reaching a peak price of $1.07 on June 19, 2022.

Kimberly: Why is BUSD priced higher in the event of UST crash?

Joy: I wonder to what extent has that been caused by having a governmental agency in New York offering authorization of BUSD stablecoin, not just by fiat backup and auditing report.

Greg: I see what you mean. It also helps that the New York State Department of Financial Services or NYDFS authorized Paxos Trust Company LLC to offer a gold-backed virtual currency, the first such virtual currency. Keep in mind that Paxos is in a partnership with Binance to launch BUSD.

Lily: I find it funny that Crypto is supposed to be a game changer to traditional finance; yet in reality, its creditability and reliability still depend so much on traditional finance, like having fiat backup or setting up account in banks.

Kimberly: I agree. Bitcoin and other cryptocurrencies were designed to be unregulated, and they call for disintermediation; yet having a governmental approval helps Binance USD or BUSD succeed.

Joy: Bear in mind though that stablecoins are designed to be the bridge connecting digital currency with fiat, which means they have a naturally strong tie with traditional finance. Non-stablecoins may not have such a feature. But you are right, stablecoins works much like fiat: The more regulated and the closer the link with fiat, the safer it is perceived and the stabler during the time of uncertainties.

Categories
Blockchain Cryptocurrencies & NFTs Financial talks at dinner table

Some Stablecoins Are Already Digital Money

The family digs deeper today into stablecoins, focusing on reserve and collateral and how some fiat backed stablecoins like Tether is on its way to qualify for being a digital money.

Kimberly: Last time we were talking about depositing $2,000 worth of Ethereum before anyone can claim $1,000 worth of stablecoin. The ETH collateral is twice the value in stablecoin. I wonder if that is true in general.

Greg: Not really. The key question to ask is what are being used for collateral and how stable they are. For stable assets like many fiat currencies are, a stablecoin can get away without over-depositing or over-collateralization like in the ETH case.

Joy: In other words, to claim you have a stablecoin valued at $1 million, you only need to have $1 million in reserve if the asset is stable. That’s 100% backup or 1:1 reserve. But for unstable assets like cryptocurrencies it’s common to see $1.5 million or even $2 million worth of crypto deposited for $1 million worth of stablecoin.

Kimberly: This prepares for the scenario when the unstable asset suddenly decreases value, right?

Joy: Right. It provides an extra layer of protection to investors, just like insurance company will charge you a higher premium if you have a record of drunk driving or other risky behaviors.  

Greg: That’s a good analogy. I want to add that even with over-collateralization those stablecoins are not error-proof. In case a cryptocurrency is completely busted, over-collateralization won’t save the stablecoin.

Lily: How about backing up a stablecoin by a basket of cryptocurrencies, would that help?

Greg: Theoretically it would, except the history of crypto has shown a high correlation among the price movements of most if not all cryptocurrencies. This differs from the mature market of stocks and bonds, where diversification helps reduce non-systematic risk in the traditional financial market. Diversified collateralization by a basket of cryptocurrencies may or may not do the trick.

Lily: Why are the prices of cryptocurrencies closely related?

Greg: One reason is that the crypto market is heavily dominated by two big guys Bitcoin and Ethereum, followed by thousands of small guys. If you check out the site https://coinmarketcap.com you will see that except for Bitcoin, which is more than 40% of the market share, and Ethereum, which is around 15%, plus a few stablecoins, the market share for the others quickly drops to 1-2%.

Lily: So the small guys will have a price movement heavily influenced by Bitcoin and Ethereum, right?

Greg: Right. Another reason is that speculators have low royalty to individual crypto. They are constantly searching for the “next big one.” This makes all cryptocurrencies exposed to the same speculative risk.

Joy: I think future cryptocurrencies should specialize in industries or lines of business to reduce the correlation among them and also to grow quickly. Today’s innovations have focused on different features of the same cryptocurrency, but the future lies in “application specific crypto” or ASCs. Even a decentralized financial market has no space for nearly 20,000 cryptocurrencies. Integration will have to happen for the market to settle down, where many small crypto will be bought off by a few big guys.

Greg: I agree. Another thing to bear in mind is that despite its bad reputation of dramatic price shifting, cryptocurrencies may still be better than some fiat. Crypto price can go down but also go up. This is not the case with some fiat. The Argentina money, where the inflation rate hits 58%, is worse because it’s all inflation, unlikely to have deflation. A Bloomberg report says it right that in Argentina, nobody knows the price of anything.

Emily: What’s deflation?

Joy: That’s when prices of many things go down instead of going up. Deflation is good news for consumers as it offers higher purchasing power. Economists used to worry about deflation a lot as a sign for a weaker economy but not as much today, because lower prices can also mean higher productivity or economy of scale.

Lily: Oh yeah. I’ve read an article that lists 10 things that are cheaper now than 10 years ago, like smart phones, calculators, flat screen TVs, domestic flights.

Greg: In addition to what are used as reserves and how stable they are, it also matters a lot how a stablecoin makes its claims. Regulators will always come after you if they believe you’ve made misleading claims. Sometimes firms make their job easier. Tether, the largest fiat-backed stablecoin, used to claim its value has 100% backup “by the dollar.”

Joy: Yeah, they paid a big price for saying that. A Wikipedia page says Tether is to pay $41 million fine to the Commodity Futures Trading Commission, or CFTC. Now Tether only says its token is fully backed by its “reserves,” not dollars.

Greg: That’s true. Looking at Tether’s transparency page, you will see that “All Tether tokens are pegged at 1-to-1 with a matching fiat currency and are backed 100% by Tether’s reserves.”

Kimberly: Is the new claim accurate? Does Tether now have sufficient reserves to cover its ground?

Greg: Let’s find out. Jason, please go to this webpage https://tether.to/en/transparency/ and we can check the numbers to see if the total assets and liabilities of Tether on USD match.

Jason: Total assets $72,657,372,695.04 or more than $72.6 billion on June 10, 2022, total liabilities $72,494,981,446.98 or $72.5 billion. Looks like they have more assets than liabilities.

Greg: That’s Tether’s account balance for the dollar. Let’s look at the Euro as well.

Jason: Okay… Oh, same story here, total assets are more than total liabilities.

Greg: They do that to have extra room of cushion, which is called “shareholder capital cushion,” and also to impress investors and regulators.

Joy: There is a report by Quartz that tells us more details. Tether defends itself by saying that the findings were from more than two and a half years ago, that they always had enough money in reserve, that the fine only meant the reserves were not all in cash and all in a bank account titled in Tether’s name, at all times.

Lily: Do you think Tether was wrongly charged? I mean stablecoins have been unregulated and suddenly Tether was thrown a huge fine.

Joy: I’m pretty sure the CFTC has a solid legal ground for imposing the fine. If you read the Wikipedia page on Tether, you’ll see many problems associated with Tether, including the misleading statement of dollar reserves, having $31 million token stolen, and price manipulations and lack of auditing.

Greg: At a deeper level, let’s take one step back and ask ourselves why holding sufficient reserve is so crucial for stablecoins. The answer is in two words: “stability” and “liquidity.”

Kimberly: Could you elaborate?

Greg: “Stability” is easy because that’s what all stablecoins are named after, none of them calls itself “unstablecoin,” right? The whole reason for stablecoin to exist is to provide stability of value, which other cryptocurrencies do not have. Liquidity on the other hand means taking precautions to pass a “stress test” under extreme scenarios.  

Kimberly: Can we have an example what an extreme scenario looks like in a stress test?

Greg: Say all owners of Tether tokens were to cash out for dollars, will Tether still have enough cash or cash equivalent to allow investors to get their money out in dollars? Having liquidity means Tether can say “Yes” for sure, otherwise it will fail the test.

Lily: I see it now: When it comes to stablecoins, there is no shortcut and no need for getting creative. You just have to keep enough cash or cash equivalent in reserve. That’s the only way for Tether to possess stability and liquidity.

Greg: That’s right. That’s also why I believe Tether’s self-defense is weak. All reserves must be in cash or cash equivalent, and all must belong to Tether, not shared with anyone else.

Joy: It’s interesting that I’ve read an opinion piece that says the future of payment is not in stablecoins. One of the key arguments is that stablecoins tie up liquidity unnecessarily, making those dollars in reserve unavailable to other uses.

Greg: I see their points but ultimately it all comes down to the issue of trust, which does not fall from the sky — you must earn it over time. For now keeping 100% reserve with stable assets is a price stablecoins must pay, given its currently low public and regulators’ trust. Like Lily says there is no other way around that. I would not however rule out future payment possibility for stablecoins. To say stablecoins are not the future of payment is to deny the possibility for stablecoins to establish trust. That goes too far.

Joy: I agree. Commercial banks are not required to keep 100% reserve for issuing loans. In fact, since March 26, 2020, the Fed reduced the reserve requirement ratio to zero. Of course, that is in the traditional or centralized financial world but who is to say in the decentralized financial world things will never change and stablecoins will always be required to keep 100% reserve?

Emily: What’s the reserve requirement ratio?

Joy: That’s the amount of deposits a bank is asked to hold for customers’ withdraw. Let’s say a bank has $100 million in deposits from its customers. Banks make money by lending the deposited money out to earn a higher interest. But can the bank lend out all $100 million to businesses? Normally not, because the central bank will ask it to keep a part of deposited money, and that part is reserve ratio. Say the ratio is 10%, then the bank must keep $10 million and only lend out $90 million. Sometimes however the central bank may allow banks to lend out all the money to stimulate the economy.

Lily: I think the risk for a stablecoin is higher than for a commercial bank. The latter is a part of centralized system. It has less freedom than a stablecoin but also lower risk because the central bank will come to its rescue in case of a major crisis. A decentralized stablecoin has more freedom but higher risk as the central bank may or may not save it from its own trouble.

Greg: That’s true and we should keep the higher risk of stablecoins in mind. The future relationship between central bank and decentralized financial institutions is a very interesting topic. One possibility is that the Fed will keep its direct reign over all membership banks but will make suggestions or recommendations to decentralized finance entities to implement its monetary policies.

Joy: Maybe the Fed will tell future stablecoins that if you follow or coordinate with our monetary policies we’ll add you to our list of “associated members” to offer partial bailout in case of crisis. It’s unlikely for the Fed to order stablecoins to do anything, though — unless the law says otherwise.

Greg: Meanwhile, without central bank rescue stablecoins will have a higher risk of “bank run” unless they keep 100% reserve all the time. Future regulations may ask them to maintain a higher reserve ratio than that for the centrally controlled banks, other things equal.

Emily: What’s bank run?

Joy: A bank run happens when a large group of bank customers all want to withdraw cash from their bank accounts, either because of the bad news in the market or about the bank. You know banks make money by lending money out and they are only required to keep some cash. When many customers all want to get cash at the same time, banks quickly run out of cash and must close the door.

Lily: Let’s go back to Tether. I think it’s good for Tether now to keep more assets than liabilities.

Greg: If you think of it, having extra assets above and beyond liabilities is for Tether’s own good because it relies heavily on money market instruments, which are either unsecured, like commercial papers, or have penalty for early withdrawal, like certificates of deposit. They are cash equivalent but not exactly cash. Those extra assets help mitigate money market risk.

Emily: I meant to ask it before: What’s cash equivalent?

Joy: Let’s use Tether as a handy example. On Tether’s transparency page there is a reserve breakdown. We can see that more than 55% is US Treasury Bills, about 28% is in corporate commercial papers & Certificate of Deposits or CDs. The rest is money market funds and others. Treasury Bills, commercial papers, CDs are all cash equivalent, meaning they can turn into cash quickly if they must.

Emily: I remember commercial papers are short term debts of companies. What are money market funds?

Joy: Those are mutual funds that invest in cash and securities that are due within one year. These assets can all be converted to cash quickly. Again, they can all be converted to cash quickly.

