December 04, 2016
Fake US embassy provides full service
It's been a while since I've posted on the cost of false documents, perhaps because I've fooled myself into belief that everyone's got the message: you can pick a full set for about $1000.
But this one is more adventurous:
In Accra, Ghana, there was a building that flew an American flag outside every Monday, Tuesday, and Friday, 7:30 a.m.-12:00 p.m. Inside hung a photo of President Barack Obama, and signs indicated that you were in the U.S. Embassy in Ghana. However, you were not. This embassy was a sham.
It was not operated by the United States government, but by figures from both Ghanaian and Turkish organized crime rings and a Ghanaian attorney practicing immigration and criminal law. The "consular officers" were Turkish citizens who spoke English and Dutch. For about a decade it operated unhindered; the criminals running the operation were able to pay off corrupt officials to look the other way, as well as obtain legitimate blank documents to be doctored.
The sham embassy advertised their services through flyers and billboards to cultivate customers from Ghana, Cote d'Ivoire, and Togo. Some of the services the embassy provided for these customers included issuance of fraudulently obtained, legitimate U.S. visas, counterfeit visas, false identification documents (including bank records, education records, birth certificates, and others) for a cost of $6,000.
There's no indication as to why it took a decade to find, nor whether the documents were good enough to fool.
Nor is there any indication in the article as to what $6k buys you - and $6000 does seem to be an outlier. Most of the prior information suggests $1000 gets you the set. It's important to know the number, roughly, because it sets the bar as to how much security we can expect from the state identity machine. Whether $1k or $6k is a low bar or a high bar depends, but what is the case is that there is a bar, above which we can expect criminals to leap for profit.
November 30, 2016
Corda Day - a new force
Today is the day that Corda goes open source. Which will be commented far and wide, so not a lot of point in duplicating that effort. But perhaps a few comments on where this will lead us, as a distributed ledger sector.
For a long time, since 2009, Bitcoin dominated the scene. Ethereum successfully broke that monopoly on attention, not without a lot of pain, but it is safe to say that for a while now, there have been two broad churches in town.
As Corda comes out, it will create a third force. From today, the world moves to three centers of gravity. As with the the fabled three-body-gravity problem of astrophysics, it's a little difficult to predict how this will pan out but some things can be said.
This post is to predict that third force. First, a recap of features, and shortfalls. Then, direction, and finally interest.
Featurism. It has to be said again and again (and over and over) that Corda is a system that was built for what the finance world wanted. It wasn't ever a better blockchain, indeed, it's not even a blockchain - that was considered optional and in the event, discarded. It also wasn't ever a smarter contract, as seen against say Ethereum.
Corda was what made sense to corporates wanting to trade financial instruments - a focus which remains noticeably lacking in 'the incumbent chains' and the loud startups.
Sharing. In particular, as is well hashed in the introductory paper: Corda does not share the data except with those who are participants to the contract. This is not just a good idea, it's the law - there are lots and lots of regulations in place that make sharing data a non-starter if you are in the regulated world. Selling a public, publishing blockchain to a bank is like selling a prime beef steak to a vegetarian - the feedgrain isn't going to improve your chances of a sale.
Toasting. Corda also dispenses with the planet-warming proof of work thing. While an extraordinary innovation, it just will not fly in a regulated world. Sorry about that, guys. But, luckily, it turns out we don't need it in the so-called private chain business - because we are dealing with a semi-trusted world in financial institutions, they can agree on a notary to sign off on some critical transactions; And -- innovation alert here -- as it happens, the notary is an interface or API. It can be a single server, or if you feel like going maximal, you can hook up a blockchain at that point. In theory at least, Corda can happily use Bitcoin to do its coordination, if you write the appropriate notary interface. If that's your thing. And for a few use cases, a blockchain works for the consensus part.
These are deviations. Then there are similarities.
Full language capability. Corda took one lead from Ethereum which was the full Turing-complete VM - although we use Java's JVM as it's got 20 years of history, and Java is the #1 language in finance. Which we can do without the DAO syndrome because our contracts will be user-driven, not on an unstoppable computer - if there's a problem, we just stop and resolve it. No problem.
UTXO. Corda also took the UTXO transaction model from Bitcoin - for gains in scaleability and flexibility.
There's a lot more, but in brash summary - Corda is a lot closer to what the FIs might want to use.
