circus

Chia CAT upgrade fiasco part 2 – Was I wrong?

Now that Chia Network has released the technical write-up about their “CAT 2 Upgrade” process, both detailing out the specifics of the security problem that affected CAT1 as well as highlighting the two previous audits they had undergone we can see what I got right and what I got wrong in my, admittedly hot-headed, original opinion on the process they took.

First, I made a suggestion on how I would resolved the issue. That suggestion was based on the guess that the exploit was around the offer files interacting with the CATs because that seemed the mostly likely. It was also incorrect. The real flaw was a counterfeiting bug in the CAT1 code itself which allowed someone with a single mojo of a CAT to create an infinite supply of it, regardless of the genesis rules of the token. This is much, much worse than I had considered. But because the flaw is about counterfeiting there was no way for Chia to begin their process of closing offers before the cutoff block as I had recommended. So what they did, in order, was this:

  • Identify issue
  • Provide fix for issue in secret (CAT2)
  • Provide similar fix for NFT1 in public (luckily no one noticed)
  • Prepare tooling to counterfeit CATs, acquire bits of every CAT they wanted to forge
  • Prepare the public exchanges and ecosystem tooling for the change
  • Announce CAT1 cutoff block with 24 hours notice
  • After cutoff block, use tooling to begin forging CATs and completing offers with those forged coins, while returning XCH to original holders.
  • Release Chia Blockchain 1.5.0 with CAT2 support and no CAT1 support
  • Finish closing offers for CATs they were able to acquire

This naturally created a window between the cutoff block and the offers getting force closed where anyone with a CAT (USDS say) after the cutoff could find an offer, regardless of how poorly priced, and safely “spend” their CAT1 USDS at any rate knowing they would simply get sent the USDS CAT2 based on their cutoff block balance. Because people had open offers for higher than the price (I think they are called buy-limit orders?) unless they were on the ball with the latest news they were at risk.

There are reports of people who were exploited this way. I have no idea if any of them are true, possibly not. And based on the nature of the exploit I do not think it was possible to have solved this problem for people without a fork to the blockchain itself invalidating CAT1 spends entirely. So what would I have done differently? I probably would not have used the exploit to forge tokens on my blockchain, regardless of the potential benefit. I probably would not have accepted offers with forged coins, regardless of where the XCH ended up. I would have released the NFT1 changes and the CAT2 changes simultaneously, since it appears they were related. And I definitely wouldn’t have written a blog post claiming that my unpermissioned actions were somehow “white hat”. I don’t believe in heavy-handed, paternalistic actions done for people “for their best interest” because I don’t like to decide what someone else’s best interests are. But I also haven’t found myself in the position Chia Network Inc did with this issue, so I am willing to concede I might have also been convinced this was the best move for the corporation. Just because its “grey hat” ethical security doesn’t mean it was the wrong move, I just don’t like the top down way it was decided and implemented.

definition of white hat hacking always requires owner consent (explicit permission)

But the real suggestion I had, and have always had for Chia Network, is even more true now than when I wrote the original piece. They have claimed in their posts and online that their code was fully audited before they pushed it into production and that this was caught in a secondary audit as part of their continuous security practice. Based on the audits they published in their blog post that statement is disingenuous as best or an outright lie at worst.

Both audits were conducted in the early stages of 2021, prior to transactions even going live on the Chia blockchain. The first one, conducted by NCC Group’s Crypto Services division, looked specifically at the consensus system and blockchain itself. Nothing in this audit was related to the CAT1 implementation whatsoever. The second audit, conducted by Least Authority, was finalized in April 2021 and looked at the then-current implementation of Chia’s Coloured Coins. Coloured Coins were the predecessor to CATs and this audit is at least somewhat relevant. But, again, it was finalized 7 months prior to the release of the CAT1 standard, well before that standard was complete and before significant architectural changes were made. Also, it made a number of recommendations that would have helped reduce the likelihood of this kind of attack, as well as one that would have helped mitigate it.

Let’s spend some time on the Least Authority Coloured Coins audit and see what we can learn from that. The focus of this audit was specifically to ensure the non-forgeability of the Coloured Coins implementation. They found some fairly serious flaws that were unresolved at the end of the audit, not with the implementation of the CC standard (which never made it to production anyway), but with Chia Networks development practices in general. They found that Chia was not writing proper unit tests (Suggestion 1) or property tests for edge case inputs (Suggestion 2) and they were relying on integration tests instead. This is, from my understanding, a common but flawed approach to developing code and I hope that they have begun making that change as the audit suggests they might.