Lily: Back to your comment, dad, on having extra reserve is good for Tether, did you mean some commercial papers may default, but Tether can use the extra reserve to pay investors? Say Tether has a total of $10 million commercial papers and $1 million defaulted. if Tether only had $10 million assets to meet $10 liabilities, it would be $1 million short after the default. But if Tether has additional $1 million extra reserve, it will cover all payments. Am I right?

Greg: Either that or let’s say they must withdraw CDs before the maturity dates, which will incur early withdraw penalty. Let’s say that’s $1 million. In that case Tether can still use its extra reserve to pay all investors in full.

Lily: That’s pretty impressive for Tether to do what it’s doing now.

Greg: That’s not enough, though. Tether also must constantly add cash or cash equivalent to its pool of reserve whenever it issues more tokens to investors. Let’s say Tether has issued another $500,000 tokens to old or new customers last quarter, Tether must add $500,000 to its pool of reserve to cover the new tokens.

Joy: Let’s not forget the dark side of Tether. If you look at Tether’s fee schedule, you’ll see that Tether requires a minimum of $100,000 per transaction of fiat deposit or fiat withdrawal. In other words, you can’t deposit or withdraw $10, $100, $1,000 or even $10,000. Tether also charges for withdrawing the dollar either $1,000 or 0.1%, whichever is greater. If you withdraw exactly $100,000 from Tether, it will charge $1,000 each time. Besides, it also charges $150 for verification of Tether token.

Greg: Tether also has a central control system, not exactly decentralized. I’m sure critics will say something about that. Finally, it does not serve any US residents, only entities established or organized outside of the United States or its territorial or insular possessions; and those having eligible Contract Participants pursuant to U.S. law.

Lily: That’s strange. Who are “eligible contract participants?”

Greg: Its webpage defines a participant as “a corporation that has total assets exceeding $10,000,000 and is incorporated in a jurisdiction outside of the United States or its territories or insular possessions.” Frankly, many if not most entities with more than $10 million total assets tend to have an overseas base outside the US.

Joy: Now the positive news for stablecoins. In January 2021, the Office of the Comptroller of the Currency, or OCC, has told federally controlled banks to treat stablecoins the same as SWIFT or ACH. Furthermore, these banks can participate in the Independent Node Verification Network or INVN, which is nothing but blockchain.

Lily: If that’s the case, how do we explain the recent crash of Terra/Luna stablecoin?

Joy: The OCC acknowledges the value of blockchain, and the role played by stablecoins. But not all stablecoins were born equal and OCC doesn’t or should not endorse everything about stablecoins. There are always bad apples, and the sad thing is that bad news travels fast.

Greg: All in all, I believe stablecoins — not including crypto backed and algorithmic stablecoins — are designed to be digital money because they meet the three money requirements: Store of value, medium of exchange and unit of account.

Emily: Could you tell us more?

Joy: There is a paper written by Federal Reserve Bank of St. Louis that does a good job explaining what money is. Let’s consider the three requirements one by one. A store of value is all about stability of value, meaning the value of money is stable enough for you to keep it for a reasonable period of time without worrying about losing that value significantly or even completely. Stablecoins meet that requirement because their value is stable, as the name suggests — except for algorithmic stablecoins as we have learned.

Kimberly: How long is that “reasonable period of time?”

Joy: It depends on which currency you are talking about. The key point, as the above Fed paper points out, is that money does not have to be perfect store of value because we do have to watch out for inflation, which lowers the value of money from the value before inflation.

Lily: So the now crashed “stablecoin” Terra Luna can’t pass this test.

Joy: No it can’t. The second requirement of money is a “unit of account,” which basically says money can be used to measure value of different things. Without money we’d have to resort to bartering, meaning we trade one thing for another, like one airplane for one million T-shirts. Fiat backed stablecoin meet that requirement.

Greg: We can break the “unit of account” concept down to three features: divisible, fungible and countable. Divisible means one dollar is always equal to four quarters, 20 nickels, 10 dimes and 100 pennies. Fungible means a dollar is a dollar, whether you get it from the bank or receive from your customer. They are always perfectly exchangeable. Countable means you can add, subtract, multiply and divide money anyway you want and still get the same result. Multiplying $1 10 times gets you $10, dividing $1 million by 4 gives you $250,000, and so on and so forth.

Joy: And that brings us to the last requirement of money as “the medium of exchange.” It essentially says money must be accepted as a way of payment. If you look at a dollar bill you will see a tiny note that reads: “This note is legal tender for all debts, public and private.”

Kimberly: But crypto is not legal tender.

Greg: True, but being a legal tender is not a required criterion of money. In other words, not being a legal tender does not eliminate stablecoins’ function as a medium of exchange for those backed by fiat, which are all legal tenders. The true test is market acceptance. The more a currency is accepted, the higher value it has as a medium of exchange.

Lily: Are you saying not all currencies are equally accepted? I would imagine being a government issued legal tender guarantees its acceptance.  

Greg: That’s right. In the near future cryptocurrencies, including stablecoins, are unlikely to compete with fiat in terms of market acceptance but the important thing is to have some and increasingly larger acceptance among some parties in the market. Stablecoins fit that requirement.

Lily: What’s the unique things a stablecoin provides but not by the dollar?

Greg: There is an article in Investopedia that summarizes the advantage of stablecoins well: “Stablecoins promise cryptocurrency adherents the best of both worlds: stable value without the centralized control attributed to fiat.” It also lists a few unique use cases that only stablecoins can do, like “using stablecoins to trade goods and services over blockchain networks, in decentralized insurance solutions, derivatives contracts, financial applications like consumer loans, and prediction markets.”

Lily: I don’t understand why these things cannot be done with dollar.

Joy: All decentralized transactions happen on blockchain, but the dollar is an off-chain asset, not an intrinsic part of blockchain. As far as blockchain is concerned the dollar does not exist. Trading with stablecoins allows investors to stay onchain all the time, not on- and off-chain.

Greg: I won’t say the dollar does not exist on blockchain because the value of all cryptocurrencies is still measured by the dollar. In fact, the link between crypto and fiat is like the “umbilical cord” we all carried on when we came to this world. It explains a great deal why the crypto price movement has so much to do with the fiat, just like decentralized finance or DeFi has so much to do with traditional finance TradFi.

Joy: You are right. I think the notion that Bitcoin is a hedge against inflation also makes little sense, even though its supply is set by algorithm at 21 million. An article by the economist Eswar Prasad said it right, scarcity alone is not enough to create value, there must be demand.

Greg: I won’t use the term “scarcity” for Bitcoin because by the time you call something “scarce” you already implicitly imply a short supply relative to demand. Bitcoin is simply a story of “limited supply,” not scarcity, because Satoshi’s algorithm only governs the supply side. It had no idea how much demand there would be when the algorithm was written. Supply side was all Satoshi could control.  

Joy: Okay I’ll buy that. There is a recent report by Bank of America that shows the correlation between Bitcoin and S&P 500 has been very high, while its correlation remain near zero with gold. This defeats another myth that Bitcoin is like digital gold.

Greg: The other “umbilical cord” for Bitcoin, or all cryptocurrencies for that matter, is financial regulations. Satoshi envisioned Bitcoin to be unregulated and disintermediate, meaning banks and existing financial institutions will be cut off from playing any role related to Bitcoin. But that’s utopian as it’s impossible for Bitcoin and all cryptocurrencies to be unregulated completely. If I were Satoshi, I would try my best to gain all the regulatory supports I can get for my innovation.

Joy: I agree. It is also dangerous without regulation. This explains why the price of cryptocurrency is so sensitive to the monetary policy of the Fed. I would change the famous saying: There are three certainties in life: death, regulations and taxes.

Categories
Cryptocurrencies & NFTs Financial talks at dinner table

Talking About Stablecoins

The Kingstons have decided to switch the gear toward what is happening in real life instead of abstract knowledge points.

Lily: I feel we have been out of touch with reality by talking about blockchain, cryptography, hash and hashrate, nonce, and even proof of work and proof of stake. They are foundational of course but we need to look at the “livelier” developments.

Kimberly: I agree. We also have had a very positive tone about cryptocurrency or the blockchain. We rarely talked about whether the whole thing of cryptocurrencies is worth it. After all, if famous investment gurus like Warren Buffett have questions and reservations about investing in cryptocurrency, shouldn’t we think twice about that as well?

Lily: To give a good example, what about the recent crash of stablecoins? I’ve read a report on CNBC the other day, talking about whether this 30-year-old South Korean founder of a stablecoins project will face jail time or just civil penalties.

Emily: What happened to the project? What is a “stablecoin?”

Lily: The idea of stablecoins sounds very attractive. It addresses one of the biggest problems with cryptocurrency. You know, their prices jump up and down dramatically. Stablecoins were born to change that.

Emily: How do stablecoins do that?

Lily: It helps to keep in mind we have two currencies today: dollar and crypto. They are not isolated from each other. The value of all cryptocurrencies is always measured by dollar. Jason, could you find out the dollar prices for Bitcoin and Ethereum today, please?

Jason: Let me Google it: It says $30,041 for Bitcoin and $1,809.64 for Ethereum.

Lily: Thanks. If you think of it, those prices really are the exchange rates between the dollar and crypto. Remember last year we had a trip to France and at the airport we used our dollars to buy Euros?

Emily: Oh yeah. Euro was more expensive than dollars. We gave them $200 but only got about 190 Euros back.

Lily: If you think the Euro is expensive, wait to see the exchange rate of Bitcoin. You heard Jason just said: One Bitcoin is sold for more than $30,000 dollars.

Joy: Just so you know, on May 1st I invested $1,000 on Bitcoin and $500 on Ethereum. Want to guess the prices back then? I have them on my iPhone: Bitcoin (BTC) was $38,890.81 and Ethereum (Ether) was $2,856.45.

Emily: You’ve lost money on cryptocurrencies. No wonder investors all want stabilized crypto prices.

Lily: That’s not true. Many speculative investors actually prefer big movement in price because it’s easier to make money that way. They all try to buy low and sell high.

Greg: Lily said it right earlier: We have two currencies within the country. With two currencies, what’s gonna happen is there will be an exchange rate between currencies.

Kimberly: A quick question: Exchange rate is the rate at which one currency can buy another, right?

Greg: Right. Normally exchange rate keeps changing because things change. However, sometimes a country decides to have a fixed exchange rate with another currency. This is called “currency peg.” The Hong Kong dollar for example has been pegged to the U.S. dollar since 1983.

Kimberly: Why would they want to do that?

Greg: Currency peg is a national policy to promote international trade. Many businesses involved in international trade have a low profit margin. Even a little fluctuation in exchange rate could wipe out their profits. A currency peg means a fixed exchange rate and it’s a godsend because it eliminates foreign exchange risk.

Kimberly: I can see currency peg is useful for international trade but we are talking about stablecoins, why is currency peg relevant?

Greg: Because the same idea of currency peg drives stablecoins. You guys may not have been keeping up with the latest in the payment business. Both crypto platforms like Coinbase and legacy service providers like Visa and Mastercard are pushing for direct deposits or cryptocurrency wallets and accepting both dollars and crypto. In the first half of 2021, Visa reported that it had processed over $1 billion worth of cryptocurrency payments

Joy: Yeah, for a currency to be useful for payment people all prefer stable value. Price jumping around too much turns people off from using it. This is why so many people are interested in stablecoins, which keep the exchange rate fixed between currencies — or so promised.

Kimberly: I see a big reason for stablecoins. Nobody wants to use a currency that can buy 10 gallons of gas today but only 7 gallons next month.

Greg: Another reason stablecoin is needed is that certain institutional investors like pension plans would desire stablecoins. At retirement ages people just want to preserve their hard earned money, they have little taste for speculation. I read the news that Fidelity Investment now let companies offer their employees Bitcoin in their 401(k) plan for up to 20%.

Emily: What’s 401(k)?

Joy: That’s a retirement savings plan sponsored by employers for employees named after a section in the U.S. Internal Revenue Code. It’s the best deal because if an employee deposits $500 each month to the plan, many employers will match that and add another $500 to your savings account.

