To investors, There was a fairly interesting series of events yesterday that went largely unnoticed by people who aren’t deep in the weeds of the bitcoin and crypto industry. A research partner at Paradigm, Sam Sun (known as Samczsun), discovered a potentially critical security flaw in the code of SushiSwap's MISO platform. The details of this white hat rescue are fairly technical in nature, so I won’t bore this audience with the exact details. You can read more about the sequence of events by reading Samczsun’s write up. The key takeaway is that over $300 million worth of ETH was exposed to a potential exploit and could have been stolen. After reading through the various analysis of the situation, I had two main takeaways. First, Samczsun wrote an opening paragraph to his analysis that I thought highlighted a great point:
This idea of safe components do not equal a safe system is really good. You can apply it to many aspects of life, but software code may be one of the most complex applications of this rule. As we know, the more complex a system, the higher the likelihood that vulnerabilities will exist. Complexity is a weird topic. To the uneducated, complexity appears to be a signal of sophistication and intelligence. But as the experienced know, complexity is actually the exact opposite of sophistication in most cases. The famous line from Blaise Pascal applies here — “I would have written a shorter letter, but I did not have the time.” The same thing goes with software code to a degree. The more time someone has, the cleaner and more efficient it can become. This brings me to my second takeaway. So much of the progress that is being made across the industry is being done at an incredible speed. Rightfully so, most developers are focused on innovation and experimentation. They are seeking new and profound ways to apply the various technologies that have become available over the last 10 years or so. The downside to this approach is that speed is historically a direct trade-off with security and resilience. The faster that developers innovate, the higher the likelihood that vulnerabilities will be introduced into software. Sometimes that trade-off is acceptable. Other times it is not. Knowing the difference is important. One framework to apply to this analysis would be a spectrum of innovation speed to security. Let’s start with bitcoin as an example of the extreme pursuit of security. The bitcoin core developers have an arduous, methodical, and intentional development process. There is over $800 billion of economic value that is at stake. If we have to go slower from an innovation standpoint, it is worth the continued achievement of the ultimate security. You can see the end result of this approach in everything from the decentralization of miners and nodes to the software review process. Resilience and security over everything. The other end of the extreme is a pursuit of innovation and speed over everything. There are various altcoins and protocols that are attempting to invent new technologies or applications. They can’t win on a first mover advantage and they can’t win on the most secure or decentralized, so they choose to pursue a strategy of innovation. It is a rational strategy. These projects don’t have a lot of economic value at risk, which means the cost of making a mistake is minuscule compared to bitcoin. These are the ultimate extremes in the industry. Do you value security and resilience as the most important aspects of a protocol or do you value speed and innovation? The interesting answer to that question is that each path is valuable for a different kind of desired end result. If you are building something that requires decentralization (like a transparent, programmatic monetary policy for a digital currency that has aspirations to become the global store of value) than security is the single most important thing. If you are building something that requires speed of innovation, like an application built on top of a smart contract platform, than you aren’t as worried about security and resilience in the early days. Remember, we are still so early in all of this. The industry is only 12 years old and majority of companies or projects have only been around for 3-4 years. That is nothing in terms of lifetime in the technology sector. There will be immense mistakes made, similar to what we saw a few days ago with a $600 million defi hack. But that doesn’t mean that every platform will have vulnerabilities, nor does it mean that speed of innovation should be pursued more aggressively than security and resilience. One of the reasons that I’m personally interested in bitcoin, and spend the majority of my time on it, is that I believe it has grown to become the most resilient and secure computing network in the world. It has true staying power. There is a very high likelihood that bitcoin is still around in 50 or 100 years. That type of resilience can be incredibly valuable if you’re a long term thinker. My plan is to hand my bitcoin to my grandchildren, so resilience and staying power is of the upmost importance to me. So far, so good. Lastly, it is cool to see people like Samczsun in the world. There are not many people who would discover a $300 million exploit and their first reaction is to call the project and work with them to fix the issue. We need as many good people as we can get in this world. Hope each of you has a great day. Talk to you tomorrow. -Pomp SPONSORED: Unstoppable Domains allows you to replace cryptocurrency addresses with a single, easily-readable name like mine, Pomp.crypto. Instead of worrying about getting 1 character wrong in a long string of random letters and numbers, get your own Unstoppable Domain here. THE RUNDOWN:Bridgewater, Citadel, Even Tennessee’s Treasury Among Coinbase COIN Whales: Some of the biggest names on Wall Street and even a handful of U.S. states ended Q2 with multimillion-dollar bets on Coinbase, possibly the ultimate crypto proxy stock. A review of regulatory documents reveals that a parade of megabanks, including Goldman Sachs, JPMorgan, CitiGroup and Bank of America; asset managers such as Millennium Management, BlackRock, Miller Value Partners and Bridgewater; and even states such as Tennessee’s Treasury, have told securities regulators they held COIN on June 30. Read more. UK Police Recover $22M in Stolen Crypto From Scammers: U.K. police have seized $22.2 million in cryptocurrency and made two arrests after specialist officers learned of a scheme in Greater Manchester that led to the discovery of USB sticks containing significant amounts of ethereum. The police allege that victims were tricked into depositing their savings into what they thought was an online savings and trading service using Binance Smart Chain.Read more. US Mortgage Lender UWM Plans to Accept Bitcoin Payments: United Wholesale Mortgage plans to accept cryptocurrency payments – likely bitcoin – later this year in an apparent first for the U.S. mortgage industry, according to the Detroit Free Press. The Michigan-based lender will start by taking bitcoin but is looking into ether and other cryptocurrencies as well, CEO Mat Ishbia told the paper. “We’re going to walk before we run,” he said while emphasizing UWM wanted its crypto service to be first to market. Read more. Ex-Goldman Sachs Traders Raise $4M for DeFi Risk Management Startup: Ondo Finance, a protocol meant to accelerate decentralized finance adoption among institutional investors by minimizing risk, has raised $4 million in a funding round led by Pantera Capital. CoinFund, Protoscale Capital, The LAO and Digital Currency Group (the parent company of CoinDesk) also participated in the round. Read more. Steve Aoki Has Secured Funding to Pilot His NFT TV Show: DJ Steve Aoki is doubling down on his stop-motion short “Dominion X” after the non-fungible token (NFT) project’s near-instant sellout earlier this month. The festival staple has secured financing for a “proper pilot” episode of his trippy, music-infused collaboration with Stoopid Buddy Stoodios, the Seth Green production company best known for Robot Chicken, according to his publicist Mike Jones. He declined to provide details of the financing. Read more. LISTEN TO THIS EPISODE OF THE POMP PODCAST HERE Chrisman Frank is the co-founder and CEO of Synthesis, a new educational experience for children aged 8-14 that focuses on teaching problem solving and critical thinking skills. In this conversation, we discuss the Synthesis story, Elon Musk, critical thinking, independent thought, first principles, the broken education system, and why Synthesis is better than classrooms. LISTEN TO THIS EPISODE OF THE POMP PODCAST HERE Podcast SponsorsThese companies make the podcast possible, so go check them out and thank them for their support!
You are receiving The Pomp Letter because you either signed up or you attended one of the events that I spoke at. Feel free to unsubscribe if you aren’t finding this valuable. Nothing in this email is intended to serve as financial advice. Do your own research. You’re on the free list for The Pomp Letter. For the full experience, become a paying subscriber. |