• en
    • ko

Menu

Decrypto

Blockchain & Crypto Analysis

CHAIN ID, ActiveX, and South Korea’s Authentication Nightmare

Tuesday, May 22, 2018

In order to fully grasp the potential impact of theloop’s CHAIN ID, one must first understand the current digital authentication landscape in South Korea.

South Korea has always been technologically progressive. In fact, the world’s first smart city is situated 40 miles southwest of the country’s capital, Seoul. Thus, it’s no surprise that South Korea was one of the first countries to encourage Internet banking, shopping, and other services in the late 1990s.

It’s hard to believe now, but shopping and banking on the Internet was a completely new technology in the not so distant past. With this new way of carrying out business, both customers and businesses were wary of fraud. To dispel this fear, the South Korean government implemented a nationwide digital authentication system in the Digital Signature Act of 1999.

Authentication Certificates in South Korea

There are two types of certificates in South Korea – private and accredited.

Private Certificates

Private certificates are issued by institutions that are not accredited, or certified, by the South Korean government, and are only valid for specific services. For example, a bank might issue a private certificate to a customer that is only valid for services within the bank. Compared to accredited certificates, private ones are impossible to verify, valid only by mutual agreement by the parties involved, difficult to get compensation for, and are only valid for a limited scope of services. The only advantage of private certificates are that they are often easier to obtain.

Accredited Certificates

Accredited certificates are issued by institutions that are accredited by the government. Currently, the following institutions can issue accredited CAs – KFTC, KOSCOM, KICA, KECA, and KTNet. Accredited certificates, while more difficult to apply for, offer quite a few advantages when compared to private certificates. Accredited certificates are seen as legal binding endorsements, are valid for compensation in the event of damages caused by the certificate, and can be used for a variety of Internet services without the need for multiple certificates. Thus, the accredited certificate is by far the most popular authentication in Korea with over 33 million issued certificates.

How Accredited Certificates are Generated

Accredited certificates are issued by government-accredited institutions through a process of manual verification of a resident’s National ID and other documents. Following verification, a resident’s identifying details are hashed into a public/private key pair along with the issuing authority’s digital signature. This process places burden of proof on the issuing CA.

After the certificate is generated, the resident can use his or her public key for online financial services such as banking and shopping.

The Age of Internet Explorer & ActiveX

In the late 1990s, Internet Explorer was the most popular web browser in the world. Hard to imagine, right? In addition to basic browser capabilities, Internet Explorer also offered a software framework for plugin development called ActiveX. South Korean institutions ended up using ActiveX to develop software which allowed users to upload their certificates to authenticate financial transactions online. Keep in mind there is no industry-standard software. Thus, Koreans are forced to install many ActiveX plugins in order to use their assortment of authentication certificates. This can only be described as a user experience s***show with glaring security holes.

Over the next decade and a half, the rest of the world moved on. The online shopping and mobile device industries experienced unprecedented growth, and the FIDO Alliance was established. In short, FIDO provided a standardized protocol for supporting a full range of authentication technologies including biometric, fingerprint and iris scanners, voice recognition, and more. Korea’s inability to adapt and integrate with FIDO left the country at a disadvantage in the global business and trade sectors.

In May 2014, the South Korean government announced that authentication certificates would no longer be required for financial transactions under ₩300,000 (approximately $280). This was a response both to complaints about a Microsoft-centric culture and also the inability for foreigners to buy goods online because they are unable to apply for accredited certificates. One notable example was Chinese customers not being able to purchase clothes and accessories worn by characters on the famous Korean drama, 별에서 온 그대 (My Love From the Star). While this particular situation may seem a little silly, it’s a great example of how South Korea’s absurdly complicated authentication requirements effectively put a bottleneck on the country’s economy.

An official statement from South Korea’s Financial Supervisory Service read, “the revision is expected to improve the complicated security system and diversify payment methods by giving more freedom to financial firms to decide on their own security.” As a result of this new regulation, new services would eventually find their way into Korea’s complicated authentication landscape, but accredited certificates are still issued and used to this day.

theloop, CHAIN ID, and ICON

Last October, theloop revealed that its blockchain-based authentication solution, CHAIN ID, was already being piloted by 25 banks and securities companies in the Korea Financial Investment Blockchain Consortium. Half a year later, theloop announced that CHAIN ID would be used by Samsung (one of Korea’s largest companies) in their biometric authentication technology, Samsung Pass. Recently, ICON Foundation wrote, “in the future it is expected that there will no longer be classifications of certified/private certifications, and all certificates will have the same authenticity.”