The audit also recommends that they simplify functions to avoid unintended consequences (Suggestion 5). This also seems like a relevant suggestion that Chia Network did not fully take to heart. I think I might have found the commit to the Coloured Coin implementation that introduced the complex hash generation for identifying CATs, but I could be wrong. If I am not, though, that change was both complex and took place in October 2021 – well after the audit was done and it was not re-audited prior to going into production just a month later. Either way this commit is a very big change that took place immediately before rollout.

And this is my main issue here. Unless there is another audit conducted between when the CAT standard was finalized and November 2021 when it went live then they did indeed release an unaudited token standard into production and told people it was secure. This is my main point throughout as to how this was absolutely an avoidable problem and that all it took was time and patience to catch these flaws before they become critical. An infinite inflation bug on a fixed limit token standard is a very big deal. And based on the fix if there were 100s of millions of dollars of Stably USDS out in offers, instead of a few thousand their fix would have been totally unworkable and MANY people would have been exploited after the cutoff block. This only worked because of how unused Chia is in absolute terms. There is some truth to the argument its good they fixed the problem now before it caused a catastrophe, but they only fixed this one specific issue. They have not proposed any fixes to the process that led to this issue in the first place, which is more “move fast and break things” than “bank-level financial services development”.

This is not a problem unique to Chia Network in Silicon Valley, but based on their target markets it has the potential to bite them harder than most. The only reason this issue wasn’t exploited in the wild before Chia fixed it is because nobody really cares about the Chia blockchain right now. There isn’t an army of security researchers pouring over every commit looking for insecure hash generation. But had they “made it” in 2022 or gotten very popular between November 2021 and June 2022 there is a good chance this issue may have destroyed confidence in the system. That’s why banks don’t use agile development for core protocols, and instead use a waterfall methodology that requires significant audits, testing and review prior to deployment.

I know that Chia is a web-style startup, and uses best practices generally set by FAANG or MANGA or whatever, but those companies are producing consumer-facing web infrastructure. Chia is producing software it expects governments and multinational NGOs to use, not Aunt Pattie to post recipes on or for Chad and Cathy to put on background noise while they “chill”. This kind of software requires a wildly different development philosophy and doesn’t allow for “release and catch” bug detection styles. Hell, the FIPS 140 process for certifying software for use on US/Canadian government systems requires code to be frozen for up to a year for review prior to certification, more if they have issues that need to be fixed. This is why Azure US Government regions are so far behind the general tenants, because they require extensive audit and review of every commit prior to deployment.

I have been harping on Chia about this stuff since the very beginning. Test more. Audit more. Make simpler software. Get your SOC2 and develop a secure organization (Suggestion 6 in the Least Authority audit). These are all suggestions made by their independent auditors as well. They are not “nice to haves” for an organization looking to do business at the government level. Chia Network MUST get into the habit of scheduling audits on complete or nearly complete code prior to releasing new features. This is at odds with what the community wants, and is a prime example of where the requirements for a successful cryptocurrency and the requirements for a successful international banking protocol conflict.

I have not yet watched the AMA from Friday prior to writing this article. I am hopeful they address some of these points there. But I was not wrong in my derision. They cannot release standards and core parts of their software stack without audit and rigorous testing. As many people have said, it is impossible to prevent all bugs and no matter how much effort is spent they will never prevent every bug. But they absolutely need to try, at least. I stand by calling this a stupid, avoidable mistake, because its clear they had an audit done of their implementation, then completely changed their implementation and released it without performing another audit. If this is all a joke, or a lark then fine, that’s enough. But if this is going to be the backbone of international markets then they need to create a real secure code pipeline where independent review of every change happens prior to their partners building on it production.

WTF just happened?? CAT1 to CAT2 “upgrade”

Jesus Christ, Chia Network. Jesus Christ. This is a bad one. Chia Network has, in a very rapid turn of events, eliminated an entire asset class from their blockchain (CAT1) and replaced it an entirely new asset class (CAT2), removed the original from the client and caused a ton of chaos with a short notice change to their Chia Asset Token standard. All from an extremely centralized position. Projects had about 24 hours on a Monday morning to reissue all their tokens or they would be useless.

But if that’s all it was, then cool. But the real problem here is a development attitude that prioritizes cool features and rapid deployment over actually testing to make sure stuff works properly. The issue at play here is that offer files between a CAT1 token and XCH were exploitable. And have been the whole time. Chia Network even decided to use this exploit in order to close offers and return transactions to people causing everyone with an open offer a tax nightmare. As well, because they didn’t do so instantly but set a “final block” for everyone, some offers were just plain accepted for ridiculous prices to get XCH out of people not paying attention, knowing that overspending the USDS after the cutoff block would be inconsequential.

reddit user claims loss of 2xch for worthless usds because of CAT1 bug

Because of the way they did this, they guaranteed that people could be robbed because of it. Guaranteed it. They also guaranteed that any projects using CAT1s would be scrambling to change over their infrastructure and update code and that projects like Space Marmots in the process of using offer files to accept SM1 tokens now have to do a complete audit and will likely face user complaints about missing tokens. There is no possible way this is acceptable under Stably’s terms of service, and I don’t see how they aren’t going to suffer either a loss of confidence here or an actual loss of funds. If I have USDS in CAT1 form that i got after the cutoff block what legal recourse does Stably have to refuse me my return? I think the user above should take his 100 USDS in CAT1 and make Stably exchange it, then let them sue Chia Network for the difference. Regardless if his claims are true or not.

