Monero Means Money: Cryptocurrency 101, Live from Leipzig (Workgroup Edit)

[Part 1: Scarcity] NATIONAL GEOGRAPHIC SOCIETY – "GOLD!" (1978): Once upon a time, the dollar was as good as gold. The United States and most other countries minted gold coins. Paper money was a promise to pay in gold. But today, the dollar and most other world currencies are supported not by gold, but by credit — paper backed by paper. The experience of Germany in the early 1920s is the classic horror story told by those who urge a return to the gold standard as the best way to stop inflation and stabilize economies. As prices rose, the government printed more and more currency and prices soared again. Eventually, the German Mark literally was not worth the paper it was printed on. Bundles of paper money were needed to buy a loaf of bread, and a postage stamp cost millions. DR. DANIEL KIM (December 27, 2019):
What is the situation for scarcity?
Why do we even need cryptocurrency? Let's look at the everyday money that we use.

There's the US dollar, the Chinese yuan, the Euro and the Swiss franc. And what I'm showing here is official government statistics as to the amount of money in circulation. This is M1, which is paper money, currency and also checking accounts and savings accounts. It's cash and things that act like cash, all together, and each of these plots is showing since October 2008, which is when the Bitcoin white paper came out. That is the left-hand scale of each of these four plots. This [left] is 2008 and then this [right] is the end of 2019.

You can see that the money supply has inflated for everybody. In just 11 years, the money supply of the US dollar has gone up 2.6 times. In other words, the printing presses of money have been going on at that rate. We don't really notice it because every year the prices that we see go up a little bit but it's like the frog in boiling water, right? The frog doesn't understand that it's sitting in boiling water until it's too late and it's cooked.

That's the kind of situation that we find ourselves in. The thing is that all of the global Fiat currencies are turning on the printing presses at a disturbing rate. But what counts as victory? What counts as being sound and prudent with your particular country's currency? Well, it's inflating slightly less fast than the other guys, right? We still have this situation where if you zoom out, for example, for the US dollar, if you go to a 50-year time scale you see basically an exponential growth curve. This is a problem that all savers face — anyone who has assets to save is up against this current that's coming up against them, in that they're constantly being diluted by new money that's being created. 2008 is when the Nakamoto white paper came out. This is the Bitcoin white paper, and the key insight to this — I won't go too much into the geeky details, although I'm assuming that everyone here has an IQ of at least 140, so it wouldn't take you long if you haven't already to look at this paper and study it — but I would say that the Nobel Prize in Economics cannot be given to an anonymous person.

But were Satoshi Nakamoto a real [identified] person this clearly would be a Nobel prize-winning insight in economics, in which economics is just the study of scarcity, really. What Nakamoto consensus does is it synthesizes a method to create digital scarcity without needing a central authority to maintain that scarcity. In all of our national monies — in the European Central Bank, the Federal Reserve in America — these are all centrally governed bodies that decide what to do with the money supply. Now the macroeconomic theory is that the money supply will expand and contract to match the actual economic output of the society. So in other words, if a society is really productive and it makes a lot of stuff, then the society is justified in inflating the money supply, because they've been productive.

But the problem is that countries get into trouble. They get into debt. They promise services to people that are too expensive and then they can't pay for them, they go into debt. The problem is that mismanagement causes this kind of fragile balance between the size of the money supply and the size of the underlying economy, to get out of whack [balance]. So why is it interesting to have a source of scarcity that doesn't require a central committee to be making decisions for that money? It's that it offers a way for people to opt out of the Fiat monetary system.

It also provides a kind of fire under the feet of the Fiat central banks to maybe do a little bit of a better job. Maybe we might have fewer financial crises in the future — maybe we won't have another 2009 style financial crisis. So, the way that the Nakamoto consensus does this — there are three ways. At the account level, in other words, how is it that one person's Bitcoin is not confused with another person's Bitcoin? It's that when a person "signs up for a Bitcoin account," so to speak, what they're really doing is picking a number.

They're just picking a number out of a 256-bit field. People are really bad at imagining huge numbers, but we're talking about picking a number between zero and 10 to the 77th. One with 77 zeroes after that. To understand how big that is, imagine the diameter of the Milky Way galaxy. Now imagine electrons being lined up right next to each other — and I'm using just the classical electron radius here.

For the entire diameter of the Milky Way we have electrons lined up. That turns out to not be enough. You have to take one of these electrons and blow that up to the size of the Milky Way galaxy and then get another set of electrons going across. Then even that's not enough, you have to take one of those electrons, blow it up to the size of this hall and then you have bacteria lined up one after each other. That's 10 to the 77th. That's how vast the space is of the random number that you're choosing and that is why getting a Bitcoin account doesn't require going to fill out some form and asking permission for an account — you just pick a number.

You just pick a number, that's your private key and you need to defend that because knowledge of that private key is what is needed to spend a person's Bitcoin. Aggregate level scarcity — that is, how do we know how much of the Bitcoin there is in the entire monetary system, and how do we know that's not going to get corrupted? Well, the scarcity is enforced by an open network of miners which are really gossipy accountants and they are rewarded for behaving consistently with the consensus rule set. Finally, how do we know that the record of who sent what to who which is, what the blockchain records — so the blockchain is a series of blocks; each block contains transactions, this person sent money to this person, who sent what to whom and how much and each block is just a record of that — how do we know that that's not going to get corrupted over time? Because, as we all know, there's bit rot.

There can be corruption, there could be some malfeasance going on with the state of the database. The database is maintained because each block has a small data field in it that the miner can change that's called the nonce. And each miner randomly changes the nonce so that the hash of the block is lower than a number, called the difficulty. Usually when we talk about hash functions we don't care about the actual value of the hash function. We just care that the hash matches some other hash. Like if you're checking for file integrity, then you would take the hash of the file that you downloaded and compare that with the hash of the file that you're looking for and you compare those.