Connect the dots.

  • CHAIN ID is already being used by some of South Korea’s largest banks and securities companies.
  • CHAIN ID is being implemented in Samsung Pass. Samsung has over 57% market share in South Korea’s mobile smartphone market.
  • ICON revealed there will only be one kind of certificate in the future.

After a little reading between the lines and a tiny amount of educated speculation, I have come to the conclusion that the majority of digital authentication in South Korea will happen on the CHAIN ID platform in the near future. This blockchain solution is being aggressively adopted by the country’s biggest financial and technology firms. If there’s really only going to be one certificate in the future, it’s obvious they will be issued by the first mover in the space – theloop’s CHAIN ID.

What is CHAIN ID?

Now that we’ve established that CHAIN ID will probably take over South Korea similar to how Thanos took over the universe in the most recent Avengers movie, let’s talk a little about what CHAIN ID is exactly and how it may or may not affect ICON in the future.

A Smart & Distributed Network

South Korea’s current authentication system relies on a centralized network of government-approved entities who are allowed to issue accredited certificates. This system works because a certificate’s trust value is backed by the accreditation and approval of the government. CHAIN ID, on the other hand, provides trust via a decentralized or distributed network.

CHAIN ID leverages several aspects of a distributed network to provide a secure, scalable, and smart authentication platform. The decentralized nature of the platform makes it less prone to major hacks because data monopolization is not an issue. Secondly, decentralized networks are easier to scale than their centralized counterparts. Lastly, CHAIN ID runs on a system of smart contracts and extended feature sets can be easily implemented in the system. This means complex DApp ecosystems can easily integrate CHAIN ID for authentication services.

On the CHAIN ID platform, joint authentication certificates are issued through consensus of all the nodes on the network. These certificates are called “joint certificates” because they are generated through “joint consensus” of the network participants. As a result, these joint certificates are valid for all services offered by CHAIN ID nodes. Smart contracts ensure the network’s rules are being obeyed, keeping data secure and up to date.

The Future of CHAIN ID

On a philosophical level, the concept of identity is integral to the human condition. Proving our identity is part of our everyday lives, and this aspect of modern society moving over to the blockchain is absolutely fascinating. On a technical level, CHAIN ID is just a DApp running on theloop’s blockchain engine, but I believe it has the potential to have a profound impact on South Korea’s culture and economy. With so many major companies and institutions adopting CHAIN ID, it’s only a matter of time before we see more complex ecosystems governed by smart contracts with CHAIN ID acting as an authentication layer between the real world and digital world. Keep in mind that these DApp ecosystems will require an interoperable protocol to communicate with each other.

That’s where ICON comes in.

What is Blue Whale – Part 1

Friday, May 11, 2018

Blue Whale is a blockchain project that promises to revolutionize the gig economy by cutting middleman costs and introducing traditional concepts like benefits and pensions to freelancers around the world. As a freelancer myself, this project seriously caught my interest. In this first post, we’ll take a look at the current state and weaknesses of the gig economy.

What is the Gig Economy?

Before we dive into the details behind Blue Whale, let’s take a moment to understand what “gig economy” means. If I understand it correctly, “gig economy” refers to the various participants in the freelancing industry.

  • A business uses Fiverr to find a graphic designer to create a new logo.
  • A local guide uses Airbnb to sell experiences to tourists.
  • A driver uses Uber to locate customers who need a ride somewhere.

In the examples above, there are always three or more parties that make up the gig economy — freelancer, client, and a marketplace platform.

The world is becoming more Internet-centric each year, and the global surge in the number of freelancers reflects this fact. Between 2012 and 2017, the number of Internet users globally grew from 2.4 billion to 3.58 billion. In other words, over 1 billion new people were presented with the opportunity to market their freelance skills and services to the world in the last five years.

Number of internet users worldwide from 2005 to 2017 (in millions).

I believe there’s also a cultural shift going on, especially in my current age demographic (22–28). The previous generation placed heavy emphasis on securing a stable 9–5 job immediately after graduating from university. This is simply not the case anymore for us “millennials”. Many of us value freedom above financial security, and choose to live and work as freelancers. In fact, 36% of the USA’s workforce already classify themselves as freelancers, with a staggering 50% of millennials committing to the freelance lifestyle. This number is projected to increase even further in the coming years.

What’s Wrong with the Gig Economy?

Millions of people around the world are making a successful living in the gig economy, so it must already be perfect, right? The Blue Whale Foundation doesn’t think so, and their primary arguments revolve around reliance on centralized marketplace platforms, job security and benefits, and expensive advertising and marketing costs.