Minuses. I'm not saying it's perfect, so let me say some bad things: Corda is not ready for production, has zero users, zero value on-ledger. It has not been reviewed for security, nor does that make sense until it's built out. It's missing some key things (which you can see in the docs or the new technical paper). It hasn't been tested at scale, neither with a regulator nor with a real user base.
Direction. Corda has a long long way to go, but the way it is going is ever closer to that same direction - what financial institutions want. The Ethereum people and the Bitcoin people have not really cottoned on to user-driven engineering, and remain bemused as to who the users of their system are.
Which brings us to the next point - interest. Notwithstanding all the above, or perhaps because of it - Corda already has the attention of the financial world:
- Regulators are increasingly calling R3 for expertise in the field.
- 75 or so members, each of which is probably larger than the entire blockchain field put together, have signed up. OK, so there is some expected give and take as R3 goes through its round process (which I don't really follow so don't ask) but even with a few pulling out, members are still adding and growth is still firmly positive.
- Here's a finger in the air guess: I could be wrong, but I think that as of today we already have about the same order of magnitude of programming talent working on Corda as Bitcoin or Ethereum, provided to us by various banks working a score or more projects. br> Today, we'll start the process of adding a zero. OK, adding that zero might take a month or two. But thereafter we're going to be looking at the next zero.
- Internally, members have been clamouring to get into it for 6 months now - but capacity has been too tight because of the dev team bottleneck. That changes today.
All of which is to say: I predict that Corda will shoot to pole position. That's because it is powered by its members, and it is focussed to their needs. A clear feedback loop which is totally absence in the blockchain world.
The Game. Today, Corda becomes the third force in distributed ledger technologies. But I also predict it's not only the game changer, it's the entire game.
The reason I say that is because it is the only game that has asked the users what they want. In contrast, Bitcoin told the users it wanted an unstoppable currency - sure, works for a small group but not for the mass market. Ethereum told their users they need an unstoppable machine - which worked how spectacularly with the DAO? Not. What. We. Wanted.
Corda is the only game in town because it's the only one that asked the users. It's that simple.
November 10, 2016
Electronic Signatures in Law - for Free!
In what might become an interesting milestone in legal history for financial cryptography, one of our reliable stalwart resources has now been released in its 4th edition:
Electronic Signatures in Law
Stephen Mason is a leading authority on electronic signatures and electronic evidence, having advised global corporations and governments on these topics. He is also the founder and editor of the international open source journal the Digital Evidence and Electronic Signature Law Review. Stephen is an Associate Research Fellow at the IALS.
This fourth edition of the well-established practitioner text sets out what constitutes an electronic signature; the form an electronic signature can take; and discusses the issues relating to evidence – illustrated by analysis of relevant case law and legislation from a wide range of common law and civil law jurisdictions.
Electronic signatures are ubiquitous. Every person that uses e-mail, uses an electronic signature. Every person that uses a cash card, debit card or credit card uses a form of electronic signature. The fourth edition of this book provides an up-date on the European Union Regulation that repeals the EU Directive in electronic signatures, together with an up-date of the case law across the world. It provides a practical guide to understanding electronic signatures, setting out an analysis of what constitutes an electronic signature, the form an electronic signature can take, the forgery of electronic signatures, and issues relating to evidence, formation of contract and negligence.
The case law on electronic signatures covers a vast range of law, including: employment, family, divorce proceedings, formation of contracts, insurance, e-wills, public administration, judicial use, Statute of Frauds, property transactions, local government planning, criminal procedure, and corporations.
The text includes case law from 38 jurisdictions: Argentina, Australia, Brazil, Canada, China, Colombia, Czech Republic, Denmark, England & Wales, Estonia, European Patent Office, Finland, France, Germany, Greece, Hong Kong, Hungary, Ireland, Israel, Italy, Japan, Lithuania, Netherlands, New Zealand, Norway, Papua New Guinea, Poland, Portugal, Russian Federation, Scotland, Singapore, Slovenia, South Africa, Sweden, Switzerland, Turkey, the United States of America and Zimbabwe.
Even more remarkable, this massive tome is now published under Creative Commons NonCommercial licence so students of financial cryptography can download the PDF from the website, check your jurisdictional questions, and finish up your essay with authority. For Free!
