Another year, another Roundtable! Bruce Fenton's annual unconference proved to be another welcome winter respite; I've been to Roundtables during both bear and bull markets and sentiments this year were quite optimistic that we're at the dawn of a banner year.

The unconference format has 8 different tracks, thus no single attendee can give a comprehensive report of what was discussed. Here's the first day of topics to give you an idea:

I chose topics that I felt I wasn't an expert on in order to maximize my learning opportunities. The following are the insights I gained from the discussions in which I participated.

Philanthropy

“If you want others to be happy, practice compassion. If you want to be happy, practice compassion.” - Dalai Lama

Long-time bitcoin HODLers may now find themselves in a position where they are able to make an oversized impact due to the appreciation of their assets. There may also be tax benefits to donating appreciated bitcoin directly to a charitable organization since you can avoid paying capital gains from converting it to fiat first. Plus, donations to eligible organizations can get you tax deductions. If you're looking for ways to donate bitcoin to charitable organizations, check out my resources page here. Note that if you intend to donate more than $5,000 worth of bitcoin in the US you'll need to file Form 8283, get an independent appraisal [rolls eyes] of the bitcoin, and get the donee to sign off on the form.

Another perspective is that appreciated bitcoin enables individuals to have a direct impact in a more nimble fashion than organizations. A bureaucracy will slow down decision making, whereas an individual acting of their own accord needs not reach consensus with anyone.

Also, bitcoin allows us to send money to places that would be otherwise hard to reach. We can fund efforts to help people who don’t even have access to traditional financial infrastructure. We can also fund rebellious groups who are fighting for human rights in countries where the government is oppressing them to the point of ordering financial institutions to block their access to payment networks.

One interesting point is that it’s particularly challenging to use bitcoin to fund efforts that further the development of Bitcoin. Any organized effort to do so will most likely be met with resistance from people who fear it will skew incentives. As such, the best option appears to be for individuals and companies to fund developers on their own.

Fiat On-Ramps & User Onboarding

There are two types of payment methods used for fiat ramps: push vs pull. Examples of push payments that are hard to reverse are wire transfers and certified checks. Whereas pull payments are like ACH and credit cards; they carry chargeback risks. Institutions tend to use push payments while retail consumers use pull.

A challenge of accepting ACH payments is that you may not learn whether or not the payment info was valid for several days. There are bank verification services available that improve validation, but they require users to hand over their bank login credentials, which is a huge privacy and security risk. You should assume that any service to which you provide your bank login is going to look at every transaction you've ever made.

Word on the street is that banks are often flagging transactions that have anything related to “bitcoin” or “crypto” in the memo field; savvy businesses will give themselves a name that doesn't sound like a financial company. Of course this only works as long as your company is small and under the radar. If you're a high volume cash business like a BTM operator, you also run the risk of hanving your account shut down.

Many crypto exchanges do their credit card processing through the European Union rather than in the US because in the EU the card payments are processed directly with the card network whereas the US requires them to go through a merchant bank, and the banks add extra censorship risk. Another hack for processing credit cards in the US is to create a custodial bank account for each of your users and fund it with a “cash advance” transaction type. The downside is that cash advances often have one-time transaction fees of around 5% and charge interest of over 20% if you don't pay off the balance.

A simple way to protect against credit card fraud (bitcoin bought with stolen cards that then gets charged back when the real card owner finds out) is to verify the real owner of the credit card by putting a unique code in the string of an authorization. This authorization call doesn’t actually charge the card and it requires the owner to log into their credit card account to find the code. You can also use third party services such as Riskified which even offers a chargeback guarantee.

Interestingly, word on the street has it that Coinbase has such a low rate of credit card chargebacks that they don’t even bother to dispute them when they do happen, as having a lot of chargeback disputes can put your card processing at risk.

Stablecoins are another alternative for onboarding, however they carry additional default risks based upon the stablecoin custodian. In many cases the custody of the collateral is not well understood and it may not be legally ringfenced in such as way that it’s protected against being seized in the event that the custodian declares bankruptcy.

Another word of warning that was fielded regarding DAI is that it offers unlimited leverage and may be acting similar to auction rate preferred shares which is what resulted in the PIMCO a decade ago. I was unfamiliar with this concept so I did some research:

The interest rates on auction rate securities fluctuates because they are determined by periodic bidding that occurs in seven-, 28- or 35-day intervals. During these auctions, holders were supposed to have the option of selling their bonds. By early 2008, these auctions routinely failed to produce enough buyers. When the auctions failed, bondholders were stuck with the illiquid securities and interest rates were unfavorably adjusted. In an attempt to prevent failed auctions, some Wall Street firms began buying back their unsold bonds. But when the financial crisis forced banks to preserve capital, they withdrew as buyers of last resort and the market collapsed.