I don’t know what clogged brain came up with the idea of giving people 24 hours notice on this, just enough time to for malicious actors to create a plan of action but not enough time for anybody else to come up with a way to handle this exchange properly. There are, of course, idiots online who are defending Chia Network and this clusterfuck of a decision saying that “wow doing all this in 24 hours is amazing, what an amazing company”. No. Stop. This was a stupid decision made to fix a stupid mistake caused by stupidly not going through the rigorous testing process that financial exchange protocols should go through. Over and over and over again I have railed at this company for not following financial industry best practices when developing and releasing software. Did they get an audit? Yeah. After they had rolled the software into production and real businesses were using it for real work.

And to use the exploit they discovered against their own users? Wow. I understand the technical reasoning behind it, closing out open offers before they can be used against people in the way described above. But its a bad look. And they didn’t do that!!! They started after the cutoff block passed and took their sweet time on it. There was a window of opportunity there that malicious actors could exploit open offers of XCH for CATs. Unless there were only a few open offers total and they could do them all in one block then there was no possibility of doing it all with no exploitable window. The right way to do this, if you were going to force it down on everyone, would be to do it all as a “surprise, motherfuckers!” moment and cut off offers, freeze the chain and use the exploit to close every open offer in the system all at once. And announce it at the same time. The way they “planned” this the exploit didn’t even need to leak for people to use the chaos in order to steal from others.

Furthermore, they also lifted the thin veil of decentralization away from their company and network. This may be the most long term harmful result of this decision. First the decision to release a brand new financial exchange protocol into production pre-audit was made top down from Chia Network. (Edit: it was audited, just not enough apparently) Then the decision to just flip the table and break everything was also made top down by Chia Network. Nobody has a choice, there is no option. There is only “do what we say because we said it” both times. Nobody but Chia Network has any visibility or insight into the blockchain. Despite being open source and freely licensed it might as well be a Microsoft project for all the say the community has in the direction of the project. They parcel out some crumbs here or there, but at the end of the day Chia Network Inc is a private company and chia-blockchain is a software package designed explicitly to meet the goals and needs of that private company, and nobody else. This must change.

My instinct on how to start fixing that is that the Chia Blockchain needs a CAB (Change Advisory Board) to review all major updates to the chain absent the business needs of Chia Network. It is obvious in hindsight that the decision to launch offer files and CATs was made too soon in order to hit release windows rather than properly based on best practice Release Management for such critical software. A CAB filled up with people both internal to Chia Network and external would have a more diverse set of incentives and would not be so quick to approve changes without proper audits complete. Chia Network would be required to defend their procedures and those defenses would be recorded for post-mortem review. In theory there would be someone like me on that board whose first instinct for every release is “No. Why do you think this is a good idea, and do you think you have done your due diligence on it yet?”. That would definitely slow down development but at this point its clear that would be beneficial to everyone, including Chia Network.

If Chia Network really does want to set itself apart from Ethereum as a decentralized smart platform, they need to start soon. We have an XCH Foundation (although completely dissimilar to the Ethereum Foundation) and I think it is perfectly reasonable to ask that Chia Network strongly consider bringing in them or an outside board of stakeholders to tell them “No” when they need to be told no without a paycheck hanging over their heads. Its hard to tell your boss he’s making a mistake, even after the fact during a review. I strongly recommend that Chia Network approach the people at XCH Foundation, or someone else who isn’t directly associated with Chia Network, to assist with making these decisions. Or create an adversarial change management system internal to the company like other enterprises servicing the financial services sector do it, but that option is much more expensive.

Now, I don’t know what kind of liability Chia Network has created for themselves by bragging about how secure offer files are and how secure Chialisp is and advertising themselves on that fact. But the next time they market something as “secure” they should make goddamn sure it is first.

Oh yeah, go download Chia Blockchain 1.5.0 I guess.

The era of the Chia NFT is upon us

Now that the NFT1 standard has been out in the wild for a few days, and the creators in the Chia NFT space have had some time to start working with it the NFTs we have been waiting for are starting to pop out of the blockchain like a marmot infestation.

Chia’s Chia Friends launch, where 10 000 unique NFT profile pictures were given away to users who submitted their xch address and weren’t me, has created quite the flurry of activity with a pretty healthy market on the NFT exchanges. This is fantastic news since 3% of all sales on the secondary market are going directly to the Marmot Recovery Foundation.