Centralized Marketplace Platforms

Airbnb, Uber, and Fiverr are three examples of centralized marketplace platforms. These tech giants match freelancers with clients, and provide communication and transaction services. In exchange for this service, these platforms charge a commission rate or service fee.

Examples of commission rates from Blue Whale’s white paper.

In Blue Whale’s white paper, they state that Uber charges up to 42.75% and Fiverr charges up to 22.9%. I have a few friends who use Airbnb Experiences to market their own tours, and they told me Airbnb’s commission rate is 20%. Depending on how you value these platforms, the presented commission rates could be considered reasonable to exorbitant.

In my opinion, Airbnb’s 20% commission on Experiences is completely reasonable —especially in highly penetrated markets. Japan currently has over 55,000 Airbnb listings, and this number is projected to increase as we inch closer to the 2020 Olympics in Tokyo.

Let’s say Tokyo accounts for 60% of Japan’s listings — that’s ~33,000 properties. With a 50% booking rate (my guess is the actual booking rate is much higher) and an average three night stay with two guests per property, you’re looking at an exposure to ~4 million people who may find your Experience as a result of their Airbnb accomadation booking.

Tokyo, Japan is one of Airbnb’s most popular markets.

It’s also important to assign value to the legal hurdles that Airbnb had to jump through in order to penetrate a popular market like Tokyo. They spent A LOT of money to build the number one accommodation platform in the world, and now they’re enabling tour guides and skilled people around the world to host experiences for an established user base. This doesn’t even take into account the fact that Tokyo’s hotel industry is severely overcapacity and overpriced, and many tourists are essentially forced to use Airbnb to get a good deal. I think a 20% commission rate is okay.

On the flip side, Uber charging up to 47.25% as a result of booking fees in addition to the advertised 25% commission rate is bull****. This means an Uber driver only nets $18,462.50 from $35,000 worth of fares, and this doesn’t even take into account other things like gas expenses and insurance. Now I really don’t understand how people can try drive for Uber “full time”.

While I agree that some centralized marketplace platforms (Uber) are gauging users with ridiculous fees, it’s important to realize that some platforms (Airbnb) actually charge reasonable rates that are in line with the services and exposure they offer. Decentralizing marketplace platforms and eliminating the middleman may be beneficial to certain industries, but it’s definitely not a blanket solution for every industry—at least not in the foreseeable future.

Job Security & Benefits

Freelancing platforms don’t offer much job security and traditional employee benefits. For example, Uber treats their drivers as independent contractors. This means drivers do not receive health insurance and other employee benefits. Uber offers low-liability car insurance when the Uber app is on, but drivers must provide their own car insurance when the app is off.

Other downsides of freelancing include lack of traditional benefits like paid time off and retirement pensions. If a decentralized blockchain platform can generate enough value to offset funds to provide these benefits to freelancers, this would be truly amazing.

Advertising & Marketing Costs

Blue Whale claims the average small business spends ~$10,000 per month or ~$120,000 per year on Google Adwords and Facebook ads. According to Sageworks, the average small business spends 1–5% of revenue on advertising. With this in mind, a business with a $10,000 per month ad budget should be bringing in between $2.4 million to $12 million in revenue. I wouldn’t classify these numbers in the small business category.

While the presented numbers may be a little inflated, I do get Blue Whale’s point. I ran a small business in the past, and it was difficult for us to spend our hard earned profits on Facebook ads ($1.72 Avg. CPC) and Google Adwords ($2.32 Avg. CPC). Another thing to consider is that CPC costs in freelancer-saturated industries are likely to be on the higher side due to more competition. For example, a freelancer running a web hosting or web design business (two highly saturated niches) may have a difficult time marketing their business without significant ad spend.

If a decentralized blockchain could help reduce advertising costs and level the playing field when it comes to the relationship between ad spend and ad display, that would certainly be a relief to many small business owners.
In the next post of this series, we’ll take a closer look at Blue Whale’s WORK System, and how it will be used to change the gig economy.

Platform Coins & Substratum

Friday, January 12, 2018

In 2017, we saw the meteoric rise of several platform coins.

  • ETH from $7 to $800.
  • ADA from $0.02 to $0.5.
  • NEM from $0.0001 to $0.9.
  • NEO from $0.14 to $70.

Why is so much money flowing into platform coins?