In this case, we're actually caring about the number of the hash. How small, how large is that number — and the difficulty is a number that must be satisfied by each block. In other words, the hash of each block needs to be lower than the difficulty. So, to make a real world analogy of this, imagine that you have an accounting book and each page of the accounting book has 10 minutes worth of transactions on it. And you want to make a way to make sure that each page is really rare in some way. One way you could do this is you could say: the mass of every page of this accounting book has to be an even multiple of 1 million atoms. So, each accountant is going to be touching the paper, rubbing it, erasing little bits because at that level you're taking away or adding trillions and trillions of atoms so it's going to be a random number whether your page is actually a exact multiple of a million atoms. So once that's found, that's a very rare page. It's a rare page because it has an exact multiple of 1 million atoms to it, and because it's now a digital representation, you can copy that exactly.

Now you have a chain of blocks, each one of these has this rare attribute and the blockchain links them all together. Scarcity in Bitcoin and Monero: they both have an original code base. There are many, many projects in cryptocurrency in which Bitcoin was simply forked and modified a little bit — that's not the case in Monero. It was written from scratch. The elliptic curves used are different; this is a form of technical hedging. In Bitcoin the secp256k1 elliptical curve is used whereas in Monero it's ed25519. Both Bitcoin and Monero, as I mentioned before, require a private key. Spending the cryptocurrency requires that you know a number and that's the private key. That's true in both Bitcoin and Monero. Where we start to differ is that Monero also has what's called a view key. The view key is another private key which is actually kind of a subset of the spend key.

The view key is what is needed to decrypt the transactions on the blockchain that you personally are involved with. So, if you have the view key you can see what transactions you were involved in on the blockchain. Everything else remains encrypted. The address space is different — in Bitcoin it's 10 to the 60th, in Monero it's 10 to the 76th.

There are more addresses available in Monero, which means if you're worried about the birthday problem — the birthday problem is the problem in which if you have a group of 30 people, chances are much higher than you would expect that 2 people out of those 30 have the same birthday — so if you extend this now to the problem of picking a random number and calling it your own for a cryptocurrency account, you have the same problem. There's no guarantee that the random number that you picked for your cryptocurrency account is not going to subsequently be picked by me. That's the birthday problem, and the birthday problem is less of a concern the more addresses there are. The emission deceleration is another difference between Bitcoin and Monero. In Bitcoin it's stepwise — you might have heard of this thing called "the halvening." This is: every 4 years, in Bitcoin, the number of Bitcoins that gets rewarded to miners as a reward for finding a page in the blockchain gets cut in half.

Which means that on every miner's calendar there's a date circled in red that their income is going to get cut in half. And that introduces a bunch of needless drama, really, in mining. In Monero, we avoid this by having a continuously decreasing emission. Now another difference is in what is the emission rate of coins in the far future. In Bitcoin, the block reward eventually goes to zero and they anticipate using transaction fees to make up the difference.

In Monero, we have a concern that we want to always be assured that miners will have incentive to keep working for the system. And so in Monero we have what's called the tail emission which works out to be 0.6 Monero per block that goes on in perpetuity. But that future money basically gets used to pay miners to continue to provide security for the network. What's the far future inflation rate, then? In Bitcoin, they can say it's exactly zero. In Bitcoin they're fond of saying there's only ever going to be 21 million Bitcoins created and that's an easy thing for people to understand. In Monero, we have constant linear inflation — but it's not really correct to say that this is "infinite supply" as gets bandied about.

Because if you look at the inflation rate — in Monero, it asymptotically goes to zero. If you look at any macroeconomic theory, what the relevant variable is is the inflation rate. Nobody really cares that the nominal amount of US dollars is going up by whatever trillions of dollars per year — it's the percentage that matters. In Monero that percentage is already low and it'll continue getting lower. Some curves to show what I'm talking about — these are supply emission curves showing how many coins of each type exist as a function of time. You can see that Monero had a later start here [2014] and it has a tail emission. This tail emission is this constant linear slope [starting 2022]. The reason for this slope, again, is that the new coins that get emitted are being rewarded to miners who help secure the network. Whereas in Bitcoin, they have an impending problem to deal with in that their coin emission is coming up to this 21 million mark — it [the emission] is going to go basically to zero.

There are some papers out there that have proposed that the security of the network might be in jeopardy at that point. What if we take the first derivative of this curve — so, we look at how much more supply is there in this year versus last year, in other words, what's the inflation rate? Here's what you see. I'm comparing several different assets here. This [lower left] is the inflation rate of gold. We usually don't think of gold is inflating but of course there are miners — there are actual physical miners digging in the ground and coming up with gold chunks to add to the world's supply of above-ground gold. That turns out to be about 1.5% per year of inflation in gold. So if you think of gold as being sound money then that 1.5% inflation rate is going to be sort of a line in the sand. As you can see, both Bitcoin and Monero this dotted blue [vertical] line is showing where we are right now. We're coming to a very interesting point in cryptocurrency history in that, up until now there's been a lot of emission happening.

In order to get these coins out there the block rewards have been relatively high but we're now coming up on a new kind of era of scarcity, if you look at this to the right of here [2019]. And in fact, the inflation rate of Monero is going to be lower than that of Bitcoin for the next 6 years, until 2025. Then there's going to be a 4 year period when they're about the same and then, starting in 2029, the inflation rate of Bitcoin will once again go below Monero. But then, again, this comes with a question mark: how are those miners going to be paid, to be incentivized to support the network — since that is a crucial feature of Nakamoto consensus, that game theoretically, all of the miners are incentivized to be honest and not to try to game the system for their own greed.