But even more importantly (to me) Space Marmots have officially launched. We had a couple of minor issues in the metadata with the first few we issued but those have been resolved and Space Marmot NFTs are currently on their way out to the first SM1 exchange submitters.

This is very interesting times for Chia Fans. One of the resources that has been missing from the community, and not discussed in the days leading up to the standards release, is a trader’s handbook of sorts. Something to know if you are buying a garbage common or a diamond in the rough. And not surprisingly Jon from Chialinks.com has stepped up to the plate with his list of Chia Friends rarity items. We have asked him to do the same for Space Marmots. This is very nice of him, but it is not sustainable for all the different collections that will be coming out so I am OK with paying for this service and I think he should set a price and let the different NFT collections pay him for his work.

SpaceScan and MintGarden, as well as Dexie.Space have proven to be invaluable resources to the community, while SkyNFT has had a bit of a rockier start. One of the biggest problems that has come up so far has been counterfeit Chia Friends. Chia Network Inc has published their Decentralized IDentifier to DNS at did.chia.net TXT and to Twitter (it is did:chia:19qf3g9876t0rkq7tfdkc28cxfy424yzanea29rkzylq89kped9hq3q7wd2 ) and you should make sure that any Chia Friend you buy matches that identifier. The Marmotverse has followed suite at did.marmotverse.io (and it is did:chia:1ca295es63m6pt4k5rj8cr9fzfvf8qdu9032h907azj2mt60wjh3s4322m5 ). I strongly suggest that all Chia NFT projects follow suite. The various sites are already adopting this model as an automatic verification and it is a great idea. I am told it was Roybot’s idea, and it is truly inspired. Well done sir.

No matter what your personal feelings about NFTs are it is hard to deny the effect the NFT1 and Chia Friends release has had on the Chia ecosystem. It seems like a replay of the CAT Cambrian Explosion from half a year ago, which had a great impact on Chia and everyone in it. We are hoping the full launch of the Marmotverse has a similar effect 🙂

Chia Blockchain 1.4.0 released – NFTs and DIDs oh my

Chia Network has released the next major milestone in their software evolution – version 1.4.0. This one is particularly special as it brings the long awaited DID and NFT standards to the Chia Blockchain. As always, you can download the latest version here and check out the release notes here.

Because of my association and membership in the Space Marmots project this is a particularly important release for me due to the NFT standard release earlier today. So because of that the team here is hard at work putting the final details on the Marmot Minting process and will be sharing more information, lots more information, in the days to come.

In the meantime here, the highlights and new additions from today’s release:

A ton of things have been changed and updated as well, an actual ton. It is worth checking out, as some of these changes might be significant depending on how you use the software.

  • New coin selection algorithm based on bitcoin knapsack. Previously chia selected the largest coin
  • Updated chiapos to 1.0.10
  • Updated chiavdf to 1.0.6
  • Updated blspy to 1.0.13
  • Updated setproctitle to 1.2.3
  • Updated PyYAML to 6.0
  • Updated pyinstaller to 5.0
  • Bump clvm_tools_rs version to 0.1.9 for clvm stepper and add a test
  • Modest speedup of syncing by batching coin lookups
  • Cmds: Use the new plot_count of get_pool_state in plotnft show
  • Set mempool size back to the original size at launch
  • Plotting|tests|setup: Improve PlotManager cache
  • Wallet: Drop unused WalletStateManager.get_derivation_index
  • Harvester: Tweak get_plots RPC
  • Remove explicit multidict version from setup.py
  • Simplify install.sh ubuntu version tracking
  • Optimize BLS verification when public key is repeated
  • Use Install.ps1 in build_windows.ps1
  • Updated warning about CHIA_ROOT being set when running init
  • Cmds: Adjust stop daemon output
  • Remove unused functions on MerkleSet
  • Optimize hash_coin_list()
  • Update CONTRIBUTING.md
  • Remove outdated 3.8 upgrade comment
  • Hint refactor
  • Replace MerkleSet with the rust implementation
  • Simplify SizedBytes and StructStream
  • Allow services to set a non-default max request body size limit
  • Reduce the redundant computations of coin_ids in block_body_validation
  • Uses the new from_bytes_unchecked method in blspy, to improve perfo…
  • Remove the cache from CoinStore
  • Keep daemon websocket alive during keyring unlock
  • Support searching derived addresses on testnet.
  • Optimize code to not perform useless subgroup checks
  • Restore missing hints being stored as None (instead of 0-length bytes)
  • Coin simplification
  • Harvester: Use a set instead of a list to speed up availability checks
  • Improved performance of debug log output

The top item on that list will actually be great for people that move their XCH around a lot and have a lot of big coins that they don’t want locked up by offers or long transactions.