Lily: Another reason stablecoins are such a big news is that some platforms offer big incentives to investors. The LUNA project once promised almost 20% annual return on anyone’s deposit on the platform. That’s crazy when others were paying 1% or less.

Greg: If something sounds too good to be true, most likely it’s not true. Unfortunately some always find excuses to believe the unbelievable. This billionaire investor named Mike Novogratz even made a tattoo on his arm to memorialize his membership in this LUNA club. The project quickly gathered almost $60 billion but today is almost worthless. I found this article from Motley Fool published right before Luna’s crash in May very insightful.

Joy: I’ve read from online that stablecoins are valuable to migrant workers who need to sent remittance money home fast and inexpensively compared with other means of sending money internationally. It also preserves value of foreign aids.

Kimberly: Should we get back to Emily’s question of how stablecoin works?

Joy: Of course. From what I understand, there are different models of stablecoins. Some are safer and stabler than others. The key terminology is “algorithms stablecoins.” The LUNA project Lily was talking about is an example of that.

Emily: “Algorithm stablecoins?” It sounds complicated.

Greg: Let’s go back to the “currency peg” and it helps us understand algorithms stablecoins.

Emily: Please give an example of currency peg.

Greg: Let’s say Hong Kong dollar is pegged at 1:8 to US dollar, meaning one US dollar will always buy 8 HK dollars. Normally the exchange rate is not fixed but fluctuates, so bear in mind this is unusual.

Emily: Because a fixed exchange rate helps exporting goods, right?

Greg: Right. Say last year one US dollar could buy 8 Hong Kong dollar, but this year one US dollar can buy 8.5 Hong Kong dollars. We say American dollar is stronger and Hong Kong dollar weaker. A stronger dollar can buy more imported stuff from Hong Kong, or Hong Kong can export more stuff to the US. That’s what Hong Kong wants.

Emily: What if things change and the exchange rate shifts away from 1:8?

Greg: That is called “breaking the peg.” Let’s say for some reason capital starts to flow out of Hong Kong, like businesses are leaving and foreign investments are leaving. What would that mean to Hong Kong dollar?

Lily: I would say Hong Kong dollar will be weaker because Hong Kong economy is weaker.

Greg: Right. A weak currency does not always signal weak businesses, because sometimes a country would intentionally make its currency weak just to increase its trade competitiveness. However, other things equal, a weak economy usually means weak currency.

Emily: But Hong Kong wants to have a fixed exchange rate with US dollar, what can Hong Kong do to keep the peg?

Greg: A country’s central bank keeps watching the exchange rate closely and if there are signs of deviation from the pegged rate the central bank will respond to drive the exchange rate back to the pegged value.

Emily: Details please?

Greg: In order to keep the exchange rate going down from 1:8 to 1:8.5, Hong Kong Monetary Authority will buy Hong Kong dollars from local banks, which will cut down the amount of Hong Kong dollar in circulation. When money supply is reduced, what happens to interest rates?

Lily: We learned from school that the interest rate is the price of borrowing money. So if money is in short supply, just like everything else, its price — the interest rate — goes up.

Greg: Yes, now when Hong Kong interest rate is up, it will attract money back into the city. Say interest rate goes from 1% to 2%, the same $1,000,000 Hong Kong dollars deposited in a Hong Kong bank will get interest payment of $20,000 rather than just $10,000.

Lily: More money flowing back to Hong Kong will make Hong Kong dollar stronger, and that’s how the peg is maintained or restored.

Joy: Hong Kong is a special case because it’s a part of China and does not have central bank. If China wants to maintain a stable exchange rate of Yuan with US dollar, the Chinese central bank will rely on open market operations to keep the pegging.

Emily: So what will Chinese central bank do if the Yuan goes down in value relative to US dollar?

Joy: Ask yourself this question: If the prices for something is down, does it mean the demand for that something is up or down?

Emily: I would say down, otherwise the price would go up for something that’s popular, like housing in California, right?

Joy: You got it. The same idea applies to currency as well. If the value of a country’s currency goes down, it usually means there is insufficient demand for it. Chinese central bank will then sell some of the US Treasuries and use the money to buy its own Yuan. This way it creates artificial demand for Yuan to bring its value up.

Kimberly: If China’s Yuan goes up too much in value relative to US dollar, China’s central bank will buy more US securities to raise the demand — and the value — for US dollar, right?

Joy: Right. Because central bank’s deep pocket, anytime it buys a currency, its value will go up and when it sells a currency, its value will go down. This is called “open market operations.”

Kimberly: I wonder how many countries can afford the pegging. Not all countries have a deep pocket of US currency or treasuries like Hong Kong and China.

Greg: That’s exactly right. It’s never easy nor free to keep the currency peg.

Emily: So for stablecoins to keep a stable value with the dollar, they use the same open market operations to maintain the peg, right?

Greg: Yes and no. There is an article that summarizes four types of stablecoins. I’ll simply break them into two types of collateralized versus non-collateralized stablecoins. The former works just like currency peg and requires collateral asset, such as fiat currency, bonds, commercial paper or crypto tokens, while the latter only depends on algorithm and smart contract.

Emily: I remember Lily told me collaterals are backup asset, but what is a “smart contract?”

Joy: A smart contract is like other contracts with one exception: It does not require an intermediary or a third party because it can execute itself when certain specified conditions are met. Think of them as “If – Then” automatic contracts.

Kimberly: So if a stablecoin’s exchange rate moves away from 1:1, then the contract will automatically trigger open market operations to move it back to the pegged rate.

Joy: That’s the case for collateralized stablecoins. A few things to keep in mind. First of all, keeping a peg requires resources. If you are pegging to Euro, you need to have sufficient amount of Euro in reserve, ready for backing up to keep the peg.

Greg: The same is true for crypto-collateralized stablecoins. Say you want to have $1,000 worth of stablecoins, the smart contract will ask you to deposit $2,000 worth of Ethereum as the collateral. That amount will be locked up before the $1,000 stablecoin is created or “minted.”

Joy: The second condition in a stablecoin smart contract is that you can choose to peg a single currency or a basket of currencies like the Euro, Japanese Yen and the dollar. Pegging to several currencies is generally better than pegging to a single currency because more currencies mean less price movement. The idea is the same as investing in more stocks is safer than pouring all the money into one stock.

Greg: A country can also have a “soft peg,” which allows the exchange rate to stay in a limited range rather than an exact point.

Kimberly: So Hong Kong may choose a pegged rate not exactly one dollar buying 8 Hong Kong dollars, but perhaps one dollar buying between 7:85 and 8:15 Hong Kong dollars.

Joy: That’s right. Finally, pegging can be done not just to currencies but commodities like gold, precious metals, bonds, commercial papers or even real estates.

Emily: Is commercial paper some kind of newspaper?

Joy: No, it is a type of “I Owe You” note issued by a corporation to borrow money from investors and usually will be paid back within 270 days maximum.

Greg: I’ll add one more note regarding collateralized stablecoins: Cointelegraph.com reported last year that the Office of the Comptroller of the Currency, or OCC, allowed national banks to run independent nodes for distributed ledger networks like blockchain.

Joy: Yeah I remember that report as well. The OCC essentially says banks should treat blockchains the same as other legitimate global financial networks like SWIFT and ACH.

Greg: The government formally promised to have collateralized stablecoin backed up with its full faith and credit.

Emily: What about the non-collateralized stablecoins?

Greg: That’s a different story. Let’s talk about it next time.

Categories
Blockchain Cryptocurrencies & NFTs Financial talks at dinner table

Proof of Resources & the “Quantum Attack”

The family has largely shifted into non-technical topics this time.

Emily: I think we should talk more about the difference between Proof of Work and Proof of Stake.

Lily: I agree. I’ve read a report about some a billionaire named Bill Miller claiming that if Ethereum does accomplish its upgrade to Proof of Stake, it will give Bitcoin a huge advantage.  

Emily: Why’s that?

Lily: Apparently Bitcoin has no plan to walk away from its tradition of Proof of Work to Proof of Stake, so this billionaire believes Proof of Stake is in favor of miners with rich resources. Switching from Proof of Work to Proof of Stake will make the inequality problem much worse.

Joy: Yeah, I’ve heard about that. The billionaire says Proof of Stake is “the most unequal thing you can imagine, because the rich people make all the decisions.” On the other hand, he believes Bitcoin’s Proof of Work is democratic. One reason he says that is because, as the report reveals, he himself owns a lot of Bitcoin, not Ethereum.

Emily: Okay, this is a good time to talk about the difference between Proof of Work and Proof of Stake. Looks like the two top cryptocurrencies, Bitcoin and Ethereum, are moving toward different directions, making it even more relevant and interesting for us to get a good handle on the two approaches.

Joy: That’s true. The good news is that we already talked about Proof of Work, like the level of difficulty, the fierce competition among all miners, the guessed number of nonce, the decreasing or halving of Bitcoin reward, the single winning miner. Now we only need to add Proof of Stake to that.

Emily: It’s good to know we are halfway done. But how is Proof of Stake different?

Joy: Let’s introduce some acronyms first. PoS is short for Proof of Stake, and PoW is for Proof of Work. One easy way to think of PoS is that it adds an extra “qualifying” layer to PoW, meaning before you become a PoS miner, who are called “validators,” you must prove you have sufficient ownership stake of cryptocurrency, such as owning at least 32 Ethereum coins. This is how PoS gets its name from.

Greg: Staking is pledging, promising or depositing. Say you own 32 units of Ethereum or ETH, you can pledge them to make yourself a validator. All you need to do is to deposit those coins, or to lock them up, not to use them for anything else.

Lily: That sounds like collateral.

Emily: What’s collateral?

Lily: It’s any asset a bank accepts before it lends you money. Say our family wanted to buy a new house, banks will use our current house as a collateral before they give us new mortgage. In case we were unable to pay back the mortgage, banks have the right to sell our current house to cover the loan.

Joy: The deposited coins are collateral because if the validator messes up things, acts dishonestly or lazily in verification, she’ll lose at least a part of their stake. The other way to lose or decrease stake is to fail to participate when she’s called upon. One thing that makes deposited coins different from collateral is that its purpose is not for bank loans but for the right to validate transactions and to get reward from doing that.

Emily: How do you define dishonest behaviors?

Joy: I assume there are different ways to define dishonesty, but I’ll quote an article from Ethereum that says one either proposed multiple blocks in a single slot (equivocating) or submitted contradictory voting for verification.

Emily: If a validator acts honesty she would not be in danger of losing her deposited coins, right?

Joy: No, she retains the full ownership of the coin unless she’s penalized for malicious behavior. Furthermore, she can change her mind and un-stake the coins.

Kimberly: Back to the criticism of the billionaire about PoS promotes inequality, are all validators equal in power?

Joy: Good question. The answer is no, those with more coins in stake have more power. Part of it is that if you only have a few coins to stake, you will have a lower chance to be selected as the validator. As the Motley Fool article points out, if your stake is only 0.0001% of the total stake, you only have 0.0001% of chance to be selected. I guess that’s why that billionaire with heavy investments in Bitcoin was saying that PoS is unfair and biased in favor of rich people.

Greg: Let’s have a look at the big picture first. I’ve seen a fairly recent report from the Forbes that says about 64% of the total market capitalization of all cryptocurrencies use PoW. Bitcoin is the biggest one of course. Since we only have two major consensus mechanisms, either PoW or PoS, it’s probably safe to say that about 36% use PoS.

Emily: What’s market capitalization?

Greg: “Market cap” is short for market capitalization and is very intuitive and simple; it refers to a company’s total market value in dollar. You multiply a company’s total number of shares in the market by its price per share. Say Google has a total of 1 million shares in the stock market and each share is priced at $100, then Google has $100 million in market cap.

Emily: So 64% of market cap is not saying 64% of cryptocurrency companies use PoW, right?