All right. There's a form of unwanted scarcity, and that's mining hardware. And this is something that has been a big issue in Monero. In the Bitcoin white paper, Nakamoto wrote "one CPU, one vote" and that idea is that the reward that a miner gets should be proportional to their effort. It should be proportional to the expense that the miner incurred in mining. In other words, there should ideally be a linear function between the miner's expense and the miner's reward.

Now, unfortunately, economies of scale in silicon manufacturing have destroyed this linear relationship. So in other words, if you have about 25 million dollars to spend on a new fabrication facility in Shenzhen, then you can churn out your own silicon chips that do nothing but do the Bitcoin proof-of-work. These are ASICS, and they've been on the network on Bitcoin for several years now, to the point that at this point, Bitcoin mining is basically a Chinese oligopoly. So this brings up a centralization concern. It's not necessarily a problem that it's China that has all the mining, it's really more of a problem that it's one certain area of the world that has basically control of all of the world's Bitcoin hash power. There are further news items that are cause for concern, for example, the growing trade war between China and the West. There is a press article out that said the Chinese government has recently decreed that only Chinese computer hardware is to be used in government offices starting in a year.

There's some deadline by which all of the Dells and the American companies' computers are to be kicked out. So something similar could well happen for Chinese-manufactured Bitcoin ASICS. We kind of take for granted that there's a free flow of goods in the world, but what happens if not only does one part of the world control the manufacture of all of the crypto hash power, but then is unable to even export it due to a trade war? In Monero we try to take this decentralization question quite seriously and we've done some changes to the proof-of-work to support the little guy who's mining. That is, when Bitcoin started, it was possible for just a regular person running the Bitcoin client on their computer to actually have a shot at getting a mining reward. Those days are long gone because now the hash power is dominated by these massive farms of ASICS. So it's just hopeless for any little guy to try to mine Bitcoin. In Monero, we're trying to change that and so the proof of work has been modified several times. And now, as of just last month [November 2019], the proof of work in Monero is now RandomX which actually uses every single capability of a CPU in doing the proof of work.

There's a basically a random program that gets executed. Each core of the processor needs 2 gigabytes of RAM to run well. This was a design decision made to make it harder for botnets to control the network, because if your computer is infected with a botnet and 14 out of your 16 gigabytes of RAM are being eaten up, you're probably going to notice it. So it was a deliberate design decision in RandomX to use a high required amount of RAM for processing. There's another source of scarcity that is not necessarily one that you want in a blockchain, and that is access to layer one.

Bitcoin's 1 megabyte block limit caused a project fork. There was basically a civil war in Bitcoin over whether or not it was okay to make blocks stay at this 1 megabyte limit. It still rages on to this day. It's still a holy war and this is something that Monero has avoided thus far. Its solution to this is to use an adaptive block size in which the maximum block size of a Monero block is flexible and it can organically expand or shrink along with demand. With, of course, provisions in there to prevent the system from getting gamed.

And there's ongoing research to reduce the transaction size. There's bulletproofs that went in recently that reduce transaction sizes by a factor of 10. That went in, and overnight the transaction fees for transacting Monero went down by a factor of 10 because the transaction fee is based on the kilobyte size of the transaction. [Part 2: Fungibility / Privacy] WARREN STEIBEL – "RIGHT OF PRIVACY" (1968): This baby is just one second old. Here in the delivery room of Mount Sinai Hospital in New York, he has just won his first fight — the fight to life.

His parents allowed our cameras to film his birth. His footprints are taken for identification. He is still less than a minute old, and this is his first record. His file has begun. When this baby is a young man celebrating his 17th birthday, the year will be 1984. Will his 1984 be the world that George Orwell foresaw — a world stripped of privacy, a world watched by Big Brother? Or will this child have what Justice Brandeis at the turn of the century labeled our inalienable right, the right to enjoy life, the right to privacy? DR. DANIEL KIM (December 27, 2019):
Bitcoin is transparent. If you are new to crypto you might be under the impression that if you have Bitcoin, you're anonymous. It's this "anonymous magic internet money" that you might have heard about.

Nothing could be further from the truth — the popular press continues to push this misleading narrative. Bitcoin is completely transparent and if you read the Bitcoin white paper, it's all there. It's specified that the sender, the receiver and how much got sent is recorded in plaintext and recorded in the blockchain, which, because it has all this proof-of-work up behind it — remember what I was saying about each transaction in the block has a hash that makes it a very rare and unique set of data, it's the multiple of 1 million atoms thing, right — so basically, these transparent details are written and etched into that blockchain forever. There is no escaping that. It's completely incompatible, for example, with European privacy law, the GDPR, which has this "right to be forgotten" that is totally non-existent in Bitcoin — once a transaction gets put into the Bitcoin blockchain, it's there. It's there forever. And the only thing that is not totally transparent is that the Bitcoin address is just a hex string — it's a string, I mean…

When you come down to it, everything's a hex string — but the Bitcoin address is a sequence of letters and numbers that looks anonymous. But once that gets associated to your name and face, that association, that metadata, that marriage between a Bitcoin account number and your identity, that doesn't change. Because the blockchain is etched in stone forever, and it's constantly growing, the job of the people trying to identify and "dox" everyone is just a waiting game. You have this blockchain — every day, you get some little piece of information — "Oh, you know, Joe in Leipzig signed up with (an) exchange".

Now their identity information is associated with this. Basically, this metadata just kind of continues to gather on this blockchain until you have a situation which is actually much worse than in Fiat. When you have a Fiat bank account, you do not expect that your bank is going to post your monthly statement up on the bulletin board outside the bank for everybody to see. But that is exactly the situation in Bitcoin and it's not just the people out in your neighborhood who can see it — it's everybody. Everybody in the world can see who sent what to whom and when. The unfortunate consequence of this is that Bitcoins have a history behind them.