The crypto market is insanely speculative at the moment, and platform coins are multipurpose by nature. This means people will be able to build apps and services on top of these platforms to cater to different markets. Thus, there’s a higher chance for a platform to go mainstream.

This is why I believe Substratum will be THE platform coin of 2018.

Take a look at the Top 50 coins on CoinMarketCap, and you can see a lot of platform coins – Ethereum, Cardano, NEM, NEO, QTUM, Lisk, Waves, etc. The list goes on and on.

The strength in a decentralized network is… decentralization. In order for that to happen, more nodes need to go online. In order for more nodes to go online, more people need to set up nodes. In order for people to set up nodes, they need to be incentivized.

That’s the problem.

Crypto fanboys love setting up nodes, and they seem to think the majority of the world’s population shares this mindset. That could not be further from the truth. The average person is NEVER going to set up an Ethereum or NEO node to contribute to the network. It doesn’t matter if you try to explain running a NEO node and staking NEO can earn you GAS dividends. The truth is running a node does not contribute to most peoples’ lives in an immediately tangible way. The average person expects technology to have an easily understandable and positive effect on his or her life.

This is why I believe Substratum has the best chance of going mainstream.

Humans have a few basic needs, and two of them are communication and entertainment. Throughout history, our forms of communication have changed drastically, but the underlying principle has not. We crave connection with and affection from others of our kind.

In today’s world, these two principles have been severely limited. The Internet is now the most common and convenient form of communication, yet it’s severely limited for so many people around the world. In countries like China, Russia, Indonesia, and Thailand, people are constantly using VPNs to get access to what they want. Unfortunately, VPNs can be easily identified and blocked. The Chinese government is even looking to have telecom companies block all VPN traffic in 2018. It’s time for a better technology to emerge, and Substratum is the answer.

Like I said earlier, most platform coins give zero incentive to the average user for setting up a node. They have nothing immediately tangible to gain. “Contributing to network decentralization” means NOTHING to them.

However, when you tell someone in China they’ll be able to use Substratum to watch cat videos on YouTube without having to worry about switching VPN providers all the time. Well, that’s honestly life changing, and that’s how the network effect starts.

Now, think about all the more important use cases for Substratum in addition to getting access to cat videos 24/7. Using Substratum, people will be able to bypass censorship in their search for the truth. They’ll be able to communicate with who they want, whenever they want. They’ll be able to get access to a free Internet, and all the knowledge that comes with it.

Substratum is a solution to two of our most basic needs – unfiltered communication and entertainment. Once the network effect takes over, developers will start building apps and services on top of Substratum. Decentralized web hosts, “VPN” services, and truly anonymous messaging platforms are only the beginning.

Substratum Misconceptions & FUD

Monday, January 8, 2018

Here’s a collection of misconceptions and FUD about Substratum.

Substratum is a scam. They don’t even have a working platform.

Substratum has been in private alpha testing for a while now. They’ve even made a video with updates after the first alpha test. Here it is.

Secondly, there has been a lot of development discussion about the alpha tests on the official Slack channel. Do you really think the Substratum team has made a bunch of fake Slack accounts to make it seem like they have a working platform? If they were actually interested in doing the typical ICO exit scam, they would’ve done so a LONG time ago.

Substratum’s beta launch is happening this month. V1 will come shortly after in January 2018.

Substratum requires extra software to use the network.

This is a very popular FUD point being spread by Substratum’s competitors. Viewing websites hosted on Substratum DOES NOT require any extra or special software. You can use any web browser including Safari, Chrome, Firefox, and even Internet Explorer.

If you are interested in running a node or becoming a web host on the network, then you’ll need to download the Substratum software.

SUB has crazy inflation. It will never go up in value.

This is just plain FUD. SUB is not an inflationary token. In fact, the team has been doing coin burns to stop any fear of a developer coin dump. The next coin burn of 60-100 million SUB is scheduled for a few days after listing on Bittrex.

The only thing that can even be remotely misunderstood as inflation is the following…

Should the market ever reach 90% saturation, the network will create 10% additional tokens and separate them into an account that is only used to fuel the network. These will not hit the exchanges and will only be available for transactions within the network.

This statement can be found in Substratum’s official white paper. If you’re a FUDer who didn’t score high in elementary school level reading comprehension, the above statement confirms that any additional tokens will only be used for network maintenance. They will NOT be available for trading on exchanges, thus there is no circulating supply inflation.

Substratum is not open source because the team wants to scam people.

The Substratum team has chosen not to open source the project until proper internal security audits have been performed. This is not a Blockchain project where people can adopt kittens. Substratum will be used by people around the world to battle censorship and to transmit and receive personal information. Security is of the utmost importance.