All in all this is a huge release, and I urge everyone to update as quickly as possible. Remember, the first Chia Soft Fork is almost upon us and you will want an up to date version for when that comes.

Chia launches their NFT standard for non fungible tokens – NFT1

Chia Network Inc has announced via tweet and press release their Non Fungible Token (NFT) standard called, creatively, NFT1. This is the standard outlined in CHIP-0005 as discussed here and we are going to talk about the standard a little bit today. As this directly impacts me as part of the Space Marmots project, I am disclosing that too.

First off, this may sound biased, but Chia’s NFT1 standard is significantly better when compared to the Ethereum ERC-721 standard underpinning much of the NFT ecosystem. As a quick primer the way ERC-721 works is that you publish a smart contract controlling your NFT mint to the solidity-based blockchain of your choice and then you send transactions to that contract to mint the NFT tokens that represent the assets being tokenized. There are some upsides and downsides to this approach. First off, the contracts themselves require a large upfront transaction to put on the blockchain. Especially on Ethereum Mainnet, big transactions ain’t cheap. Secondly, all the NFTs are inherently tied to that contract itself as an originator. It does, however, make it easy to find assets for a specific NFT collection, as you can head to Etherscan and put in the contract address then run the function in the NFT contract to find the asset URL.

The way the NFT1 standard works is wildly different. Because of the coin model used by the Chia Blockchain instead of the Ethereum account model, every NFT is a smart coin with its own rules. The minters of the NFT, like the Marmotverse, can set the rules of the coin with Chialisp and set the asset URLs and hashes to be stored on chain and then voila, its an independent NFT. A collection will be linked to those NFTs through metadata and will be discoverable a few different ways. Another big component that needs to be discussed here is DIDs, which are another CHIP (CHIP-0004) and this will be how a lot of collections will work.

It is possible to mint an NFT on Chia to either a DID or a non DID wallet. There is a greater cost, but greater flexibility in ownership to minting to a DID. I personally would recommend using DIDs for all minting, and each Marmotverse collection will use a unique DID as a starting point. It is really worth reading up on their documentation about the standard to get a good sense of how it works specifically, but the gist is that each NFT is a coin and the references for royalties or ownership can be a DID or a xch address.

The contents of the NFT look like this, and its something you should really familiarize yourself with if you plan on using Chia NFTs.

NFT identifier:            nft1euzj4fuh2h46nd5dpm6vh2cmqkvnh2zwwpzd9l0awx496zrhe0psfmklxm
Launcher coin ID:          cf052aa79755eba9b68d0ef4cbab1b05993ba84e7044d2fdfd71aa5d0877cbc3
Launcher puzhash:          eff07522495060c066f66f32acc2a77e3a3e737aca8baea4d1a64ea4cdc13da9
Current NFT coin ID:       5cdfe3eb4429ad5cb12ab549b6d2f0f7d919fa9f4389d187ad7414f747a86bd4
On-chain data/info:        ((117 "https://images.pexels.com/photos/11053072/pexels-photo-11053072.jpeg") (104 . 0x14836b86a48e1b2b5e857213af97534704475b4c155d34b2cb83ed4b7cba2bb0) (28021 "https://metadata_example.com") (27765 "https://license_example.com") (29550 . 42) (29556 . 1337) (28008 . 0x868463c2ae6f8a9585156c9ad9f4b9b01eeacc56fec82aa629c97135ff21823e) (27752 . 0x358d4eb4aedefbec22824036299eff24216d213a95c8f986f862f0a89a250a82))
Owner DID:                 did:chia:13p5fdxgm8e2pngdwp8m088t0etp7rgzx9ye2ju8v5ackcyg7t9nqx2um83
Royalty percentage:        300
Royalty puzhash:           827d2f77303929db5f3c26fd21b65901a342e36b9d912ac4440d6185f80d17a8
NFT content hash:          14836b86a48e1b2b5e857213af97534704475b4c155d34b2cb83ed4b7cba2bb0
Metadata hash:             868463c2ae6f8a9585156c9ad9f4b9b01eeacc56fec82aa629c97135ff21823e
License hash:              358d4eb4aedefbec22824036299eff24216d213a95c8f986f862f0a89a250a82
NFT series total:          1337
Current NFT number in the series: 42
Metadata updater puzhash:  fe8a4b4e27a2e29a4d3fc7ce9d527adbcaccbab6ada3903ccf3ba9a769d2d78b
NFT minting block height:  1145481
Inner puzzle supports DID: True
NFT is pending for a transaction: False

URIs:
   https://images.pexels.com/photos/11053072/pexels-photo-11053072.jpeg

Metadata URIs:
   https://metadata_example.com

License URIs:
   https://license_example.com

Now to the announcement itself, with the stuff we did not know. Chia will be launching an NFT profile picture project themselves called Chia Friends where you can enter a contest to receive one of 10 000 Profile Picture NFTs for free, and they will be donating 100% of the royalties of to the Marmot Recovery Foundation. I am super happy to see Chia Network following the Marmotverse’s lead with the donation to the Marmot Recovery Foundation. I challenge all Chia NFT projects to similarly donate proceeds to a worthy charity. I encourage everyone to sign up for this giveaway at the Chia Friends link above.