Remember that in Bitcoin, every Bitcoin in existence first came into being as a reward that went to a miner. Once the miner gets that Bitcoin and then they spend it, it starts circulating in the Bitcoin economy. But because the blockchain is transparent, it's totally "see-through" — the entire history of every single Bitcoin now in existence can be traced back to this person, that person, this person, all the way back to when it was mined. It's as if you have a 10 euro banknote and on the back of that 10 euro banknote you see a nice list showing everyone before you who owned that.

What could possibly be the negative consequences of this? How about innocent people getting falsely accused because they happen to have received money from somebody who, unbeknownst to them, was involved in something that was not very good. This is happening in Bitcoin. There's a reputation in Bitcoin that transfers as well as value and that is what is profoundly disturbing about having this, and I call it a surveillance coin. In a surveillance coin, it's not just value that transmits — it's also reputation. Which means if you're accepting money from somebody, you're also accepting their life, their life history. It's coming to you too. It's not just value. In contrast, Monero is fungible.

Fungible just means that every unit of currency is indistinguishable from the other units. If I have 10 Monero, you have 10 Monero and then we both trade the 10 Monero to other people, they still look like the 10 Monero. There's no history. It works just like a cash bill. It works just how you think cash should work. And it does this by adding three technologies, on top of what Bitcoin does, that preserve privacy. One is ring signatures. In ring signatures, the sender of funds is lined up along with 10 other senders of funds and the only thing that you know happened in that transaction is one out of those 11 people sent money.

It's as if every time you spend money, now you have 10 friends or 10 random people, 10 decoys and all that you know, cryptographically, is one of the 11 of you sent the money. That protects the sender's identity. How about the receiver's identity? Well, the receiver's Monero account does not appear unencrypted on the Monero blockchain. A one-time-use address is what gets put on the blockchain so that protects the recipients' privacy. How about the amount that gets sent? Because there are attacks that can be done by knowing, observing your pattern of how much you spend. That is covered with the technology RingCT, which originally was developed for Bitcoin, but actually first got implemented in Monero. RingCT stands for confidential transactions. And all these things combine to make Monero's fungibility.

So the end result is that in Monero, coins are indistinguishable from their another, or they have no memory. They have no memory of where they've been, which is really what you want in a money. Because the opposite, if you have money that has perfect memory, like it is in Bitcoin, that unfortunately gets used to falsely associate activities of people who had nothing to do with each other.

Because Monero is fungible, users benefit by having privacy. The Monero blockchain is public. Just like Bitcoin, there is a publicly shared ledger of who sent what to whom that everybody in the world can get. All you have to do is download the Monero software and you too can have a copy of this ledger that has the complete history of who sent what to whom. The difference is that in Monero, the details of this blockchain are encrypted so that if you just look at it, you see encrypted garbage. You cannot do what you can do in Bitcoin, which is type in somebody's Bitcoin address and immediately see how much money they have.

I represent high net worth clients, institutional investors — and for them, this kind of "feature" is a show-stopper. Nobody with wealth wants anyone in the world to type in their bank account and see instantly how much money they have. Or see instantly whenever they transfer money out or get money in as you can do in the Bitcoin blockchain — you can set a little automated robot to watch the blockchain for you and send you an alert on your cellphone whenever a transaction goes in and out of any Bitcoin address that you choose.

This sort of, kind of casual surveillance, this invitation to be creepy on your neighbor is something that is intrinsically part of Bitcoin. And the deeper it gets into society, the more insidious it is — the more of a threat it is to all of our privacy. A slander that happens is that "okay, so you have this money that doesn't have a history, sounds like only the criminals are going to want to use it." This is a slander. I'm tired of hearing it. Monero benefits people who have nothing to hide. The chief benefit is that with a money that has no memory, there's no need to worry about being falsely accused of misdeeds due to being one hop away from a "bad person." Basically, when you accept a surveillance coin, you are accepting the risk that somebody unsavory will be sending you something. For example, let's say you have a business — you sell stickers or shirts, t-shirts, something very innocent — and you decide that you're going to accept Bitcoin for your business. Unbeknownst to you, you get a t-shirt order from a gangster, or some drug dealer, or someone like that.

You had no idea they're a drug dealer, they're just sending you some Bitcoin because you're a t-shirt seller and this is how you make money — you need to get money from people. But because the people watching the blockchain and putting faces and names on addresses on blockchain, don't know that — so they can try to program that in, but in the end, it's a probabilistic assessment of "is this bad person really related to you." The only way that somebody finds out that they've been bitten by this is that "oh, gee, Coinbase just emailed me and my account's been closed." Or, even "the Fiat bank that I had associated with my crypto exchange" "now thinks that there's something suspicious about me," "now my Fiat bank has frozen my funds for some reason" — and it had nothing to do with anything that the person in question did, it's just that the money itself has this fatal flaw of…

Totally having a history behind it. It's not really money. It's like Beanie Babies, it's like collectables. It's like collectible items with their own serial number that are getting passed around in this economy. It's not a real money. I want to leave with a Nobel Prize-winning idea. I find that not too many people have heard of this paper. George Akerlof won the Nobel Prize in Economics for his work on asymmetric information in markets. Anyone here know this paper well? Okay. Great. I'll explain it briefly. There are two kinds of used cars. There are lemons, which are the bad used cars. Those are… you buy them and then they break immediately — those are lemons. The other kind of used car is a peach — these are the good cars. Those owners of the peaches, they did all the maintenance, they changed the oil, they did all the work to make sure that they have a nice car to sell.