Greg: That’s right. A few large crypto companies can easily make up 80% of the market, while many smaller ones can barely add up to 20%. I bet after Ethereum completes its upgrade to PoS, its position will be much stronger. That’s why so many people are talking about it now.

Lily: Once we have validators, how exactly does PoS work?

Joy: First thing first, while PoW is fairly standard, when it comes to PoS, there are many protocols, and they tend to work differently from each other, sometimes significantly. Bear in mind there are well over 10,000 cryptocurrencies.

Greg: That’s right. That Motley Fool article tells us that Cardanoprotocol selects only one validator, who then determines whether the block of transactions is valid or not. But check the Ethereum Wiki and its Proof of Stake FAQ page, it says not just one validator, but all current validators can participate in the process and their consensus takes control. On the other hand, another cryptocurrency exchange called Binance Coin uses the “Proof-of-Authority” consensus, which uses just 21 validators and each of these validators must be approved by Binance itself. 

Joy: For some crypto coins the number of PoS validators is much smaller than PoW miners. This report from TheStreet.com published in last October says Cardano has 2,924 validators that are responsible for finding or verifying cryptocurrency transactions in blocks, while Ethereum has nearly 3,500. Once the transition to PoS is done, however, Ethereum will have 243,000 validators in the network.

Greg: Yeah, that article also separates PoW and PoS in terminology. For example, it tells us that mining and hashrate are specific for PoW, while stake pools and validatorsonly for PoS. Both systems have nodes. To respect their differences, we should follow those guidelines.

Joy: It’s not hard to follow. For example stake pools are obviously only for Proof of Stake, and mining is for PoW. I have a picture that provides intuitive sense: PoW has a miner holding a pickaxe, while PoS has a validator holding a key to a safe box.  

PoW vs PoS

Emily: A couple of questions: What is a “node” again and what is “hashrate?”

Joy: There is an article from Blockchain Council that explains a node well. A node is “any system or physical equipment that is connected to a network and capable of performing specific duties such as creating, receiving, or sending data across a communication channel.”

Lily: So a node is basically a computer connected to a network of other computers. I believe nodes and network must co-exist. You can’t have a network without nodes, and a node is useless unless connected to a network.

Greg: You would be right for all other nodes and networks. But for Bitcoin it’s different. Here a node can exist independently of other nodes in the same network, because a Bitcoin node contains a complete copy of all the blocks and transactions, just like any other nodes. This is due to decentralization, meaning maintaining duplicated copies all over the world for exactly the same blockchain, so we won’t have a single point of failure like in a centralized control system.

Lily: Oh yeah! Thank you for reminding me of that.

Emily: It’s funny that I’ve been thinking all along that nodes and miners as the same thing.

Greg: You are not alone. The truth is they are closely related but not the same. First, a node is not just any computer but one equipped with cryptocurrency software in it. Also, nodes and miners work together to get verification of transactions done. I have this picture from River financial website that does a good job illustrating how miners and nodes work.

Miners & Nodes of Blockchain

Lily: In the end it is miners’ job to grow the blockchain because they are the ones verifying transactions.

Greg: Right. A node or a blockchain can’t grow itself. Remember a blockchain is just a decentralized and distributed digital ledger. If you read the article by River financial, you will see two types of nodes, one is full, and another light weighted but nowadays the latter are rarely seen.

Joy: Sometimes I can’t help thinking that Bitcoin really did it with a “security overkill.” It’s virtually impossible for Bitcoin to be hacked, although the cost is also extremely high, both in energy consumption and in human inputs. Basically, the Bitcoin algorithm makes it extremely hard to attack because miners work extremely hard.

Greg: I agree. Look at the hashrate now to get back to Emily’s question what is hashrate: It’s a measure of computing capacity for the network. An article from Robinhood.com explains it well: “A hashrate measures how many calculations can be performed per second and can be measured in billions, trillions, quadrillions, and quintillions. For example, a hashrate of 1TH/s means one trillion calculations can be performed every second.”

Emily: One trillion calculations in one second? That’s incredible.

Greg: Computers or nodes can do much better than one trillion calculations per second. An article from Robinhood.com says the Bitcoin hashrate has been as high as 179 exahashes per second (1 exahash = 1 quintillion). In case you don’t know, one quintillion is one million trillion or one trillion times one million, and yet miners are still working on it, apparently the reward is bigger than the cost.

Joy: Hashrate is not just about computing resources but also is used as an indicator of decentralization.

Lily: Really, how so?

Greg: Your mom said it right. Generally, the more miners participating in a network, the higher that network’s hashrate will be. Meanwhile, the fewer miners, the lower the hashrate. So let’s say the hashrate becomes lower this week, it means fewer miners are participating in mining. But with fewer miners, hackers or the bad guys will need less computing power to mess up the verification. The opposite holds for higher hashrate.

Lily: Wow, mining is a democratic game. This is not much different from an election: The more voters showing up, the better election results.

Kimberly: Enough for the details, what do you think of the two approaches, PoW and PoS?

Joy: The story is more complicated than simply claiming one is definitely better than others. Like I said earlier, both approaches end up being proof of resources more than anything else, they rely on different resources, though.

Emily: What do you mean?

Joy: Well, for PoS it’s about financial resources, meaning how many coins you have in stake matters the most. For PoW it’s about computing resources, meaning how powerful your hardware is matters the most.

Kimberly: I guess we haven’t talked much about computing resources until this point. I heard that in PoW, miners compete to have the fastest hardware in order to win the reward. One thing they all want is called ASIC or Application Specific Integrated Circuit. If you only have a laptop, you are doomed to lose the competition.

Greg: That’s right. The sad thing is that ASICs are designed only for Bitcoin mining, uncapable of doing anything else. This is a bad news to hackers because they would have to buy ASIC equipment, otherwise it’s impossible to become a winner.

Joy: In other words, investing in ASIC equipment increases cost for everyone, including hackers, which is a good thing for the security of Bitcoin.

Lily: But all hardware can be purchased with money. In the end, it’s all about financial resource, don’t you think?

Joy: I see your point, but it’s more complicated than that as subtle differences exist. For example, PoS critics are saying allowing current big owners of cryptocurrency to confirm transactions makes little sense because owners are biased. It’s better to let professional miners in a peer-to-peer network do the job of transaction verification. They would disagree with you that everything is about money but would rather argue that money should stay out of the mining process.

Greg: Yeah, that’s a good point. Unfortunately, whether it’s financial or technical, resources tend to be concentrated quickly to the hands of a few people rather than evenly spread out among everyone. That Forbes advisor article I was talking about earlier correctly points out that in PoW the power can become concentrated to those with fancy hardware. There is no easy solution because that’s how market works.

Joy: Having a few miners winning reward all the time in PoW is just as bad as having a few owners of cryptocurrencies to verify transactions in PoS.

Lily: I would prefer finding a balance between efficiency and equality. Isn’t that true that we should seek tradeoff between efficiency and equality? Can we find a way so that we can have “democracy” in mining but also efficiency in getting transactions confirmed?

Kimberly: By “democracy” you mean to get more people involved in the mining process?

Lily: Yeah! Remember that billionaire criticizing PoS for letting a few rich people validate all the transactions? That doesn’t sound good, and we don’t want that to happen.

Joy: Things can be more complicated than just efficiency and equality. We also must pay attention to the environment. One major weakness of PoW is its huge energy consumption from hundreds of thousands miners all the world busy mining. PoS reduces the number of validators involved and therefore significantly reduces energy consumption from mining.

Greg: Although one may argue that energy consumption is one dimension of efficiency. So the challenge is still about finding the best tradeoff between efficiency and equality.

Joy: You are right on that. The good news is that there are ways to overcome financial or computing constraints and still allow sufficient number people to participate in the mining process for both PoW and PoS. For example, people without Ethers can join a “staking pool” to get qualified for validation. Similarly, people without advanced hardware like ASIC can join a “mining pool” for faster mining.

Greg: That’s true. Those pools may be called social solution to the better tradeoff. I’m also optimistic that someday we will find a more efficient way to mine so that even though a million people are mining at the same time, the energy cost is still controllable.

Joy: In a sense the technology is already born with quantum computers. We just need to make it better and more accessible. From what I’ve read, like this one by Coinshares.com, the energy use of quantum computers is far lower than digital computers, even with much faster computing speed.

Emily: What is quantum computing and why are digital computers using so much energy?

Joy: From what I can understand, and from an article I read from livescience.com, quantum computing is a new generation of technology that is 158 million times faster than a digital computer. I remember two numbers well: What it takes four minutes to finish by a quantum computer can take a digital supercomputer 10,000 years to accomplish.

Greg: To answer your second question: Most energy in mining is used on the cooling system, not exactly on computing. Once again, quantum machines are more efficient on energy. It’s reported that the Google Quantum computer was about a trillion times more energy efficient than a summit supercomputer, the fastest digital computer in the world today.

Joy: I heard that quantum computing poses extra risk for cryptocurrencies.

Greg: Yeah, it is called “quantum attack” these days. But I wonder how much we should “cry wolf” before determining if the danger is real. I mean we can take precaution without exaggerating the risk.

Joy: From what I’ve read, the current cryptography is vulnerable to quantum attack. I read a report on a website called “investmentmonitor.ai” that says some four million Bitcoin addresses could in theory be hacked by a quantum computer. And that’s not the only problem. Quantum attack can happen to Bitcoin transactions in transit.

Greg: I’ve also heard about that but still, we must keep in mind that PoW is vulnerable to 51% attack, not to a single hacker standing alone by himself. My sense is that in one or two decades quantum computing will enter the mainstream but that will be a good news because it is unlikely for a single quantum equipped “bad” guy to dominate the network.

Emily: What’s a 51% attack?

Joy: That’s when some bad guys were able to work together either by themselves or by convincing at least 51% of miners that a transaction is true, which is required consensus for a transaction to be verified in PoW.

Greg: Looking at the positive side, we’ve already seen some “post-quantum” cryptography algorithm being developed. Hopefully this helps speed up the race against time and against risk of quantum computing.

Lily: What’s your closing argument on PoW versus PoS?

Greg: I think both have pros and cons, strengths and weaknesses. In the end, it is likely that both will exist and serve different audiences. Some people care less about decentralization and more about fees, while others are all about getting the highest yields. For those who really care about safety of large amount transactions, PoW is likely to be the choice. On the other hand, if someone does not possess many coins, and cares about environmental impact, she would prefer PoS.

Joy: I agree. For the society in general, keeping both PoW and PoS is the best idea. We are still early in the game and with so many cryptocurrencies competing with each other, it’s hard and unwise to claim or even to aim a single winner. While PoW has been proven working well and Bitcoin has some first mover advantage, PoS still has some way to go but Ethereum is unlikely to sink.  

Categories
Cryptocurrencies & NFTs Financial talks at dinner table

Merkle Tree & Double Spending

The family today will wrap up the technical issues and move on to big picture issues associated with cryptocurrencies and blockchain.

Greg: Okay, last time we talked about Merkle Tree but did not find the time to talk more about it. To begin, I think the key is to understand different hash values. We have transaction level hashes, meaning each transaction has its own hash, although we barely talk about that.

Emily: Yeah, why is that?

Greg: Because the “block hash” steals the show. In fact, we talk about block hash so much that we may even believe there is only one hash in each block. But if you think about it, that can’t be true because we want to make sure every transaction is immutable, not just immutability for the entire block.

Jason: That’s true. I remember watching that video you recommended, and it shows every time the guy typed something in the data column, the hash changes. It’s not like the hash only changes once at the end when all data are entered.

Greg: It has to be that way. If anyone can mess around each and every transaction inside a block without any change in hash, what does it mean to have a secure block? It means nothing. A secure block must make sure all the records it contains to be secure. We can think of a block as a movie theater, which is not safe unless all movie-goers are safe. If one were to be kidnaped in it, nobody could claim the theater safe.