Nft sites listed on the Chia Friends website

There are also three galleries launching with NFT support, Dexie.Space, SkyNFT and SpaceScan. Literally none of the NFT galleries we were promised up front, or for most of the last year. Interesting, right?

This is an excellent launch, and I suspect we will be talking about this a lot in the coming days. Stay tuned for more Space Marmots news dropping very shortly.

Let the CHIPs fall where they may

Chia Network has recently updated the Github repository where they store their CHIPs (Chia Improvement Proposals) and added a few critical ones that will help define the state of Chia over the coming year. I am going to go through them one by one to help get myself, and everyone else, up to speed.

CHIP-0001

CHIP-0001 is simply the first CHIP that outlines the actual CHIP process. This is what Chia Network released with the CHIP process and has been discussed before. However, if you want some background on what the CHIPs should be going through in terms of development and review its a good place to start.

CHIP-0002

CHIP-0002 is a proposal initially spearheaded by Dimitry of Goby Wallet, and describes a Decentralized Application protocol (dApp API) to allow for more seamless integration between web wallets and the Chia network nodes. The discussion on Github is both excellent, and very technical, but if you are interested in learning more you should visit this commit discussion.

As this is still in active development, there is no documented CHIP as of yet – that is still being worked on. If you want to see what that process looks like, there is a YouTube video of a developer discussion that took place where Dimitry was able to present his proposal and get feedback from it.

I’m not a developer, but my personal thoughts on this are that it could be done with middleware that sits on top of a node rather than direct node changes, however that might not fit the philosophy of decentralization and would leave a requirement for people to run that middleware for reliant web wallets to interact with dApps. I’m going to think on this one, because adding new base protocols and APIs to every node should be considered very carefully and all alternatives considered first.

CHIP-0003

CHIP-0003 is a proposal to add a minimum transaction fee setting, along with a default cost, to the Full Node code and configuration. This has been discussed a lot, by many people since the first dust storms began and has been a hotly debated topic. This CHIP is a concrete solution proposal to that problem, and we’re going to take a moment to discuss the implications.

First, if you are planning on transacting on the Chia blockchain as a consumer or developer you should be very familiar with this. This will affect NFT pooling and farming, as you will need to attach transaction fees to change pools or claim rewards. The fees being proposed are very small (about 10 million mojo for a standard transaction as a default) but forcing any fees at all will be a change that affects all aspects of interacting with the Chia blockchain network. This will also affect developers of all current Chia enabled software products and has the possibility of deprecating wallets or software that isn’t under active development.

There is an alternative proposal that would do all the technical work but leave the default at 0 – allowing people to decide if they want to participate in or simply drop dust storm transactions but I feel that has a bigger chance of causing problems then just updating everything to require transaction fees. One of the new RPC commands proposed by the CHIP is geared towards getting exact required transaction fees based on the cost of the transaction and that should make a lot of the switch seamless to the userbase without having to split the network into “tx fee required” and “no tx fee required” nodes.

This is an interesting one and has a lot of implication for the future of the network. I think I support this change but there are certainly edge cases I am not considering. Please put any concerns you have in the comments here and see if we can spark a discussion, or swing by the Chia Plot discord and give us your thoughts there.

CHIP-0004

Now we are getting into the real meat of the CHIPs meant to expand the utility of the Chia Blockchain. CHIP-0004 details out the Distributed Identifier support that Chia Network will be bringing in shortly. DIDs are a pretty top topic in the Identity Management world, with more opinions and questions than solutions and answers.

Because Chia Network has committed to following the current W3 draft specification for Distributed Identifiers not all of the information necessary to digest their reasoning behind decisions and why they are doing things without understanding the complete draft proposal.

This is actually a really big deal for blockchain acceptance in the broader finance world, because the inability to explicitly identify the owner of a wallet is a major hurdle for a lot of traditional transactions. Banks and registered entities cannot support self-custody solutions without running afoul of international anti money-laundering laws, but transactions to a registered DID would satisfy the requirements if implemented properly.

As DIDs get closer to production I will be paying more and more attention to them, because a working public identity system has inherent usefulness beyond what traditional blockchains offer. Also, I am very glad that they have gone with a single file format for the DID metadata standard as there was a big fight at the W3C about this regarding DIDs last year. The other concern was about the environmental impact of tying DIDs to blockchains, but I think Chia covers that concern fairly well.