Sellers know whether they're selling a lemon or a peach. The seller knows that. If you're selling a lemon, you know it. And you're just trying to make money off the selling of the lemon. If you have a peach, you know it because you've been doing maintenance on that car. However, the buyer of the car is ignorant because both lemon sellers and peach sellers make extra sure that the paint job on the car is extra shiny. So the cars all look alike to the buyer so the buyer knows that they are vulnerable in this situation.

The buyer knows that they could end up with a lemon. Because the buyer is ignorant, but not totally ignorant — they are actually aware of their own ignorance — because of that, the buyer then adjusts their offer price to be slightly lower than that of a peach. The offer price for the car is going to be not quite at the peach price here, it's going to be slightly lower. What happens then? If you're selling a lemon and you see this pretty high price being offered for cars, you're happy. Because your lemon, which is worth this low price, can sell for this [higher price].

So the lemon sellers are happy — there are more suckers out there to buy their lemons. How about the peach sellers? The peach sellers are the ones who did the work to have a good car to sell and now they're seeing this offer price which is less than the peach price. They're discouraged. And slightly offended — because all that work they did, all the good work that they did to keep that car good, and they followed all the rules with their car — that good behavior is not getting rewarded in the form of a high price coming from the buyer.

So the peach sellers get discouraged and they leave the market. What happens is that peach sellers leave. Well, now the buyers figure out that their chance of buying a lemon has just gone up and so the price that they're going to offer goes down. And you have this race to the bottom in which the offer price keeps going down, down, down. All of the good sellers leave the market because they are not being justly compensated for the work that they've done. What does it have to do with cryptocurrency? Surveillance coins which have a total record and a total history of who had them are the used cars of cryptocurrency.

Whenever you buy Bitcoin from somebody, and you don't know the history of that Bitcoin, you are the used car buyer in this situation. You don't know if you accept this Bitcoin, "am I going to be just fine" or "am I going to be falsely accused of some who-knows-what?" Who knows what possible crime could have been done with the person who used to own that Bitcoin.

You don't know if that's going to happen to you. So, as a Bitcoin receiver, you are in the position of the used car buyer. What, in this paper, is identified as a means to avoid this race to the bottom — is a signal. So in the car market, for example — there's probably something similar to this in Europe, where you can type in the serial number, the VIN number of a car and then you get a report… you can see if it's been in an accident… this doesn't exist in Europe? Okay, well, Business idea for somebody…

It exists in the United States. It's called Carfax and you type in the serial number of a car and all of its past history comes up. That information can equalize the playing field between the buyers and the sellers of cars. This also happens in the job market. Education is a similar situation. If you are a boss, you're hiring a worker — you have a hundred workers out there applying for jobs. They all look the same to you because it's like everyone starts looking the same, all the resumes look the same after a while.

So how are the sellers of their labor going to distinguish themselves? They're going to have a signal. Education is a signal just like information in the used car market is. Basically, the sellers of labor take it upon themselves to get an educational credential to signal to the buyer of labor that their labor is going to be worth more. Unfortunately, what happens is that the sellers of education then figure this out and then they just start selling education because they know that the people coming for the education are just going to get an employment signal, and so the actual purpose of the education gets lost. This is happening in non-fungible cryptocurrencies as well.

Right now, anybody who signs up for an account at a centralized exchange has to do all sorts of degrading things. You have to hold up a picture of your ID, you have to make a little handwritten note that says this "this is my name," you have to basically submit all this stuff just to be deemed worthy enough to participate in this cryptocurrency economy. That is a signal in this sense too. But what's interesting is that in cryptocurrency, currently, the exchanges bear the burden of due diligence on their customers. It's an expense for the exchanges to be doing, to check all these people out. It could be that in the future that just like in the education market and in the car market, it's the seller who's going to have to increasingly go through hoops basically to prove their worthiness in this whole system.

All right. So just to take a step back, I've gone over scarcity in Bitcoin and Monero, and I've gone over fungibility and privacy in Bitcoin and Monero. And if we step back, I can identify what I think is a reason why crypto is not going to go away — why it's here to stay. Now we have the Internet, we have mobile telecommunication — everybody here has at least one device that is extremely good at copying packets. That's what cellphones are, they're just packet copiers. When you fetch your email, you are copying packets from the email server to your phone to check. We've become just extraordinarily efficient at copying ones and zeros globally.

The marginal cost of shuttling these bits around is zero. So, what is rare in that world, what is rare in a world where every human on earth basically has the ability to copy ones and zeros anywhere around the world for free? Well, it's going to be digital scarcity and digital privacy. Digital scarcity in the sense that there's a sequence of ones and zeros that only you know which is cryptocurrency – that's the private key. And privacy, in which you have a sequence of ones and zeros also that you only know and that you haven't shared with everyone like you've shared the contents of your lunch on Facebook with the entire world and other details of your life that are basically copied around.

These are the two things that are going to be scarce in the future: digital scarcity and digital privacy. Cryptocurrencies offer both, and cryptocurrencies like Monero especially offer both because they offer privacy as well. [Part 3: Community] CORONET INSTRUCTIONAL FILMS – "WHAT IS MONEY?" (1947): So the values of the money we use every day are the values fixed by the government. The paper bills and even the coins are not in themselves actually worth the amounts they represent. Their face values, however, are guaranteed — not only by huge reserves of gold and silver, but by the stability of the government which fixed those values.

As long as people remain confident that our government is strong and secure, they will continue freely to accept and spend its money without questioning the value. DR. DANIEL KIM (December 27, 2019):
In the past when we've had Fiat money, basically, your nationality told you what community you belong to, for purposes of money. If you're born in the Eurozone, well, you use Euros. I was born American, so I use the US Dollar. That kind of gets told to you at birth as an accident of where you were born. Now with cryptocurrencies, because the system of bookkeeping is a decentralized network of computers that can be worldwide, this idea of association is now fluid, it's more open.