Lily: The key is to link record level security to block level security I think.

Greg: Exactly! And that’s where Merkle tree fits in. Let me show you a picture of that tree.

Merkle Tree, Merkle Root & Block Headers

Emily: It looks complicated.  

Greg: That’s because it shows more than a Merkle Tree. It has three blocks, or more accurately three block headers. Merkle Tree is shown for the middle block. Let me show you another picture from Investopedia that contains only Merkle Tree, no block headers:

Transactions (T), Hashes (H), Merkle Tree & Merkle Root

Emily: What’s the basic idea of the picture?

Greg: The tree keeps pairing up transaction’s hashes, called “leaves hashes,” to combine them all into one single “root” for all transactions. In the pictures the root is called “Tx_Root” or Habcdefgh where “Tx” or “T” stands for transactions. Most people call it Merkle root to honor the author who invented it. “H” is always for hash.

Kimberly: It’s funny that you call it a tree, but the root is at the top.

Greg: I was gonna point that out. Yes, the Merkle Tree is always upside down with the “leaves” at the bottom and “root” on the top. Furthermore, it is the same fingerprint machine, SHA256, that is used to build the tree. It starts by creating one hash for each transaction and then retains the hash, no need to keep transaction details, which saves space.

Lily: Let me guess: The fingerprint machine keeps pairing up hashes until there is just one hash, which will be the Merkle Root hash, right?

Kimberly: Also, once we have linked all records in a block, we then link blocks. This is done by each block header always containing the block hash of the preceding block, like its parent, which has its own parent block. That way once a block is added to the blockchain, it cannot be easily changed.

Greg: Both of you guessed right! A couple details. First, if the number of hashes is an odd number, we will simply duplicate one hash to ensure all hashes will be paired up. Secondly, the Merkle root hash is always 32 bytes, whether it’s for one transaction or one thousand. Finally, SHA256 actually hashes block header twice, which is why sometimes you will see notions like SHA256-2 or SHA256 Squared (SHA2562).

Emily: Why is that?

Greg: I don’t think we need to worry too much about it, but the most popular theory is that hashing twice helps protect against the so called “length extension attacks.”

Emily: What’s that?

Greg: According to this Wikipedia page, it’s a risk where a hacker can use the output hash and the length of input messageto calculate another hash controlled by hacker, without needing to know the content of input message. By the way all SHA-2 algorithms, which include SHA256, are vulnerable to this but the future generation like SHA-3 won’t have the problem.

Joy: We probably should only remember that the reason behind hashing twice is to increase the security of the hash.

Greg: That’s right. Now to wrap up, here is a pretty good overall picture from Tutorialspoint.com:

Overview of Bitcoin Block Hashing

Emily: This one has all the six fields in a block header.

Greg: Yes, it does. One terminology issue: The level of difficulty is sometimes called “Bits” like in this picture. Just so you know.

Kimberly: I have had a question for a while but did not get to ask: What exactly is the “double spending” problem. Almost all discussions on mining mentioned this.

Joy: There is an article by Investopedia that offers a good explanation. It says the problem is mostly for digital money, not paper money. Spending the same $20 bill twice is virtually impossible, just like you can’t have a cake and eat it. After you hand your $20 bill out to the cashier for a 16’’ pizza, you can’t get that bill back, unless the pizza had the wrong topping, like you ordered mushroom, but you got meatball. You can demand for a refund and get the $20 back — but then you didn’t get the pizza.

Jason: It is possible though that the store manager may let you keep the meatball pizza for free and give your $20 back. A friend of mine told me a story like that before.

Greg: Good try, Jason! But that is not a “double spending” case. Instead, it’s “no spending” because you did not spend a penny in the transaction.

Kimberly: But why do cashiers in supermarkets or stores constantly check every dollar bill from the customers?

Joy: I was thinking of the same thing. Supermarkets are looking for fake money, but fake money is one feasible way to double or even multiple spending. It uses one real dollar bill to produce thousands or millions of fake bills. To be sure, fake paper money is only possible with the right printing equipment and paper. With central bank’s monopoly power, it is impossible to produce fully authentic paper money. Cashiers with a simple device can quickly tell the difference.

Kimberly: So is it true that digital money is more vulnerable to double spending than paper money?

Greg: Let me first make a quick comment that we need to separate digital money from cryptocurrency.  The former is centrally issued just like the paper money but only exists in digital format, while the latter is decentralized, encrypted and distributed.

Kimberly: Wow, up to this point I thought “cryptocurrency” and “digital money” were different names of the same thing!

Greg: I recommend this article of Investopedia entitled “Digital Currency.” The authors correctly point out that all cryptocurrencies are digital currency, but not all digital currencies are cryptocurrency. Digital money has three types. The first is cryptocurrencies like Bitcoin and Ethereum; but we also have the so called “virtual currency” like casino tokens; and finally Central Bank Digital Currencies or CBDC, issued by central banks.

Joy: I remember reading this article from Times of India that says one of the striking facts of life is that an estimated 92% of the world’s currency is digital. I believe that estimate is right because all transactions between banks, between banks and firms, between firms and firms, they happen more often in digital form than in paper money. The bigger the transaction size, the more likely it is in digit form.

Greg: That’s right. If you expand the definition of digital currency to those frequently but not necessarily exclusively existing in digital form, then we can totally believe more than 90% of money today belong to that group. They are simply digital tokens. Yes, they can be printed out if needed, although I have a hard time imaging why we would want to do that.

Kimberly: Perhaps not printing out but cash out from an ATM machine. Like someone receives her monthly salary in digital form to her bank account but may need to take out a $5 bill to pay the toll if she does not have a FasTrack device.

Greg: That’s true.

Kimberly: So what does it mean for the double spending problem?

Greg: Is digital money more vulnerable to double spending than paper money? I would say no. In fact, I would say the double spending problem for digital money is overstated. There is an important technical reason for that: Digital money is much easier to be copied than paper money. However, just because it’s technically feasible does not mean it’s inevitable, because we already have powerful means to control and prevent the problem.

Kimberly: What are the means you have in mind?

Greg: Because digital currency is centrally controlled, the same central authority becomes the means to fight double spending. It will have detailed ledger to track down every digital dollar and nobody can escape from that monitoring and central auditing — unless the kind of double spending approved by the central authority.

Kimberly: We can have legitimate way of double spending?

Greg: Oh yeah, it happens all the time. All commercial banks are required to have certain amount of money in reserve but can make commercial loans above its limit. This is a legitimate way of double spending the reserved money. Say a bank only has $1 million in cash but can make $1.5 million loans. We just don’t call it “double spending” but “leveraging.”

Joy: On the other hand, like we talked about earlier, paper money is not any safer than digital money. Fake paper money can happen to every one of us on a daily basis. Just because one cannot spend the same dollar bill twice does not mean double spending is impossible for paper money. It is possible, mostly through fake dollar bills.

Lily: What about cryptocurrency? Are they more vulnerable to double spending?

Greg: Once again, the possibility of double spending for cryptocurrency is exaggerated. If anything, the blockchain has made double spending very difficult — even without a central controlling authority. There is an article in Investopedia that says that the “likelihood of a secret block being inserted into the blockchain is very slim because it has to be accepted and verified by the network of miners.” In fact, “it is more likely that a cryptocurrency is stolen from a wallet that wasn’t adequately protected and secured.” In conclusion, it says “(t)here isn’t actually any recorded instance of double-spending. The cryptocurrency community believes that all double-spending has been thwarted.”

Emily: We still have not touched on the comparison between Proof of Work and Proof of Stake yet. Looks like we will get to that another day.

Categories
Blockchain Cryptocurrencies & NFTs Financial talks at dinner table

Digging Deeper into Crypto Mining

The Kingstons continues their intellectual journey on blockchain in relation to cryptocurrency. The previous days were on foundational topics like the cryptocurrency algorithms, decreasing reward to miners, and most importantly the cryptography that sits behind all cryptocurrencies. Today they are ready to talk about details of mining itself, finally addressing Emily’s question from days ago.

Greg: So does everyone have the chance to watch the video I recommended? Don’t mean to put pressure on you guys.

Jason: I did. You are right and I was able to understand the show most of the time. Now I have something to brag about in my school to other kids.

Emily: It looks like the thing called “nonce” plays a crucial role in mining, Am I right?

Joy: That’s right. To mine is to play with numerous nonces. Similarly, to win in the mining game is to find the “Golden Nonce” that leads to a hash that fits the criterion or the standard hash.  

Emily: But what exactly is “nonce?” The video did not tell us, it just shows up like a magic number.

Greg: Nonce stands for “number used once,” where the first letter “n” is for “number,” and “once” for “one time.” It’s 32-bits — or 4 bytes because one byte is 8 bits and 32 divided by 8 is 4. This is a good size because it’s much smaller than SHA-256 that’s 32 bytes, again 256 divided by 8 is 32, yet big to generate a large number of combinations. Anyone wants to guess how many possible combinations there will be for nonce?

Jason: Let’s see: 32 bits and each bit has two values “0” and “1,” the possible combination will be, let me get it from my phone. “Hey Google, what is 2 to the power of 32?” Wow! It’s 4,294,967,296 or more than 4 billion different values.

Greg: Great! We need that many nonces because each one can be used only once. I hope we can get to the point later that even these many nonces sometimes may not be enough.

Joy: Now we can finally answer Emily’s questions what mining is: It is a process in which miners enter different nonces into the SHA-256 the digital “fingerprint machine” to produce different hashes and one of them may be a or acceptable for validating the entire block of transactions.

Greg: More accurately SHA-256 does not work just with nonce but with the whole block header.

Emily: What is that? I’ve heard block in a blockchain but never block header.

Greg: A block header is a “headshot” of the block with 80 bytes of 6 fields. Sometimes you see people writing down fewer than 6 fields, but they should really have listed all as all are useful. These fields are “software version” that has 4 bytes, “previous block hash” of 32 bytes, “Merkle root” of 32 bytes, “Timestamp” of 4 bytes, “Difficulty target” of 4 bytes, and finally “nonce” of 4 bytes.

Emily: Wow, lots of information here. Do fields with more bytes more important than others?

Greg: Not necessarily. Nonce for example only has 4 bytes but as the video shows it plays a crucial role in mining. The 6 fields in a block header are divided into three types. Nonce is the only one that miners have control. Others are either predetermined like previous block hash or controlled by the system like software version, difficulty target and the Merkle root, or controlled by nature like timestamp. I have a table from the book “Mastering Bitcoin,” 2nd edition by O’Reilly Media Inc in 2017. But we don’t have to understand all the details for each field, just focus on difficulty target and Merkle root and Nonce.

SizeFieldDescription
4 bytesVersionA version number to track software/protocol upgrades
32 bytesPrevious Block HashA reference to the hash of the previous (parent) block in the chain
32 bytesMerkle RootA hash of the root of the Merkle tree of this block’s transactions
4 bytesTimestampThe approximate creation time of this block (seconds from Unix Epoch)
4 bytesDifficulty TargetThe Proof-of-Work algorithm difficulty target for this block
4 bytesNonceA counter used for the Proof-of-Work algorithm
Block Header the Headshot of the Block

Jason: Just a curiosity: what exactly is Timestamp? The description says seconds from Unix Epoch.

Greg: The Unix “epoch” timestamp is based on the number of seconds elapsed from January 1, 1970, midnight UTC/GMT.

Emily: After watching the video I think I have an idea of what mining is. You click a button and computer quickly runs through different nonce until it finds one that fits the target of difficulty. What I still don’t understand is how the target hash is set.

Greg: The target is set by the algorithm. Remember we talked about how the level of difficulty is set every two weeks? The reason behind the difficulty target is also simple: We just want to keep the pace of releasing new Bitcoin at ten minutes per block. The Mastering Bitcoin book said it very well: That ten minutes per block is the “heartbeat” of Bitcoin.

Joy: That is a good expression.