CHIP-0005

And finally we have CHIP-0005 which details out the NFT1 standard coming to Chia soon. This standard will determine how NFT projects like Space Marmots and Marvelous Marmots operate as well as the “fine art” NFTs (I argue both Marmot projects qualify) that Chia Network is targeting as well as use cases we have only rambled about on Twitters spaces.

This is of prime interest to me, so I am paying very careful attention to developments in this space. The important thing is that all promises that have been made regarding the standard have been kept, including some cool new concepts. For example, there can be multiple royalty addresses with custom percentages. This makes collaborating on NFT projects a lot more enticing as trustless payments can be encoded directly into the royalty field.

They will also support payments and ownership by DID address as well as by XCH address, which will mean that ownership can be moved with the DID itself and won’t be relegated to a single key or account like other NFT standards. And because of the nature of the coin model over the Ethereum account model, NFTs are not just results from a smart contract but are independent coins themselves on the blockchain. This means that interactions with NFTs and NFT marketplaces will carry far fewer risks than we see with Ethereum based blockchains on OpenSea. This is paramount to widespread adoption because right now holding important assets as an NFT there is crazy. Between UTXO and offer files NFT transactions should be much safer and should never require authorizing access to your entire wallet.

Speaking of Offer Files, CHIP-0005 also details out “Offer files 2.0” which will support NFTs and royalty payments, and will really up the security game when transacting NFTs. Really its not even a contest, and if anyone involved in NFTs thinks about it for a second permissionless transactions and sales are the only way this works without the gatekeeper (OpenSea in this case) eventually accepting liability for stolen assets on their platform. NFT1 and Offer Files 2.0 avoid this fate entirely but allowing a marketplace like MintGarden.io to sidestep the liability problem entirely by never taking control of the assets.

Overall, I think the current CHIP processes are important additions to the Chia Network and I’m really excited to see them being detailed out on Github. The discussion process and information management process could do with a lot of work to organize discussions, but its a huge step forward over most other projects and shows a level of maturity that speaks to long term success.

Happy Birthday to The Chia Plot

Exactly one year ago I published the very first post on The Chia Plot, called “What is Chia“. This was before I really knew what I was talking about, and in what has become a tradition on this site – let’s tear it to pieces and hurt the feelings of the person who created it. I will include each paragraph as an image inline so you do not have the author any clicks, supporting his bad writing.

The piece starts with a fairly poorly written introduction that explains that Chia uses a blockchain, and that it uses Proof of Space and Time instead of Proof of Work. The author fails to link to definitions of either term of art, leaving the reader confused.

the chia plot what is chia

The next paragraph attempts to define Proof of Space and Time. The author fails to even mention timelords, or transaction fees, or multiple blocks or how the block rewards are defined over time, merely mentioning that the emission is 2 XCH per block. This means that the explanation is barely accurate today and will fail to be accurate at all in a few years.

the chia plot what is chia

The next section talks about the benefit of PoST over PoW, and establishes the contest point about purely energy usage, but then talks about how it isn’t that simple. The problem is that Chia, or PoST, is clearly less energy intensive per unit of security than PoW from either ASICs on Bitcoin or GPUs on Ethereum. While the question of waste becomes more complicated for each method, and the author continues on along that path, the question of energy usage is easily measured and PoST clearly wins there despite the author’s attempts to be contrary.

the chia plot what is chia

The question of waste is a complex one, and while Chia does trap usable storage and create some waste that way the company itself has been making great strides in creating a sustainable secondary hard drive market with the Circular Drive Initiative. It is clear that the author here was making a common, simplistic argument and not even comparing the absolute monolithic waste that is Bitcoin ASIC development.

After a mostly negative article, thin on explanations about what Chia even is the author then makes vague commentary about the possible future, or possible issues without delving into any of them with any depth. This is merely a conclusion stapled to the article without tying back to the points made.

the chia plot what is chia

All in all, for a novice attempt at an explanation of Chia by an ignorant author I’ve heard worse. There was nothing explicitly wrong, just a lot of missing information and highly simplistic hot takes on waste. It is amazing anyone reads his work.

The Great Crypto Crash – or this one at least

Wow. Its been hard to hold crypto the last little while. I haven’t been paying much attention recently due to family issues but I can say that every time I do take a look it hurts my heart a little. We dipped below $40 XCH today, not for the first time this week, and there is still more blood to bleed.

price of xch is crashing with the crypto markets

So what is going on? There are a few things at play here. First, the overall economy is drying up. Federal banks are raising interest rates around the world and have slowed the flood of free money flowing into the economy. The stock market is also falling, so its not like you can hedge your crypto bets there or vise versa. But crypto is taking the biggest beating of them all right now.