It's really like the Reformation of the Church… another famous German, Martin Luther who liberated theology from the kind of centralized control of the Catholic Church and liberated this ability for people to elect to worship in the way that they chose. A similar sort of thing is now possible because of Nakamoto consensus, now 11 years and a month old. Now it's possible for each one of us to pick a group, pick your own church, pick your own… like, that's not really quite right but I think you get what I'm saying.

You can pick your own group of people who agree on certain characteristics that they want their money to have and you are free to associate with each of those groups. So, Bitcoin is one such group — one such group that apparently doesn't… really, is not too bothered by the fact that the currency has this perfect knowledge of history for every single coin that's out there. And that is a large association of people, all of whom have the shared belief that the token that they are keeping track of on their blockchain is money. So there's a similar sort of community formation that happens with the cryptocurrencies. So I'd like to share some of my observations about the Monero community — and by the way, I'm volunteering to be here, I've paid my own dime to come out here from Boston to share what I think my understanding of the current status of cryptocurrencies is with you — Monero is basically run like a charity.

There is no company behind it. There's no pre-mine, there's no scammy way for people to get rich. All of the Monero in existence were given in the past to a miner who was doing the accounting work to help support the network, just like in Bitcoin. So both Bitcoin and Monero have the positive aspect that there's no central company steering things to kind of make a profit — no, it's totally open-source grassroots — just normal, everyday people choosing to run some peer-to-peer network software on their computer and join this community who have this shared ethos in what they think that money should be.

So the Monero community, I find to be idealistic, scientific, and yet very welcoming. It's very chill. There's a lot of "alpha geek" happening in some other coins, in which people are just really out there on Twitter and they just really want everyone to know that they're the "alpha-est" geek out there. That kind of thing is refreshingly absent in Monero, it's very chill. It's one thing that kind of I like about this whole vibe here at c3 — it's very chill! There's just a lot of people lounging. That sort of shared relaxed atmosphere is something that I've personally observed at the Monero meetups that I've been to. Monero Research Lab — we have full-time PhDs who do nothing but cryptographic research. There's sort of a pipeline of research in which pure science gets done at Monero Research Lab. Then, implementations of the promising idea get tested out, then there's an audit process, that we actually employ external auditors, to look at implementations of code — once those are clean, then we go to release.

There's this pipeline of technology from science to engineering that gets pushed out in the actual release of the Monero core software. The LMDB database is another kind of interesting example of how far Monero has come. In the early days of Monero, the entire blockchain was stored in RAM, if you can believe that. So, that kind of puts a hard limit on how big your blockchain can be if it has to fit in RAM. The LMDB block database — which was the brainchild of Howard Chu, who is one of the very frequent contributors and an open-source Linux guru — was added to Monero. Monero is actually number three in terms of developer effort if you rank the coins, not by market cap, but by actual developer effort. It goes Bitcoin, Ethereum and then Monero. It turns out that, well, in my opinion, the killer app of Nakamoto consensus is money because you have a ledger of scarcity that's being shared.

And what more natural thing is there for a shared idea of scarcity, than money? But it turns out that money is non-trivial to get right — it needs to be thought through. These things like… should the money have a complete history behind it, or should it be fungible? Like that kind of basic idea, that basic engineering design decision, has to be made early on because the technology that's needed to bake in fungibility to Monero — it's highly non-trivial. Monero has been at it for 6 years now and has made great improvements in that. And the way that the social contract is, I just can't see this happening in Bitcoin. There are volunteer workgroups for community outreach and, as I said before, all of the funding to support all of this is completely 100% shaking the tin cup and asking for people to donate out of the kindness of their hearts. And the people in the Monero community do that. They actually step up to the plate and they fulfill these [funding requests]. But if you look at the annual budget — if Monero were a company, which it's not — but if Monero were a company, and you looked at its operating budget, you would be astounded at how minuscule, how tiny it is.

And that's because you have idealistic, passionate people working on this project in true open-source spirit, often on their spare time. All right. So, just to summarize: Monero is what Bitcoin noobs think they bought. So I'm going to switch hats a little bit. As I mentioned, one of my jobs before going full time in crypto — I was head of research at a hedge fund, and so the question of thinking of cryptocurrency as an investment comes up. And of course because there have been these spectacular gains in the price of Bitcoin, it gets discussed a lot. One thing that is positive about Monero's culture is that it is generally gauche to talk about prices, and returns, and the price going to the moon. I hope that, well… I have some background in academic finance — there's a paper that I co-authored on the effect of liquidity on asset prices that won a "paper of the year" award in applied finance…

And that, coupled with the Nobel Prize that I just explained — hopefully, I can put a respectable enough academic sheen on the discussion of the finance and economics to be forgivable by the Monero community. But the fact is that this project is going to attract investors, it's going to attract "hodlers." It's a socioeconomic hedge. There are lots of investments, there are lots of ETFs out there.

If you believe that companies should be environmentally sustainable and that their corporate boards should have official policies that mandate sustainability in one sense or another, there are ETFs that will only invest in those companies. So it's possible to be basically an ideological investor so if you really care about sustainability then there's an investment for you. If, for example… say Islamic finance — they are not cool with the idea of interest being paid on loans. So you have another subset of Islamic finance investments that don't involve paying interest on loans. Monero, if you look at it in a similar lens, is basically an ideal hedge for people who have two characteristics. One is that they're concerned about mismanagement and corruption on the part of central banks managing Fiat and two, they're gravely disturbed by the state of surveillance capitalism in which everything about all of us is recorded all the time and will stay forever, and we have little or no control over that.