Greg: The fun comes when we put nonce and target together to get a complete picture. I find this article by Kirill Eremenko in 2018 that does a fairly very good job explaining how. Another article by Blockchain Council also explains nonce well. I specifically like the simple math classroom analogy it uses.

Jason: I like math. Sowhat is the analogy?

Greg: Very simple and yet very interesting, it says in a math class the teacher gave the following problem for students to solve, and whoever gets the answer first win some award: 315 + ? = 319.

Jason: That’s it? That number is 4! 315 + 4 = 319. I bet even Cleo can solve it.

Greg: Theproblemiseasy, but it offers hints to several important concepts in mining. Turns out that “4” is nonce, “319” is the target of difficulty, and “315” is previous block hash or anything that nonce is added to for mining. Mining is to find the piece of the cryptographic puzzle — the nonce and hash value — to meet the level of target difficulty. Take a look at this picture I draw to see how nonce and target work together to produce acceptable hashes for Proof of Work. This is inspired by a similar drawing in this article but with changes.

How Level of Difficulty Controls Proof of Work

Kimberly: What changes have you made from the original?

Greg: The biggest one is to make the target hash an area rather than a single line. This reflects the changing level of target difficulty, called “retargeting,” because a higher level of difficulty means a smaller target hash. So of the two yellow broken lines the one below is harder than the one above.

Emily: It’s never clear to me how to control target hash or level of difficulty. I heard someone saying the other day that it is controlled by the leading zeros in the target hash. Why’s that?

Greg: Because with any number of a fixed length, more leading zeroes always make it smaller. Let’s compare two 5 digit numbers, one is 01234 and the other 00123, which is smaller? Of course the second one with two leading zeroes. I can even change the second number to 00987 and it won’t make a difference. This is why the number of leading zeroes controls level of difficulty. If the algorithm needs to raise the level of difficulty, just add more leading zeroes. Do the opposite and drop at least one leading zero to lower the level of difficulty.

Emily: Oh, that’s it? It sounds so easy.

Joy: It is easy. You often read people saying that mining involves solving complicated math problems. Not true. The math is easy and simple, the solution however requires more computing resources. That’s why I said that both Proof of Work and Proof of Stake are Proof of Resources.

Emily: But I still don’t see how a smaller target hash will make mining more difficult than a larger target?

Greg: Because a smaller target squeezes the space for finding acceptable hashes. Look at the picture again and if the target hash was the yellow broken line above, not below, there would be more acceptable hashes to be found, mining is easier.

Joy: Think of a room with a high ceiling versus another room with a very low ceiling, which room can hold more stuff? The one with high ceiling, right? A larger target hash is like a larger room to accept more hash values.

Greg: Chapter 10 of the book Mastering Bitcoin I mentioned earlier has an excellent analogy I believe would help us all. It tells a dice rolling story. Someone rolls two dice, and the goal is to show a number of dots below a target, just like our proof of work problem. Now, one dice has six sides with 1 to 6 dots on each side. Jason, if I roll two dice at the same time, how many possibilities of dots there will be?

Jason: Well, each dice has 6 possibilities, and two independent dice will have 6 x 6 = 36 possibilities.

Greg: Right. Now let’s say the target is to show 12 dots on two dice rolling together. Is it easy to get a “Golden Nonce,” meaning the right nonce to solve the mining problem of finding acceptable hash value?

Jason: Very easy! The only time one would loss is when she has (6,6), meaning both dice have “6” dots. All other combinations are winning.

Greg: Right! Now let’s lower the target to 11 dots. That would still be easy, as long as they show up anything below 11 dots. Keep lowering down the target until it’s 5 dots, then it’s harder, because most rolls will show up above or equal to 5 dots. Jason, how many rolls would meet the target?

Jason: Let’s see: (1,1) for both dice showing one dot; (1,2) for one dice 1 and the other 2 dots, (1,3) for one with 3 dots and another 1 dot and finally (2,2) for both showing 2 dots. I guess only 4 out of 36 possibilities qualify. 4 divided by 36 is roughly 11%, so nearly 90% of the time one loses.  

Greg: How about a target of 4 dots? Only (1,1) + (1,2) = 2 possibilities to win. For target 3 it drops down to (1,1) = 1 winning possibility.

Emily: I see your point: The smaller the target the harder to get the required nonce to produce satisfied hash values.

Greg: I’m not done yet. Let’s go down to a target of 2 dots on the same pair of dice, then we will see a really tough game, because nobody can win no matter how many times she rolls the dice.

Emily: Interesting! Are you sure about that?

Greg: I’m positive. The book I am citing from claims one possibility of (1,1) will win but that’s not true. Remember the challenge is to go below — not equal to — the target of 2 dots. The only “chances” to win are (1,0) + (0,0) = 2 possibilities but those are impossible since no dice has 0 dot as the minimum dot is 1. That’s why for two dice to show dots below 2 is impossible. Game over and nobody win.

Lily: So does it mean sometimes we will have no winner and no new Bitcoin will be released?

Greg: Of course there will be winner and a new block of transactions will be verified and added to the blockchain. It just means sometimes we will run through all the 4+ billion nonces and still find no acceptable hash below the target.

Lily: It’s amazing that even 4 billion nonces are not enough to solve the mining problem.

Greg: It’s understandable if you know how powerful computers are today. The article by Kirill Eremenko tells us that “even an average mining device can calculate up to 100 million hashes per second, and therefore will go through the Nonce range in 40 seconds. And that’s an average miner. Mining pools and industrial scale mines are able to go through the Nonce range in fractions of a second.

Lily: Okey, I can see that 4 billion nonce is not that much in the eyes of modern computers. But what we do to make sure we find the right hash to verify the new block of transactions?

Greg: That’s why Proof of Work is not just a game of nonce, we must utilize other things in the block header I was talking about earlier and then use the SHA-256 fingerprinting machine to make sure we get Proof of Work done.

Kimberly: The block header contains a total of 6 fields, we’ve used nonce and previous block hash, what else would we use?

Greg: The first extra field to be utilized is Timestamp. As Eremenko points out, “all we have to do is wait until the timestamp increases. A change in the timestamp will mean that the combination is now different and if we try all 4 billion Nonce values again, every time we will get a brand new hash value.

Kimberly: Sounds like we solved the problem once and for all.

Greg: Not really. Turned out that even the timestamp, which increases by second, is not updated fast enough. The mining pools, where miners form a club to mine together, can finish running through 4 billion nonce in a fraction of one second. We need other ways to help find the Golden Nonce.

Emily: Wow! Now what?

Greg: If there is a will, there is a way. Turns out that we can use Coinbase transaction to solve the problem.

Emily: What’s that?

Greg: Let’s first find out what Coinbase is. According to this Wikipedia page, Coinbase is “an American company that operates a cryptocurrency exchange platform.” “It is the largest cryptocurrency exchange in the United States by trading volume.” What makes Coinbase transaction special is that it is always the first transaction in each block, and it is created by miners who use it to collect the block reward and other transaction fees.

Emily: How does it work for solving our problems here?

Greg: It may sound complicated, but the idea is simple: We use the Coinbase transaction data as extra space to hold extra nonce.

Lily: How much space can we get from the Coinbase transaction?

Greg: Quite big, it can hold anywhere between 2 and 100 bytes of data. That space is called “extra-nonce space,” which provide an extra nonce mining solution. Say we use 8 bytes of the Coinbase data space, plus 4 bytes of “standard” nonce space, there would be 12×8=96 bits, or “2 to the power of 96” instead of “2 to the power of 32” as previously with the standard nonce.

Lily: Wow, with this much space we don’t have to use the Timestamp.

Greg: That’s right. The other good thing is that Coinbase transaction always enters Merkle Tree, so anytime there is a change in Coinbase transaction, it will change the block hash.

Emily: What’s a Merkle Tree?

Greg: That’s the question for another day. We will also talk about encryption and compare Proof of Work and Proof of Stake.

Categories
Blockchain Financial talks at dinner table

All About Cryptography

The Kingstons agreed to dig into more details of cryptocurrency mining asked by Emily. Although the issues are more technical than all the previous conversations the family has had, the conversation style keeps the text short and pointed because anyone can ask any questions along the way. At the end of day, however, they did not go any further than talking about hash, hash function and cryptography.

Greg: Let’s consider the mining question Emily raised at the very beginning. Remember we were talking about a decreasing reward for miners? Turns out that the Bitcoin algorithm also has a changing level of difficulty for mining, which can either go up or down, depending on the number of miners in the game and how active they are mining.

Joy: That’s right. Please don’t feel overwhelmed Emily because this issue is directly related to what mining is. We’ll get there to answer your questions.

Emily: Thank you for telling me that. Meanwhile, I’ll keep asking questions along the way if you don’t mind.

Greg: Of course not! Let me begin from one concept called “difficulty epoch” as discussed by a CoinDesk article. Each epoch corresponds to 2,016 blocks of transactions, which in turn correspond to roughly two weeks. After the current difficulty epoch is reached, the difficulty level will be updated either up or down, based on the number of miners and their activities in the last two weeks.

Joy: Yeah, the goal in the algorithm is to finish verifying a block in ten minutes. If last two weeks have seen less than ten minutes the difficulty level will be up, otherwise down.

Lily: So it looks like not only the entire supply of Bitcoin will reach 21 million coins in 2140 but the pace of releasing new bitcoins is also determined by the algorithms at 10 minutes per block.

Joy: Yeah, the whole process is transparent. You can prove it with the numbers. 10 minutes per block means 6 blocks in one hour, 144 blocks in one day of 24 hours, and 2,016 blocks in two weeks or 14 days because 2,016=144 x 14.

Greg: Not meant to confuse you, but there is another milestone related to the decreasing coin reward to miners. Remember we learned yesterday that four every four years the reward will decrease by half. That four years correspond to 210,000 blocks created or confirmed.

Emily: How do the algorithms control levels of difficulty?

Greg: The key is to change the number of leading zeros in the target hash function.

Emily: Wow, what’s a hash function?

Joy: We talked about hash function before when we were discussing NFTs. A hash function is best to be called a “fingerprint machine.” In math terms, hash function is nothing but algorithm that accepts different inputs or data or messages and then produces uniform sized “fingerprints” that can be called “hashes,” “hash values,” “hash sums” or “message digests.” I can show you a static picture here, but the guy named Haseeb Qureshi does a better job in a blog showing a really neat dynamic cartoon picture.

Hash input, hash function and hash digest

Greg: Haseeb Qureshi did a good job but this video is by far the best I’ve ever seen after reading, searching and watching many other pieces and sources. It explains a whole bunch of concepts like block, blockchain, hash, hash function, nonce, distributed network, tokens and Coinbase and nicely put them together with a little demonstration that clearly and visually get the ideas crossed. It’s so intuitive that people as young as Jason can understand because everything is right there in front of your eyes. It’s about 18 minutes long but I guarantee that it won’t waste a single minute of your time.

Emily: Wow! I’ve never seen you so excited before. We sure will watch it later.

Greg: Just a bit background information for the video. At the beginning of the video you will see the term “SHA-256,” that means “Secure Hash Algorithm” that produce hashes that are 256 bits long. Bear in mind that when it comes to computer terminologies, we don’t count “words” but only “bits” and “bytes.” One byte is 8 bits. So 256 bits is just 32 bytes.

Emily: Why should we care about these details?

Greg: You don’t have to. We could sit here talking about bits, bytes and hexadecimal numbers all day. But the important thing to keep in mind is that the SHA-256 is a hash function, or more accurately a cryptographic hash function — the machine that makes hashes or “fingerprints.” There are other hash functions but SHA-256 is the most popular one. If you must know one hash function, SHA-256 would be it. Bitcoin uses SHA-256, for example. I learned from this article by n-able.com that “The US government requires its agencies to protect certain sensitive information using SHA-256.”

Kimberly: What make SHA-256 so much liked?