One of the reasons for this is the amount of artificial leverage in the crypto market. We have seen some of the effects of that already, with Terra and their Luna blockchain and UST “stablecoin” basically evaporate overnight. This wasn’t a zero sum game where that money went somewhere, it was a bubble collapse and that money never existed at all.

Now UST was what is known as an “algorithmic stablecoin” which means that they use smart contracts to hold X amount of crypto in reserve to back their UST token. The problem here is obvious, right, that when the entire crypto market falls the backing disappears and people start trying to sell UST for the highest price they can get while trying to exit the entire thing collapses. Which is exactly what happened. And will happen with all algorithmic stablecoins eventually, either deliberately via an attack or by accident due to a market crash.

tether peg slips as crypto market crashes

Even Tether, which is ostensibly an asset-backed stablecoin, suffered a fairly significant dip in value over the last week as things were crashing. As that token is actively managed by the Tether corporation they were able to adjust supply to keep their price relatively stable but its still an ugly situation. And really shows how they are obviously backing Tether with at least some crypto, not all unrelated assets like it should be.

tether market cap reduced as crypto market crashes

These stablecoins are acting as a fractional reserve for crypto, accelerating the velocity of money that moves around and ensuring there is liquidity available even for trades that would ostensibly have none. They have inflated the bubble over the last few years that we are finally seeing start to pop. There is certainly some value in the idea of a dollar-denominated token to do trades with, but it should be representative of the wider economy not a math trick that only works under certain conditions.

I still have hope that Chia Network will deliver on their promises and XCH will have significant value compared to the wider crypto market. I still think that Proof of Space and Time is a balanced tradeoff between resource waste and security, especially when compared to Proof of Stake. The technology they are developing really still feels like another full iteration of cryptocurrency. There is no doubt in my mind that the energy arms race of Proof of Work has a very limited shelf life on the global stage, and a secure replacement is a necessity.

But at this point in the cycle I would not recommend to anybody that they invest money in crypto. It will likely be some time before we see prices start to rebound, and between now and then a lot of coins will wither and die. Let’s hope Chia isn’t one of them.

Chia Network details plans for Non Fungible Tokens (NFT)

In a blog post released this evening, Chia Network has detailed out their plans for the NFT standard they will be releasing this year. This is of special interest to me and the Marmotverse team, so I paid very close attention.

The most immediate piece of news is the phased approach. Chia will be releasing the NFT standard in two phases, the first will be NFT0 which will reside on testnet and serve to test various parts of the smart contract and solicit community feedback on desired functionality. This will be similar to Ethereum’s ERC-721 that serves as the basis of the current NFT craze. Phase two, or NFT1, will be the culmination of those efforts plus community feedback to deliver the next generation NFT standard that we have been promised.

Chia is also claiming that they will be approaching the fine art world as the main vertical for their strategy. I am not sure this will work, but I haven’t been in any of those conversations so who knows. I do know it has been tried before, to varying levels of success so I hope we see a fresh approach and some consistent results.

NFT0 is launching today, and there is documentation on how to get that working. I can assure you the Marmotverse team will be taking a careful look at this and running another full round of testing with our on-chain NFTs.

I think this is a really good first start for Chia NFTs. I do wish they were moving faster with them, of course, but more important than that is a working product that doesn’t need revision. As both an owner of many NFT exchange tokens, and as a project member for the premiere Chia NFT project my interests are very aligned with getting things right the first time.

Chia Blockchain 1.3.5 released – Python 3.10 support included

Chia Network has just announced the release of Chia Blockchain 1.3.5, supporting the latest Ubuntu 22.04 LTS release. While I was away I saw that there was some chatter around not working on the latest version of Ubuntu. Normally I would use this as an excuse to take a swipe at using Python instead of a fully compiled language, but I’m in therapy now and trying to be a better person so we’ll just say that it might be a lesson learned in prioritizing platform updates for their runtime environment.

Other than the move to Python 3.10 the other improvements seemed largely aimed at improving efficiency and performance of harvesters, especially in large farms. I don’t have a large farm but was aware of some of the config changes required to not have regular performance problems and it seems like this update might fix a number of those. Kudos to the Chia team!

As always, check out the release notes here and make sure to update as soon as you get a chance.

Added

  • Added Support for Python 3.10
  • Performance improvements in harvesters during plot refresh. Large farmers likely no longer need to specify a very high plot refresh interval in config.yaml
  • Added CLI only .rpm and .deb packages to official release channels
  • Fixed an issue where some coins would be missing after a full sync
  • Enabled paginated plot loading and improved plot state reporting

There is also still an issue with harvesters reconnecting which they say they will fix shortly, so expect a 1.3.6 in the not too distant future.