It's done in the name of security but unfortunately, if you push that line too far, you cease to become an open and free society. There are reasons that we, in the West, have put limits on the powers of government and that is because of an awareness of what happens when there are no limits on the powers of government. So a project like Monero is a hedge — it's basically a "put your money where your mouth is" kind of thing for people who have strong feelings on those two points — so it's just going to attract investors. Gresham's law is an economic concept that the best form of money gets hoarded. So people keep the best kind of money and the inferior form of money, they're going to use that to spend. But the good stuff, they're going to keep for themselves. That's Gresham's law.

So with Monero, this tends to happen. A lot of people in Monero used to be in Bitcoin, but now, whenever they deal with Bitcoin, they find their heads consumed with all these worries about traceability and so on. It's refreshing to come to Monero where you don't have to worry about that because the currency is actually fungible. And because it's fungible, it becomes a superior form of money that gets hoarded by Gresham's law.

That's another tendency that's going to happen: for people to want to keep the Monero and spend the other stuff. Also, capital gains taxes, at least in America. And I believe in Germany too — if you hold an asset for over a year in Germany, you don't have to pay gains on it, that's what I've read, is that right, in Germany?… — so basically, the tax law promotes looking at those cryptocurrency projects that are solid and have a real reason to exist, and so that is also going to attract investment money to Monero. The question is: can these new investors integrate into the community? Part of what I do as a consultant is I try to bridge these worlds.

I try to take these new investors whose inclination might be to want to talk to the "manager of Monero" and have a word with them about the release schedule, and they want this and this and this feature built into the next release — basically, this whole mentality of "I own some tokens therefore I'm your customer and you have to do what I say" which of course falls completely flat on its face in any open-source project — that's not how changes happen in Linux; nobody goes to Linus and demands…

Makes ultimatums on what they want to see in the next rollout. So basically, one thing that I'm doing is trying to bridge these worlds of the traditional investment world and that of the "OG" cryptocurrency open-source world that's surrounding us here. So community investors, I posit, are a subset of investors that can be valued members of the community. Instead of being entitled and thinking that they're customers, they'll take the attitude that they're helping to bear financial risk on behalf of the project. They will do things like take self-custody of their coins and not just leave them on exchange — which lots of people do. Lots of people leave their crypto on exchanges, then the exchange gets hacked, they lose their money. The reality is: if the money is on the exchange and you don't own the private key then it's not your crypto. It's actually an "IOU" that you own for crypto, it's not crypto that you own.

And there's a list of aspects that I think are proper for a community type of investor to be a solid member of the Monero community. One thing to do, also, is to make sure that there are proper legal structures around one's ownership of cryptocurrency. One of the subsets of the traditional finance world that I help to bridge with cryptocurrencies is that of trusts. In a statutory [civil] law kind of regime like Germany, the whole concept of trust might be a little foreign because it comes from English common law. But the idea is that a trust is a legal entity, it's a legal thing. It's kind of a company but it's a different category of legal structure.

A trust is a kind of like a holding vessel for funds that a giver wants to give to beneficiaries — but not immediately. Basically, there are three people involved. There's a grantor who has wealth and wants to transfer it to the beneficiaries but not just outright, they want the money to go into a trust. So the grantor will work to make the rules of the trust and then transfer property into the trust.

As part of the document that defines the trust, you have a list of beneficiaries who could ultimately benefit from the property and then you have a third party which is the trustee. The trustee is the legal owner of the assets that are given into trust — but the legal owner is with conditions. The legal owner cannot do whatever they want with the property, they have to follow the instructions that are in the trust document. So in effect, this is what crypto people would think of as a smart contract. It's kind of an original old-school legal contract, and if you're careful with which jurisdictions you place the various players in the trust, there are advantages that can be had — which are very dependent on jurisdiction, and it's just completely impossible for me to spell it out because of the complexity of this — but possible benefits are legal tax reduction, protection from being sued — in other words, if money is in a trust, it's not the giver's money anymore, it's not the wealth owner's money anymore, it's the trust's money — if somebody sues the wealth owner, the wealth is gone.

It's not theirs anymore, it belongs the trust. And then there are trust laws that protect that money from lawsuits as well. Most people think "well, you know, I'm at low risk. I'm a nice guy, I don't hurt anybody, nobody's going to sue me." But one glaring exception to this is divorce — so people routinely get robbed by people who they only recently married, and it turns out that irrevocable trusts made before marriage — you have to do it before or otherwise it won't count — but it's one of the only things that can survive a challenge.

Also, legal enhanced privacy. So, depending on the jurisdiction in which you place the trust, you could benefit from enhanced privacy protecting those assets. Actually, relevant to people who are not Americans, you may or may not be aware of this, but there's a saying within estate planning and wealth management that "America is the new Switzerland." And this is because America has laws that are asymmetric. America has a law called FATCA, which was put in by Obama, which requires worldwide financial institutions to send data on Americans back to the IRS. This is why it's almost impossible for an American to get a German bank account because the German bank account will have a whole bunch of burdensome reporting requirements to the IRS to take on this American customer. That's why Americans have a lot of trouble when they go overseas to work. In reaction to this, the other countries of the world came up with what's called CRS which is the "Common Reporting Standard." The idea is the same, for example, one European government wants to make sure that its citizens are not trying to hide money in Australia, so they sign this agreement for all these countries to share financial information with each other to make sure that nobody's cheating on their taxes.

So there's a bunch of countries that have signed on to this CRS — but America is not one of them. Thus lies the asymmetry, that for US citizens who doing affairs abroad, like legitimate businesses abroad, all of that information gets sent back to the IRS. But for a non-US person who sets up financial affairs in the US, there is no obligation for the US to send the information back to the home country. So thus the saying, "America is the new Switzerland." [Part 4: Correlation] GATEWAY FILM PRODUCTIONS – "WAVE MOTION: INTERFERENCE" (1969):
The two small dippers vibrate on the surface of the water. Each dipper produces its own pulse and the two sets of patterns overlap. Now the dippers are put out of step.