Greg: That article by n-able.com again offers a good summary: (1) one way function from input data to hash and almost impossible to figure out what the input data is even if you know its hash because “A brute-force attack would need to make 2256 attempts to generate the initial data.” (2) Uniqueness of hash, once again because the “2256 possible hash values (more than the number of atoms in the known universe), the likelihood of two being the same is infinitesimally, unimaginably small.” (3) the avalanche effect that “a minor change to the original data alters the hash value so much that it’s not apparent the new hash value is derived from similar data; this is known as the avalanche effect.” These are the major ones; I will add more later when we compare hash function with encryption.

Joy: Now that you mention encryption, I remember reading somewhere that cryptocurrency needs both hashing and encryption.

Greg: That’s true. The nice thing though is that encryption and decryption, hash functions, and digital signature algorithms are all parts of cryptography. This is why Bitcoin and others are all called “cryptocurrencies” because they all use the same foundational technologies of cryptography.

Emily: What does the word “cryptography” mean?

Greg: Good question. This article from Investopedia offers a good explanation. I have it downloaded to my phone. Here it is: “The word ‘crypto’ literally means concealed or secret. ‘Cryptography’ means ‘secret writing’ — the ability to exchange messages that can only be read by the intended recipient.”

Emily: Sounds like cryptography is all about security and confidentiality of information or data.

Greg: More accurately it’s a decentralized way of keeping information, data and transactions secure, a way that does not require a third party or a central authority. Furthermore, the technologies not only provide security but also efficiency. If you watch the video I recommended, you will see that we can put in all the stuff from the Library of Congress and the hash function still produce one hash digest that is only 256 bit long!

Lily: What about encryption and decryption? What are they and why we need them?

Greg: They serve different functions for cryptocurrency. So far we have been talking about cryptocurrency mining, which relies on the hash functions. But when we get to the transactions between digital wallets, encryption and decryption become the key tool.

Kimberly: How do hash function and encryption differ?

Greg: That’s a hot topic and much discussion surrounding it. The first key difference is that encryption is a two way process, meaning you first encrypt the plaintext data to make it secret or unreadable, which is called “ciphertext”, and then you need to decrypt to make it readable.

Joy: This is like sending and receiving a telegraph in the old days.

Greg: Exactly. Say someone’s grandma is seriously sick, she’d rush to the post office and writes down the words “Grandma sick, come home!” to be sent to her brother. The post office worker would first translate, encrypt that is, the words into a bunch of codes, and then send to her brother. Once the telegraph arrives at the receiving post office near where her brother lives, someone else in that post office will translate, decrypt this time, the codes into plain English.

Kimberly: How is the hash function different?

Greg: Hash function always works one way, meaning there is no decryption. Once the input data, messages or transactions were hashed, we don’t want them to be decrypted or to make the hash readable by a human. For a hashing function, such a reverse process — if succeeded — would be a disaster because it means the hash function failed to do its job.

Kimberly: But why is that a good thing? It’s like sending a telegraph out that no one can read and understand, right?

Greg: I thought about that for several days by asking myself the same question as you just did: What if someone needs to read and understand the original input, not just the hash? I searched online using that question and could not find any answer.

Kimberly: So do you have an answer now?

Greg: Suddenly it came to me yesterday that it’s not the right question to ask, because it failed to take the purpose of blockchain data into consideration. When people put transaction records in a blockchain, they want two things: One, keeping those records in the chain permanently and remain unchanged forever. Two, making the authenticity of all the records in each block easily and quickly proven. For those purposes a one way hash function works out perfectly.  

Kimberly: Could you elaborate on that?

Greg: It is directly related to a very nice property of the hash function. Not only is it a fingerprints machine, but the machine is extremely efficient. Remember I talked about earlier that even if we put all the books and journals from the Library of Congress into one block — I know that’s impossible given the 1 MB per block data limit set by Satoshi — the SHA-256 hash function would still produce just one hash that is 256 bit long?

Kimberly: Yeah, why is that relevant here?

Greg: Well, keep using the Library of Congress example, and still assume the entire collections were fit into one block, with the hash function working properly, even if I changed one comma in one book — and there are 167 million items when I checked it last night — to a period, the hash will be completely different.

Joy: Yeah, even a tiny change in the input will certainly lead to a completely different hash. This is called “Avalanche Effect.”

Kimberly: Those are impressive, but I still don’t see their relevance with our discussion here.

Greg: Think of it: How would you make sure that none of the records in a block has been tempted? Checking all the records one by one, or just look at the hash function to see if it has been different?

Kimberly: Oh, I see! A hash function makes it very easy to find out any changes made to any record in a block. I can buy that, but what about encryption? Does it do the same thing as a hash function?

Greg: Smart question! If I say “yes,” then we can use encryption to still get what we want. Unfortunately, the answer is “no.” You see, the output from encryption varies, depending on the size of the input. That means longer inputs or “plaintexts” will have longer outputs or “ciphertexts.” This is just like telegraph, the more words you send, the longer the telegraph and more money it costs you.

Joy: Very interesting. The other reason we can use hash function for blockchain is that all hash functions are deterministic, meaning that given the same input, only one hash digest will be produced. Therefore, while it is virtually impossible for anyone else to reproduce the input from hash, whoever owns the input record knows perfectly well what the input is. She does not have to do the “reverse engineering” like a hacker would have to.

Emily: You say, “virtually impossible,” is it still possible to find the input once you have the hash?

Joy: It is possible but highly unlikely. The way to do it is through the so called “brute force attack,” meaning to run through all the possible combinations until hitting the target. This requires great resource with very low chance of success. Remember the reason we were told earlier: A hackers would have to make 2256 attempts to generate the initial data.

Lily: I am thinking of passwords that we use every day. They are usually not very long, so which function is best for protecting passwords, hash function or encryption?

Greg: Good question. The answer is still hash function but for a different reason. Can you guess what it is? It’s because decryption — the process that makes an unreadable text readable — is a bad idea that is asking for trouble. This article correctly points out that “it’s more secure to store the hash values of passwords instead. When a user enters a password, the hash value is calculated and then compared with the table. If it matches one of the saved hashes, it’s a valid password and the user can be permitted access.”

Joy: Speaking of passwords, I’ve read an interesting story that is almost funny: Turns out if you limit the passwords to a four-digit number, the choices made by many people are highly predictable. I still remember that the top choice is “1234,” followed by “1111” and “0000.” Those made the “top three” list.

Lily: So is encryption any good at all for cryptocurrency? It sounds like hash function is all we talk about.

Greg: That’s a question for another day.

Categories
Blockchain Cryptocurrencies & NFTs Financial talks at dinner table

Blockchain & Cryptocurrency

After yesterday’s talk on editable blockchains, the family comes back today to continue their conversation on blockchain and cryptocurrency mining. The conversation is mostly between Emily, who believes she is not good at technical details, and her parents.  

Greg: I hope you all had the time to find something related to blockchain. Yesterday we talked about philosophical issues of absolute or relative immutabilities, today I think the issues may be more detailed and more technical.

Emily: I guess I’m not good at technical stuff. Can you help me with “Proof of Work?” versus “Proof of Stake?” I know one of the top cryptocurrencies, Ethereum I think its name is, is moving toward “Proof of Stake” while Bitcoin stays with “Proof of Work.”

Kimberly: That’s right. I read a report from the Fortune magazine that Ethereum is currently running both “Proof-of-Work” and “Proof-of-Stake.” But when they finish the highly expected upgrade, which we don’t have a set date yet, it will be “Proof of Stake” only.

Lily: And I read an article published by Bitcoin magazine that says Bitcoin will not, and could not, switch to “Proof of Stake” because Bitcoin code is immutable.

Joy: It’s important to remember that first of all, “Proof of Work” and “Proof of Stake” are different ways of doing cryptocurrency mining. Perhaps even more importantly they are both “Proofs of Resources” in the sense anyone possessing more resources has a better chance to become a winner in crypto mining.

Emily: You said “a winner” so there is just one winner? Also what is cryptocurrency mining? Why are so many people interested in mining?

Joy: Let’s begin from the last question, which is the easiest: People want to mine crypto for the same reason today as people came to California during the “gold rush” in the 19th century. They want to win something big.

Emily: How big is “big?” I mean the size of miner reward.

Joy: Let’s find out. Jason, could you Google today’s Bitcoin price for us please?

Jason: Sure. “Hey Google, what’s the price for Bitcoin today?” Here it is: $31,119.80 for one bitcoin on May 15, 2022.

Joy: Thank you! Just to be clear, a winning miner will get far more than $31,000 because she receives more than one bitcoin, 6.25 coins to be accurate for now, every time she successfully mined one block of crypto transactions. We multiply the unit Bitcoin price of $31,119.8 Jason just found for us by the number 6.25, which is $194,498.75.

Emily: You said, “for now.” So 6.25 coins are not constant all the time?

Joy: No, how many coins the winner gets are not constant but keep decreasing by half roughly every four years, until it goes to zero in 2140 when there will be 21 million Bitcoin in total.

Emily: How does the decreasing reward work?

Joy: It’s called “block halving event” and let’s show it with numbers. I will quote this website called bitcoinblockhalf.com that does a good teaching job. I have it downloaded to my phone. Here it is: “When Bitcoin first started, 50 Bitcoins per block were given as a reward to miners. After every 210,000 blocks are mined (approximately every 4 years), the block reward halves and will keep on halving until the block reward per block becomes 0 (approximately by year 2140). As of now, the block reward is 6.25 coins per block and will decrease to 3.125 coins per block post halving.”

Emily: I understand these numbers but why the decreasing rewards. That’s not fair to later miners don’t you think?

Joy: This is a good time to tell the entire crypto rewarding story, or why miners get rewarded in the first place. Let me ask a question first: Who do you think is authorized to issue the paper money?

Lily: The central banks. In the US that’s the Federal Reserve.

Joy: That’s right. Now, who has the authority to issue Bitcoin, Ethereum and other cryptocurrencies?

Lily: No one. They are decentralized currencies I believe.

Emily: Wait, what are “decentralized currencies” versus “centralized currencies?”

Lily: The dollar bills we use every day are centralized money because every dollar bill is issued and controlled by the Federal Reserve, nobody else can do that. That monopolistic and central control makes the dollar centralized currency.

Greg: Now that we are on the topic, centralized versus decentralized is not the same as distributed. I read an article talking about how the three systems differ. Briefly, centralization or decentralization refers to mode of control, while distribution is about location.

Joy: Yeah I heard about that, too. Bitcoin, or more accurately its blockchain, is decentralized but also distributed: “Decentralized” because decisions are made not by a central authority but by consensus; “distributed” because the nodes in a peer-to-peer computer network are all over the world.

Nodes in a peer-to-peer network

Greg: Here is a picture of the three systems I found online. Centralized has all links pointing to a single center, kind of like the Chinese political system where everything is eventually determined by Beijing. Decentralized does not do that, although it may contain hubs of links, kind of like the federation system this country has, where hubs are different states. Distributed has neither a center nor hubs. It is like “direct” or “pure” democracy if you will, getting rid of the representatives altogether.

Lily: I don’t know you guys but if we were treating all three systems as modes of control for decision making, I will pick the one in the middle, the decentralized mode, although I understand the “distributed” system is for locations, not exactly for controlling.

Kimberly: I feel the same! Decentralized has advantages from both sides, just like “representative democracy” is better than centralized dictatorship and distributed “direct democracy.”

Three Systems of Decision Making & Location

Greg: Going back to cryptocurrencies, they are all issued and controlled by algorithms, not by government agencies.

Emily: What are algorithms?

Greg: An algorithm is a predetermined set of rules for computing. In this country we have rule of law for governing human behaviors. Algorithms are the rule of law for governing computer behaviors.

Emily: Interesting. I did not realize how important algorithms are in our lives.

Greg: Bear in mind though algorithms are initially designed by humans. Once started, an algorithm can obtain its own life, or works by the designed logic until we decide to change the rules later.