Coincidentally, a week after the Roundtable an event occurred in DeFi that reminded me of this warning; it appears someone figured out a way to leverage the complex interactions of several DeFi systems in order to manipulate the market.

Bitcoin ATMs

The nice thing about BTMs is that they are not as reliant on traditional banking rails; by dealing in only cash and bitcoin, two bearer assets, users need not worry about censorship by intermediaries. However, BTM operators themselves still have plenty of challenges.

Many BTMs actually recycle cash by operating as two-way machines that enable both buying and selling of bitcoin. Savvy operators can even incentivize users to rebalance the machine by adjusting their rates to enable arbitrage. There was even discussion of a "worker bee rebalancing system" that would inform users that they could earn money by effectively moving cash from one BTM to another one nearby. In the early days it was hard to get cash transport services to deal with BTMs but as of 2020 companies like Brinks and Guarda have started servicing them.

From the BTM operators we had on-hand we learned that BTMs are generally about 90% buy volume and 10% sell volume. Apparently the machines show very little price elasticity for demand, meaning that operators don't see users being dissuaded from their service if they raise their fee from 5% to 20%. This is one reason why you see a lot of BTMs with high spreads - it's because they can. Another factor may be that BTMs tend not to actually show the spread or fees to the user; customers just want to put $X into bitcoin and don't care much about what the market price actually is. BTM operators who also deal in stablecoins have noticed that the stablecoin volume is much lower and this may be somewhat explainable by the fact that the fees are much more obvious when you're buying a dollar-denominated crypto asset. BTM operators are hopeful that over the long term the buy-sell flows will stabilize and fees will drop as regulatory uncertainty and other business risks decrease.

As for AML/KYC requirements, they vary widely. Some BTMs require very little info if the amount is under $300 whereas some have a threshold as high as $3,000; it depends upon state regulations and how fast and loose the operator is willing to play. We're at the point now where competition is heating up and some BTM operators are snitching on others for having lax ID requirements.

Demand for altcoins is pretty low, though litecoin was noted as being in the most demand, possibly due to faster confirmation times. Unfortunately, Lightning Network integration isn't really feasible for BTMs because the average transaction size exceeds the practical limits of the protocol.

Oddly enough, we learned that traditional banks tend to despise ATMs because they are loss leaders. But, on the other hand, it sounds like some traditional ATM operators are starting to get into the BTM business due to market saturation. Contracts for placement of ATMs tend to be based upon territory and have lockup periods of many years; however, these contracts don't cover BTMs, so expanding into that industry enables operators to grow their territory and place BTMs right next to a competitor's ATMs.

As for the seedier side of the business, a lot of transaction volume actually occurs in inner city areas with high crime rates. BTM operators have to deal with all sorts of scams and crimes that are facilitated through their machines; they receive plenty of requests from law enforcement and tend to comply quickly with them. Some of the most common crimes are:

  • Romance scams targeting older women, asking them to send money overseas.
  • IRS / law enforcement scams demanding payment to avoid being imprisoned.
  • Money laundering via carding. People buy credit card info on the darknet and use the cards to buy items that are shipped to a buyer who gets a huge discount. The buyer has to go to a BTM with cash and send the bitcoin to the criminal, who then turns around and uses the profit to buy more stolen credit card data.
  • It's also suspected that some gangs are storing excess profits from drug sales in bitcoin and that gangs have been known to destroy BTMs that are placed in territory owned by rival gangs.
  • There have also been a decent number of BTM thefts in recent years.

Web of Trust, Identity, & Reputation

Early bitcoin trading was performed via bitcoin-otc which had its own web of trust rating system. These days a lot of OTC trading occurs via private invite-only chat rooms that require vouching from an existing member. If it’s a soft vouch, this is someone who is only putting their own reputation at stake. If it’s a hard vouch then they are also promising to be financially responsible for any deals the vouched member fails to follow through on. So it seems that we've actually devolved from a more formally defined web of trust to one that is maintained by admins of private trading groups.

In general, reputation is built via attestation from other people that you can or can not be trusted to follow through on your word. An interesting point to note is that it’s not really possible to create a global reputation score via a web of trust because it can be sybil attacked, which actually happened to bitcoin-otc. You can, however, create personalized scores that are calculated based upon mutually shared reputation.