They are vibrating in anti-phase and produce a different pattern. In step, they produce a pattern like this. Out of step, the pattern is like this. DR. DANIEL KIM (December 27, 2019):
This is kind of a complicated [slide] but this is showing the degree to which the monthly ups and downs of Monero versus the monthly ups and downs of Bitcoin versus the monthly ups and downs of the US stock market, the US bond market, and gold. For example, this square here [second row, far left] is showing the intersection of Monero and Bitcoin. On this [horizontal] axis you see the Monero return, on this [vertical] axis you see the Bitcoin return. You can see that in months when Monero does well, Bitcoin also tends to do well.

You have this kind of pattern, this correlation. Here you can also see that there's some really extreme outlier months for Monero in the positive though. This particular month, Monero basically quadrupled in one month. This is part of owning crypto — that you're on this really wild rollercoaster ride — and you need to be able to deal with that. But what this is showing is that there is a correlation between the returns of Monero and Bitcoin. That's a 0.4 correlation [top row, 2nd from left].

A 1.00 correlation is perfectly correlated — they go up and down together. Negative 1 is the opposite — if one goes up, the other goes down. In Modern Portfolio Theory — and this is true for also your own personal portfolio, it's an idea to think about — if you have two assets who you expect to do well in the future and they're uncorrelated, in other words, when one asset goes up the other is flat or maybe the other one goes down, in other words, the ups and downs from day to day of these two different assets tend to cancel each other out.

If you have that situation then if you make a portfolio out of both of those assets your combined volatility is going to be improved. It's going to be reduced because the components that you're adding are anti-correlated. This is a very big deal for Wall Street investors because it turns out correlation structure tends to be more dependable and long-lived than predictions of outperformance, so correlation structures tend to persist. Wall Street is always looking for sources of uncorrelated alpha. For example, if you look at the correlation of Monero with traditional assets like US stocks, we have 0.01 [top row, 4th from left]. An idea to think about is that putting together assets that wiggle in different ways can be a positive force for your overall portfolio. Now again, as I mentioned, this is only talking about correlation structure, this is the ups and downs. This is not talking about "is the price going to go up in the future" — that's a different question.

So let me show this, and then I'll finish… and I'm sorry, I'm going over [time]… but I guess there's no one after me… but I'll try to make it quick. I think what I'm showing here is pretty much the only asset price chart you need and that is a very long term view. This is showing from the beginning of cryptocurrency, 2009 to 2020. This is 11 years of history and you almost never see this in the crypto bloggers or people on YouTube blabbing about crypto. They're always focused on what happened yesterday. It's totally a distraction for anyone who has a long term view.

So, I would suggest whenever looking at crypto as an asset, to zoom out on the horizontal scale and also zoom out on the vertical scale. What I'm showing here: each of these [y axis] divisions is a factor of 10. Here we have 1 cent, 1 dollar and 10 thousand dollars. This is an initial investment of one euro becoming 10 million euros, that's the scale. And on this sort of scale, all of these ups and downs which seem big, disappear. For example, let's look at the S&P 500, the US stock market. If you're involved at all in the stock market, you know that December 2019 has been a very good month. We're talking 15% up, which is really big for the stock market. But if you look on this scale, it's like a pixel. I think this underlines the decision that anyone has when thinking about cryptocurrency as a possible investment. It's this baby. It's still a baby. It's amazing because it's gone up orders of magnitude and yet compared to other assets, it's still a baby.

This next chart shows that. What I've done here is — it's hard to understand, if somebody tells you that the price of Bitcoin is $7,000, it's hard to know whether that's high or low. Who knows? It's just really hard to know because it's just one Bitcoin and it's hard to put that in perspective. What I've done here is I've taken the value of all of the Bitcoin in existence. Starting from the beginning of Bitcoin, as time goes on, more Bitcoins got rewarded to miners so there have been more Bitcoins in existence and the price has been going up and down. I multiplied the number of Bitcoins in existence by the [then-] current price and that gives you the market cap. What I've done with that is I've divided that by the value of all of the gold, above ground, in the world. All of the gold that has been already been dug out of the ground and is sitting in vaults around the world and owned mostly by central governments, but also a good amount is in jewelry, and so on, and there are estimates of this.

Basically, there are estimates for how much gold there is in the world at any given time so I've divided the value of all the world's Bitcoin divided by the value of all the world's gold. And I've done that for 11 years. What you can see here is that, currently, the value of all the Bitcoin in the world is about 1% of that of all the gold. In other words, all the gold is worth a hundred times what all the Bitcoin is worth. And if you do that for Monero — and, arguably, this analogy is even more apt for Monero, because when you turn a bar of gold over, you don't see a list of everyone who owned that bar of gold, you just see gold — so Monero acts more like actual gold than Bitcoin does, therefore, it makes more sense to make a ratio of all the world's Monero, how much is that worth, divided by how much all the world's gold is worth — if you do that, we're looking at 1/100 of 1%.

That's what I mean when I say that this asset class is still a baby, it's still early. Things could go well for it, things could go very wrong for it. There could be a bug that nobody knows about. There could be governmental action which a lot of people I think overly worry about because I think we geeks tend to think of governments as being like Reddit moderators with ban power. And that's not really how governments work, it's a bit more deliberative — and if an unjust ban happens, there are things like the Supreme Court that might be asked to decide whether, for example, Americans have a fundamental right to transact value in a private manner.

This could be a court case that comes up in the future put forth by people who really care about privacy as a fundamental human right. I'll leave with that, and thanks for your attention..

You May Also Like