Joy: I really want to comment on the algorithms in cryptocurrency, more specifically Bitcoin, has been well thought of. Let’s ask ourselves this question: Why was the algorithm designed to reward miners? This is highly relevant to Emily’s question of why the miner rewards are reduced by half every four years.

Lily: From what I have read, it’s all economics. When Bitcoin first started, it must compete with the monopoly power of central banks. The way it competes is through mobilizing as many people as possible, to get them involved in creating and owning cryptocurrencies. Offering reward in Bitcoin — not in dollars — is the best way to go, because miners would have their personal interests lined up with increased value of Bitcoin, or all cryptocurrencies for that matter.

Joy: That’s right! Decentralized power comes from having a large number of people all working for the same goal with shared interest. The economic reasoning behind cryptocurrency rewarding is to give higher reward at the beginning, when Bitcoin was a brand new “startup money” and not many people knew about it.

Lily: It also reflected the lower value of Bitcoin in terms of dollars back when it started in 2009.

Joy: Exactly! The priority back then was to attract more miners to join the digital “gold rush,” to make some “cryptocurrency noise,” to increase decentralized power, which all add up to benefit the value of Bitcoin or other cryptocurrencies.

Kimberly: I see the logic now: The algorithm assumes the value of Bitcoin will get higher and higher as time goes on, so there is no point in keeping the same number of rewarding Bitcoin for the winners.

Emily: I see it, too. Even though the number of Bitcoin rewarded goes down from 50 in 2009 to 6.25 today, the dollar value is perhaps higher than 2009 given the current Bitcoin price. The miners today can take home much more than earlier miners.

Greg: That’s exactly what happened. One thing I love about this country is that you can always find the information you want. I was searching for the price history of Bitcoin and came across this article from Investopedia called Bitcoin’s Price History. We can see Bitcoin had a price of zero when it was introduced in 2009. That changed on July 17, 2010, when its price jumped to $0.09. So indeed the 50 bitcoins received by the first miner meant nothing in 2009, while 6.25 bitcoins are enough to bring six digit income now, even with the recent cryptocurrency price crash.

Joy: This is why I had a hard time believing Warren Buffett actually said that he would not buy all the Bitcoin in the world for even $25, because he said he could not find any use of Bitcoin. He seems to have forgotten what he has been doing for all his life: investing in something for better returns. That’s exactly what one can do with Bitcoin. Let’s say someone sold Buffett 50 bitcoins back in 2010 at the historical price of $0.09 per coin, and he kept those until today, he would have gained how much? Jason, could you do the calculation for me?

Jason: No problem. 50 bitcoins times the unit price of bitcoin today at $31,119.8, that’s $1,555,990, more than $1.5 million! Let’s take out his historical cost of $4.5 in 2010, his net profit would still be $1,555,985.5!

Greg: Let’s calculate his rate of returns. Divide his gain of $1,555.985.5 by his cost of $4.5 and then multiply 100 to make it a percentage figure. What do we have, Jason?

Jason: Wow! That comes out to be 34,577,456%!

Greg: That was phenomenal, and I doubt if Buffett’s other investment records can beat that.

Emily: I still have a concern for miners after 2140, when the algorithms will stop paying reward as there won’t be new Bitcoin released once the algorithm reaches its goal of 21 million Bitcoins.

Joy: I won’t worry too much about that. Miners are still capable of charging fees against Bitcoin users because transactions will still need to be audited by miners. Miners have other privileges like voting for Bitcoin rule changes as well.

Greg: I think we’ve had an interesting discussion on things like decreasing mining reward, centralized versus decentralized currencies, distributed nodes and the value of cryptocurrencies as “investible assets.” But we have yet to answer Emily’s questions about what mining is in any details, about “Proof of Work” versus “Proof of Stake.” We’ll have to stop here as it gets late. Do I have everyone’s consensus to continue the talk tomorrow?

The answer is “yes” and that marks the end of conversation for today.

Categories
Blockchain Financial talks at dinner table

Blockchain & Relative Immutability

It has been weeks since the Kingstons had a conversation on NFTs, Bitcoin and Blockchain based on the blog post written by Devin Finzer, co-founder of OpenSea the largest NFT marketplace in the world. Greg has been busy writing a research paper, and the rest of family had to mind their own business. But today is a good day as everyone feels the need to catch up where they left off last time.

Kimberly: I feel like we should talk more about blockchain. Last time we briefly touched on it, like how a blockchain keeps ownership of NFTs or transactions unique or “non-fungible.” But there must be more to blockchain, right?

Jason: Wait, what is a transaction that you guys keep talking about? Is it buying or selling something, like I paid my friend Lee $1 yesterday to buy two sweetest apples from his family trees?

Joy: Yeah, business transactions are the most obvious that involve at least two people and usually money changing hands. But not all transactions involve two people nor money. If your friend simply gave you an apple for free, that could still be called a transaction.

Emily: Some transactions do not involve different people, either. If I change my weekly budget to cut down food spending and increase book spending, those changes are recorded as transactions, too.   

Greg: To answer Kimberly’s question, of course there are more, much more to blockchain. Last time we were mostly talking about NFTs, the stuff that Devin Finzer and OpenSea focus on. We can go deeper into blockchain today if you guys want.

Joy: Let’s do that. To start, I remember reading this interesting article from Investopedia with a flashy title of “Forget about Bitcoin: Blockchain is the future.” It basically calls Bitcoin a small side show and the blockchain the big drama.  

Lily: I’ve seen that, too. Somehow I feel the article is exaggerating the case. Some people are only interested in Bitcoin and know little about blockchain, while others believe blockchain represents the future technology, or the greatest invention since the Internet.

Joy: I agree. we don’t have to forget about Bitcoin in order to remember blockchain. Historically, blockchain came to us much earlier than Bitcoin did, so in that sense blockchain is the “chicken” and Bitcoin the “egg.”

Kimberly: It is also true though that many people discovered or became aware of blockchain only because of Bitcoin. It’s almost like they ate the “egg” first to then realize the value of the “chicken.”

Emily: Yeah, like I did not know much about the Titanic ship tragedy until the other day when I watched the movie Titanic with Kate Winslet and Leonardo DiCaprio in it.

Jason: So you are saying the Titanic movie is your “chicken,” the real Titanic ship is your “egg?”

Emily: I’m saying it can go both ways. A “chicken” for someone can be the “egg” for someone else. We don’t have to settle down on one order and put that in stone.

Joy: You have a good point. If I were to write that Investopedia article, I would use a title like “Appreciate Bitcoin but Understand Blockchain.” People use flashy titles all the time to catch more eyes and ears, and I get that. But everything has a limit, we should not go too far on that.

Greg: I like the way Emily said it: putting something in stone. That old expression now may have a new way of saying it. Some people may stop saying “set in stone.” They’ll probably say, “set in blockchain!”

Kimberly: Interesting. I assume it is because blockchain makes everything in it immutable or, to put it in plain English, permanently unchangeable. But how exactly does blockchain do that?

Greg: First thing first, I don’t want you guys to think blockchains are absolutely immutable. Everything is immutable with the right amount of resources, like money and time.

Lily: Are you saying the stuff inside a blockchain is changeable? I have never heard anyone saying that before, everyone seems to be saying a blockchain is immutable database.

Greg: There are two kinds of thinkers in the world. Some just see further than the rest of us, not necessarily because they are smarter — they usually are — but more because they ask the right questions, assign themselves more challenging jobs and do not blindly follow others’ thinking trail just because it’s popular.

Joy: You are talking abstract. Any example please?

Greg: I’ll cite this article by Dr. Gideon Greenspan who works on private blockchains, and I believe it raises some excellent points. I’ve downloaded it to my phone.

Emily: Wait! What is a “private blockchain?” Are you talking about different ownerships of blockchain? So a private blockchain is privately owned by someone?

Joy: Public or private blockchains are not exactly about ownership. A private blockchain for example can be owned by governments just as likely as by private firms. I think it is better to call them “permissioned” or “membership” blockchains, meaning you need permission or membership to get into them, much like you need a valid username and password to enter your email accounts.

Greg: That’s right. Since Bitcoin started on a “permissionless” blockchain, most blockchains are in that category, meaning they are open for any strangers to see all the transactions inside. They are “open to public” but not necessarily owned by public.

Jason: Unlike the public library we visited last weekend that is open to public and is owned by the city government.

Joy: Correct. Speaking of “permissioned” blockchain, I’ve read something from Investopedia that says some banks claim they build blockchain but they’re not, because their blockchain is private or requires permission, which according to the author, has little to do with the innovation behind Bitcoin.

Greg: The voices against private blockchain are louder than that because, like Greenspan puts it: “immutability has become a quasi-religious doctrine – a core belief that must not be shaken or questioned.” Imagine the response when someone’s religious belief was challenged.  

Lily: Interesting. I did not see immutability as a religious doctrine for blockchain but did take it for granted. So what does Greenspan say about blockchain immutability?

Greg: He challenges the common wisdom and calls the blockchain immutability a “myth.”

Joy: Is he trying to use a flashy title to make news?

Greg: I can’t read what’s on his mind, but he does make several convincing points. First and foremost, he answers the fundamental question by critics of private blockchain: What is the point of developing a blockchain if its contents can be changed or edited? Would anyone guess what his answer is?

Joy: I don’t know what he would say but I would argue that we humans want different things. Sometimes information security or immutability is the top priority, for that blockchain immutability serves us the best; but other times controllability is the king, meaning we want to keep the capability to change things as we see fit. At the end of day, no matter how powerful our computers are, we still want control them, not they control us.

Kimberly: I agree. For financial transactions it makes perfect sense to keep all the records straight and not to be modified or edited once they enter a blockchain. We also don’t want our passports, our driver’s licenses or our tax returns to be changed, especially not by anyone else.

Emily: I see what you mean. But mom is right, some records or transactions we do want to make changes from time to time to fix human errors, frauds. The law changes, too, which means legal contracts sometimes need to be updated.

Joy: That’s right, even smart contracts may need updates.

Lily: I think part of the problem is that blockchain was made popular by Bitcoin. Some people only see the Bitcoin side of the blockchain story. I don’t know if this is a good analogy but to me blockchain is like the gunpowder: We can use it to make fireworks for the Fourth of July, but the same gunpowder can be used to make weapons. A kid only knows the former, but a terrorist is only interested in the latter.

Emily: So to ask why anybody wants an “editable blockchain” is like a kid asking why anybody wants to use gunpowder for anything other than fireworks.

Lily: Something like that. But dad, you haven’t told us what the answer from Greenspan is.

Greg: Well, his answer is long and although I like the points he makes, he does sidetrack himself a bit and spends much time telling us why no immutability is perfect even with “permissionless” blockchain. His point is well taken there because it is true immutability depends on the tradeoff between what we want and what resource we have. So immutability is a relative thing, not an absolute one.

Lily: So he did not tell us why an “editable blockchain” is needed.

Greg: Not really. Your mom actually does a better job in answering that “why” question. There is also this webpage by Accenture called “Editing the Uneditable: Blockchain Needs to Adapt to an Imperfect World,” which essentially says the same thing as your mom did. Let me see if I can find the page.

Kimberly: The title seems to offer a clue to the answer: We need editable blockchain because the world is not perfect and static.

Greg: Yeah. I’ve found the page and here it says: “In most instances, immutability is an obvious benefit. But it’s also increasingly apparent that instances will arise where absolute immutability is a hurdle standing in the way of blockchain’s adoption.” Then it goes on to list areas where editability or mutability is good and needed, like in data storage, illegal actions, operational errors, permanent mischief and regulatory concerns.

Kimberly: I can understand why relative immutability is good and necessary, but I have a more basic question: Relative or absolute, how does blockchain ensure immutability?

Emily: I want to ask that question, too. How about you, Lily?

Lily: Same here.

Greg: I think this is a good place to stop for today. Why don’t we all do some homework on that and come back tomorrow to share our findings?

Everyone agrees and the talk comes to an end.