Lawyers in the field would still be encouraged to purchase them, but the prices on the site look rather reasonable - £20 for the kindle/ePub, £40 for the softback and £60 for the hardback.
I'm one who has actually forked out £££ for the Mason tomes, about £120 each one, and read them. Unfortunately because I move around too much they tended to get abandoned in random places - they're heavy! Which made me guilty many times over, but 2 of them have had the benefit of circling the globe a few times now before I donated them to R3's library.
Getting an online version is so much more in line with the modern world, and an incredible bounty to financial cryptography.
November 07, 2016
Senegal to use eCurrencyMint for digital cash
Disclosure - I audited eCM as part of their fundraising process a few years back. Very happy to see them finally announcing their success, and hope there is more to come!
04 November 2016 Source: eCurrency Mint
eCurrency Mint Limited (eCurrency) announced today that it has partnered with Banque Régionale de Marchés (BRM) to provide a digital currency in the West African Economic and Monetary Union (WAEMU). BRM will issue the digital tender, eCFA, in compliance with e-money regulations of Banque Centrale des Etats de l’Afrique de l’Ouest (BCEAO), the Central Bank of WAEMU. This secure digital instrument can be transacted across all existing payment platforms and will be equivalent in value to physical legal tender.
BRM announced the eCFA distribution will begin in Senegal and will be extended in a second phase to Cote d’Ivoire, Benin, Burkina Faso, Mali, Niger, Togo and Guinea-Bissau. The eCFA is a high security digital instrument that can be held in all mobile money and e-money wallets. It will secure universal liquidity, enable interoperability, and provide transparency to the entire digital ecosystem in WAEMU.
“The mission of eCurrency is to preserve the secure and inclusive characteristics of physical fiat currency in our rapidly emerging digital world. We are realizing this important mission in the WAEMU region through the implementation of eCFA by BRM,” said Jonathan Dharmapalan, Founder and CEO of eCurrency.
With only 20% of Africa’s population having access to basic banking services, a trusted electronic means of transacting is the ultimate instrument of financial inclusion. The evolution to an electronic digital legal tender offers citizens a means by which to save and transact in a secure digital instrument. The eCFA is issued to coexist with other forms of currency, offering a digital form to seamlessly send, receive, store, and transact digitally.
“We are committed to bringing digital financial services and true financial inclusion to West Africa,” said Alioune Camara, CEO of BRM. “We are very happy to announce the eCFA capability here. An eCFA backed by our banking system and the central bank is the safest and most secure way to enable the digital economy. We can now facilitate full interoperability between all e-money payment systems. This is a great leap forward for Africa.”
The electronic money provided by BRM can only be issued by an authorized financial institution. It uses high security cryptographic protocols to ensure that it cannot be counterfeited or compromised. Because it is interoperable and it provides transparency it promotes governance and regulation by the central bank.
November 05, 2016
Monetising the dispute
Discussing how we move forward on legal tech has raised the usual (dry, ho-hum) issue - programmers cost money, especially ones doing (dry, ho-hum) code in the field of (dry, ho-hum) law. So I was encouraged in a recent convo to stop asking for charity and instead show some revenue potential for those building the tech.
No matter that the law and courts is the original loss leader of democratic tradition, and also a good way to keep farmers from acting like wolves, the courts are still something that has to be paid for. Somewhere, somehow.
In terms of business models, it's a challenge to find an incentive system to put legal engineers to work, earn a return, and deliver a better result for society. Which is a shame because the new ideas of financial cryptography are showing some screaming improvements to be made.
The classical model for lawtech is to sell software to law firms and earn a support contract. But I don't think this works in the new distributed ledger world because of an assumption I have -- we are moving to a world of non-lawyer arbitrations, in which parties are bound by network contract into a loose association with expert peers to hear complaints. In the future, we'll take our disputes to our own membership, rather than the courts.
OK, so this is a clear assumption of mine, but it is the one I'm making. Now, how to make this work?
In a future world of online dispute resolution of financial contracts, the arbitrator has to be paid. Typically, the arbitrator might assess the fee for each case. I suppose this can be done on a percentage basis or a flat fee basis, but I'd suggest that doesn't concern us right now.
That fee needs then to be split - the infra has to be paid for. Let's suggest that it be broken up into these components:
a) direct fee for arbitrator
b) fee for forum, that runs the archive, the case manager, the arbitrator selection, etc.