The idea of a single global reputation for each person is also terrible because it could be manipulated by the masses. For example, one person might piss off the whole world with one controversial post or action and ruin their reputation for the rest of their life. Alternatively, one particularly malevolent person could be charming and amass a huge crowd of fans who give them positive reputation, thus enabling them to harm the occasional innocent person with little impunity because the individual’s negative attestation would be drowned out. Instead of creating a global reputation, scores should be weighted based upon the reputation of the person making the attestation from your own position in the web of trust.

We should also dispel the notion that any given identity only has one reputation. Rather, an identity should have limitless reputations that are specific to the type of interactions that they are having with other people. For example, just because you are a terrible taxi driver doesn't mean you are a lazy landscaper - your reputations for each of those services should be distinct.

Sovereign identity is self issued rather than bestowed upon you by some authority. This makes sense for online identities given the nature of the Internet. However, there are also plenty of folks in meatspace who have no authority that can issue them an identity. For example, refugees who flee a country due to unlivable conditions. These people have a real need for such an identity system. Some examples of self sovereign identity systems:

Blockchains are just weird public key databases; the real value they provide a way for you to rotate your keys without a trusted third party. However, any ID system that’s going to operate at scale will need to be able to handle billions of public keys and regular rotations of those keys. Shoving that amount of data into a blockchain on a decentralized network is going to cause problems. It will be interesting to see how sovereign identity systems manage to handle the scaling challenges.

Bitcoin as a Yield Generating Asset

Pretty much everybody in this space wants more bitcoin, thus the idea of financial vehicles that generate yield in bitcoin is more appealing than generating it in fiat. There's a general belief that full custody products will continue to become more competitive and the primary way they'll compete will be around yield.

I'm personally quite leery of yield generating services because I was a user of such a service in 2016 - it made money by lending bitcoin to margin traders on Bitfinex. Ultimately, when Bitfinex was hacked everyone ended up taking a 30% haircut. Even though I was never a Bitfinex user, I indirectly had some money on there and I was impacted. As the saying goes - no risk, no reward. I'm confident that over a long enough timeframe we will see similar events occur in the latest incarnation of lending systems.

Interestingly enough, I have started lending out my GBTC recently though a securities lending program at my broker, though it only earns 1% to 2% APR. However, all of the loans are fully collateralized at several major banks and my counterparty is a firm that manages trillions of dollars in assets so they're highly unlikely to default. Low risk, low reward.

One dangerous issue happening today is that of rehypothecation. When the person or institution to whom or which you have pledged collateral turns around and borrows money using the collateral you gave the person or institution as their own collateral, this is rehypothecation. This is obviously a risk, as it results in these services effectively operating as fractional reserve. If too many creditors come calling, it could create a catastrophic "bank run."

Another risk is that lending services may not have ringfenced the assets they are holding as collateral. That is to say, if the lender goes bankrupt for any reason, the assets being held as collateral may not be protected from bankruptcy proceedings that redistribute the funds to the company's creditors. You could very easily end up in a MTGOX-like scenario with a years-long process of trying to return the remaining funds.

BIP 174 - Partially Signed Bitcoin Transactions

I've been working on Bitcoin multisig wallets for 5 years and the lack of standards can be a nightmare; it was great to hear about BIP 174 which proposes a standard for how to serialize partially signed transactions. Each hardware and software wallet seems to have its own unique serialization that isn't compatible with other wallet software. As a result, before PSBT it was practically impossible to create multisig wallets that used a diversity of wallet software, thus creating a potential single point of failure. At Casa we've already implemented PSBT as part of our Coldcard integration work and we hope to see other hardware device manufacturers follow suit!

https://xkcd.com/927/

PSBT enables us to separate the concerns between transaction construction (and all its complexities) and the actual signing of transactions, which ought to be rather straightforward. As the next figure shows, a PSBT workflow allows non-interactive signing of transactions with different software and the resulting partially signed transactions can be combined into a fully signed transaction by anyone who gathers enough PSBTs.

The PSBT format also has a nice additional safety feature that allows you to pass xpubs and derivation paths along with the transaction pieces so that signing software can verify that the change is being returned to the intended wallet.

Looking forward we can expect the extensible nature of PSBTs to result in the ability to support proprietary features from various wallets, but first we have to get everyone to support this standard! Work is also ongoing to add PSBT support for Lightning transactions with hardware devices, though there are some nonstandard attributes of Lightning transactions that require a bit more work on the part of hardware manufacturers.

Back to BUIDLing

That wraps up the 2020 recap; here's to a bullish 2020!