Keeping the project closed source for now enables the team to focus on patching any potential network-destroying vulnerabilities before mass adoption. The team has stated many times that they will be open sourcing parts of the project as needed in the future.

Lastly, keeping the project closed source for now prevents competitors from stealing and cloning the source code. There is no scamming going on.

Substratum – A Decentralized VPN

Friday, January 5, 2018

A VPN (virtual private network) is a service that allows users to connect to the Internet through another server in a different geographical location. Contrary to popular belief, VPNs don’t provide complete anonymity. However, they are often used to enhance privacy, geo-spoof internet services, and gain access to blocked or censored websites.

When you connect to a VPN server, the destination will only be able to see the VPN server’s IP address. Thus, if you’re trying to access a website or service that’s blocked in your country, a VPN could be a potential solution.

For example, countries like China and Russia have a pretty strict policy when it comes to web censorship. By using a VPN server located outside the country, users are able to access Google, YouTube, NY Times, etc.

The VPN Market

According to this study, the global VPN market was worth approximately $40 billion in 2014 with expected growth to $70 billion by 2019.

Check out this awesome graphic courtesy of Comparitech.

As you can see, VPN usage for many people in Asia and Eastern Europe is a way of life. They rely on VPNs for access to the kind of entertainment they want, news from government-censored news sites, and services to communicate with family and friends overseas.

If you’re reading this right now, you probably share the same opinion as me – free access to the Internet should be a basic human right in 2017. Unfortunately, that’s not the case. Thus, it’s extremely important to have a reliable tool that can bypass these government-imposed restrictions.

The Downsides of VPNs

VPNs, while useful, also have many downsides.

Government Intervention

The most obvious downside of VPN services is the threat of government intervention. Most VPN services are structured as centralized companies, and can be easily shut down by governments. Some governments, like China’s, are also capable of forcing telecommunication companies to completely block all VPN traffic.

VPN Identification

VPN traffic has a unique packet signature, and is easily identifiable. This makes it very easy for ISPs to block and filter VPN traffic.

Cash Flow

VPN companies operate physical servers in expensive data centers. Like any other business, they need cash flow to keep the lights on. If you’re the owner of a VPN company, and the government is constantly blocking your IP addresses…how long are you going to put up with that before it’s not worth the trouble anymore?

What is Substratum?

Substratum is a new blockchain-based platform that decentralizes the Internet. The platform is comprised of two main pieces of software – SubstratumHost and SubstratumNode.

SubstratumHost lets users contribute computing resources to host websites on the network. Anyone can host content on Substratum, and be paid for their contributed resources. SubstratumNode acts as a mesh network that routes traffic through Substratum’s network.

Using Substratum as a VPN

Even though SubstratumNode wasn’t designed to be a VPN replacement, it effectively does the job even better than a VPN. Traffic on the Substratum network is disguised as generic HTTPS traffic, and doesn’t contain any easily identifiable packet signatures. Secondly, each request on the Substratum network is sent through a different route stack. This makes it very difficult for ISPs and other services to implement any kind of effective IP blocking. The only way to fully block Substratum is to simply shut off a user’s Internet connection. I don’t think ISPs will go that far…

Unlike traditional VPN companies which own many servers and IP addresses in data centers, Substratum is completely decentralized. There’s no centralized office that the government can shut down. The “VPN” will live on thousands if not millions of private computers around the world. Since Substratum doesn’t need to worry about the logistics and risks of maintaining centralized servers, they are free to focus on improving the software for users around the world. This model has been shown to work… Uber, a transportation service that doesn’t own any vehicles. Airbnb, a property rental service that doesn’t own any property. Substratum, a web hosting and Internet service company that doesn’t own any servers.

Lastly, I just want to state the obvious when it comes to the economics of using Substratum. Traditional VPN services require a monthly fee. Using SubstratumNode is free, and you even get paid in SUB for forwarding requests. What are you going to choose? An inferior tool that you have to pay for, or a superior tool that pays you to use it?

The Substratum team is extremely ambitious. Their vision is to completely decentralize the Internet. In the meantime, however, I think they should push SubstratumNode as a superior replacement to VPNs. By doing so, more users will be brought on to the network, which results in more decentralization and increased network performance and anonymity. This would also be great news for SUB token holders. Like I said earlier, the VPN market will be worth approximately $70 billion in 2019. If SubstratumNode manages to capture even 5% of that market, SUB holders will be very happy.