We could also assume that the software client used by the arbitrator would automatically manage the remit back to foundation at b) and software supplier at c), because we now live in a world of integrated digital currencies. This isn't a hard thing to program up, once we've agreed on the details.
Would that be enough to make the business cycle start? I'm not sure, but we could go further.
How about we establish a rules-light approach? Now, the interesting thing about this is that it's .... light on rules! And we know what happens when there aren't enough rules - conflict! Which in this case is a good thing.
Arbitrations - or courts - are very good at two things - resolving conflicts (of course) and establishing rules for the future. These latter are called precedents, and they can be very helpful in setting the scene.
For non-lawyers, let me add some more context: An Arbitrator is empaneled on what is probably the most powerful civil setting that exists - to resolve disputes that could run into billions of dollars. The gravity of the ruling requires a scientific approach to the most unscientific of problems - the disputes of man.
Out of this scientific investigation emerges a set of facts, the application of prior code (rules & law) over those facts, and a reasoned decision based on the foregoing. In short, if the situation follows A, B, C, then Rule X, Y, Z applies would be found in legislation or a prior ruling.
For the most part, the law or precedent already exists, but on occasion, the problem is novel, so the present Arbitrator has to create the test herself. Once she has ruled, this ruling can become a precedent that binds or informs future cases. The mechanics vary, but the efficiency is clear - if the original Arbitrator got it right why not follow?
And so the rules get built out. From nothing to an edifice of self-correcting governance, a bit like the tiny programming language of Forth which is basically a tiny VM and a lot of Forth that builds up the environment bit by bit. Notice here how a single precedent becomes a rigourous base for the future, a document that many rely upon. Precedents are bricks on which trade is built; the system is capable of building its own edifice.
That's gotta be worth something. We should encourage more of this, and indeed it was the vision in CAcert that we encourage the Arbitrator to write precedents and fill out the rules. My experience with CAcert tells me that concept was worth a lot -- Since 2007 and 400 closed cases, 20 of them or 5% created precedents, which combined are probably as voluminous as the essential body of policy.
How would we turn this into not only a concept that is valuable but one that also returns value?
What if the precedent were like a Ricardian contract? I mean this in the sense of a property right, with a clause in the precedent that says what to do if this contract were to be invoked - cited or relied upon - in another case. Let's imagine that Alice the Arbitrator has declared the following in her ruling, soon to become an important precedent:
Licence to Rely. A future decision may cite and rely on this ruling by customary fee remitted to the Foundation, under the rules established by the Policy on Precedents as Property.
In this design, I could earn money by establishing really good precedents. When Alice comes along to a new case, and relies on the precedent, she cites my precedent and some of her fee gets sliced across to me.
We'll need some safeguards of course. Could this be abused? Of course. But - actually the positives outweigh the negatives. I want my precedent to be used, so I'm encouraged to write it carefully and solidly. I want others to rely on it, so I write if for the general case as well as the particular case. I won't get any revenue unless future cases find my work compelling. If I spam the precedents book with marginally different cases, I'll get boycotted. There is substantial negative or controlling feedback built into the system.
If I refer to another precedent, I've probably got to slice a fair fee across to it. So we need to adjust the above fee split:
d) fixed portion for precedents, falls across to general insurance fund (not the Arbitrator) if not spent.
e) general insurance fund to handle bigger losses.
A well written and spot-on precedent could make an Arbitrator rich. But isn't that a fair result? If the Arbitrator has slaved through a case and established the rule, which then goes on to guide future cases, business and society, isn't it reasonable that reward flows?
Recall, that the Arbitrator cannot make others rely. Every future case is incentivised to rely on the merits, an Arbitrator is judged on his today-ruling. A ruling has no need to rely - only the efficiency of doing so. So each new event is a due diligence vote over prior work - in effect the entire system would be due diligence.
I think getting the details of a monetary feedback loop over precedents will take some whiteboarding. The details are pretty messy. But it also is enticing. If we think about the entire academic machinery, how cites are obsessed over by tenure committees, and fraudulently rigged in false conferences and chummy cross-citing "peer-review" groups, this mechanism is similar - we are accounting for good work. Why not make precedents linked to money? Why not make it be money?Continue reading "Monetising the dispute"