Glitch Weekly: Crypto's "training wheels" problem
Plus: The business of Blackbird, and the Tigran Gambaryan saga
Happy Glitch Day! This week we discuss an illustrative security incident, a buzzy crypto app aimed at the restaurant industry, and a dramatic storyline unfolding in Nigeria that more people should know about.
The Linea incident highlights the problem with crypto’s “training wheels” metaphor.
Dear crypto: the “training wheels” metaphor for rollups is getting old.
Literally. Way back in November 2022, a few days before the FTX implosion—at least a decade ago in crypto time—Ethereum founder Vitalik Buterin wrote a blog post on a developer forum that proposed a series of technical milestones for rollups, so-called Layer 2 systems that make Ethereum transactions cheaper and faster. Rollups work by processing transactions separately from the blockchain, every so often sending the chain proof that they acted according to its rules.
Protocols should be evaluated in three stages of development, Buterin said, on a path toward removing what he called their “temporary training wheels”—in other words, the built-in ability for a rollup’s creators to override the system in the case of an emergency, like a hack.
Now it’s 2024, hackers just stole $2.3 million from a decentralized exchange built on an Ethereum rollup called the Linea, and the company behind the rollup is using the term “training wheels” as part of its crisis management communications strategy.
In the scramble to control the attack, which occurred last weekend on an exchange called Velocore, the team at Linea decided to pause the rollup’s sequencer, the component that processes and packages transactions. Critics quickly turned to Twitter, claiming that the company violated crypto’s core principle of decentralization.
Linea also took to Twitter: “Because other avenues of handling this exploit closed, our team halted the sequencer” to stop the attacker. It continued: “Like other L2s, we are still in the ‘training wheels’ phase of existence, giving us safeguards to use.”
Buterin originally used the term “training wheels” to identify a problem: many rollups launched before their technology and governance structures were mature. Information about how a given rollup worked under the hood, and how much control the developers had over the system, was “not well standardized, making it difficult for users to understand what specific trust model a particular rollup (was) using.” The goal should be to lose the training wheels, Buterin argued, such that no single person or group would be able to modify or shut down the rollup. He made an exception for certain emergencies, like a dangerous vulnerability, that would call for a “security council” to intervene.
Currently, Linea claims to be in the first phase of its own path to decentralization—a five-phase roadmap with a detailed list of tasks to be completed, but no clear timeline on when each will happen. Linea has already established “the first iteration of the Linea Security Council” to “monitor the network, protect users, and mitigate the risks associated with a new production system.” The risk disclosures on the company’s website don’t name the members of the council, but they seem to work for Linea; “the team” halted the sequencer, according to the company’s Twitter statement. Either way, the decision was hardly decentralized. (We’ve asked Linea who makes up the council and will update this article on the web as soon as we hear back.)
The Linea episode reflects a deeper problem for crypto. Rollups are consistently touted as a key pillar of crypto’s future, central to onboarding the masses and defeating the claim that these technologies constitute little more than just a digital casino. They can do this, advocates say, because negligible transaction costs make it possible to embed blockchain tooling in consumer-grade apps. Still, in crucial ways, many rollups are as centralized as any “Web 2.0” application. And with millions if not billions at stake in these systems, this isn’t child’s play. —Sam Venis
Ready or not, here come consumer crypto apps?
Last week I noted that the optimistic vibe at Consensus was about more than just the markets. In some ways, it does feel like crypto is winning—and not just in DC. Could it be that it’s on the verge of delivering on some of its decade-old hype?
One talk in particular—featuring Ben Leventhal, founder of Blackbird Labs—got me wondering. Leventhal co-founded the restaurant review site Eater in 2005 and then co-founded Resy, a restaurant reservation platform, in 2014. His new company is piloting a restaurant loyalty system, called Blackbird, that uses a blockchain. The platform is available in New York City and select restaurants in LA, Chicago, and Charleston, South Carolina.
As I listened to Leventhal try to explain why Blackbird uses a blockchain, my thoughts drifted back to almost 10 years ago when a bunch of smart people told me blockchains could be the beginning of a new kind of internet.
Back in 2015, when Bitcoin and its copycats still mostly inspired a “gee whiz!” from the national news media, smart crypto enthusiasts talked a ton about the parallel they said they saw between blockchains and the open-source protocols that formed the foundation of the world wide web. Eventually, many of them said, there would be blockchain-based apps that would look and feel like Twitter and Facebook while avoiding reliance on servers owned by monopolistic tech companies.
It seemed plausible. But as I learned more about blockchains—and in particular how their signature “permissionlessness” was technically at odds with their ability to process more than a few transactions per second—I started having my doubts. The ICO boom in 2017 and 2018 brought many promises from entrepreneurs claiming they could fix the blockchain scaling problem. Then boom went bust and most of those promises seemed to dissipate.
Crypto winter set in and the traditional media lost interest in the technology. But while the mainstream audience wasn’t paying attention, the technology underlying Uniswap, Ethereum’s most popular decentralized exchange, opened a new design space for decentralized financial (DeFi) applications. Crypto came roaring back in 2021. But the “future of the internet” meme took a back seat to the future of finance.
Soon, however, DeFi transactions clogged Ethereum, and the chain became too expensive for most people to use. Blockchain engineers scrambled, and, long story short, had success refining a technology class called “rollups.” Rollups process transactions in a separate, “offchain” computing environment, periodically sending proof to the main chain that they followed the rules. Moving transactions offchain makes them much cheaper and faster.
The most high-profile rollup is Base, which was developed by the crypto exchange Coinbase. Blackbird is built on Base.
The business of Blackbird
Online reservation and delivery platforms hinder the relationship building that independent restaurants, which typically struggle to profit, must do with their customers, Leventhal said in Austin. “Most restaurants don’t really have a good sense of who their customers are,” he said, adding that this information tends to live on the servers of third-party technology companies. “Restaurants are kind of at the mercy of all these technology companies,” Leventhal said, adding that tech companies are “not doing restaurants the basic service of making sure they are connected to their guests.” Blackbird wants to fix that.
The platform’s atomic unit is a check-in. “You walk into the restaurant, you tap one of our NFC chips, and that’s a digital handshake with the restaurant,” said Leventhal. With your permission, Blackbird’s servers pass the restaurant some personal information about you.
“The next thing we are delivering, and this is onchain, is your sort of dining footprint—all of the places you’ve been, all of the places you’ve checked in,” Leventhal said. “So as opposed to all of the other services out there, the restaurant the second you walk in sees your profile of restaurants you like.”
It’s not clear what exactly is going on under the hood, but Leventhal’s high-level logic seems to go like this: since the data about where and what you like to eat and drink—and, crucially, spend—will be onchain, it will be available for you and the restaurant to benefit from, not locked away on a tech company’s server. The potential benefit for restaurants is mostly clear. What customers will get is a little fuzzier, but it seems like Blackbird is creating a kind of enhanced version of a customer loyalty points system for customers using its own token, $FLY.
As a company white paper puts it, the so-called Blackbird Protocol will “facilitate instant and direct connectivity between restaurants and their guests, while providing both parties an engagement, loyalty, and payments network.” The document describes $FLY as “designed to incentivize mutually beneficial behavior among platform participants.” Both restaurants and customers earn $FLY when users do things like check in or pay their tab. Customers will be able to spend $FLY in restaurants while restaurants can use it to incentivize customers to do things like provide feedback or customer referrals.
The token is currently only redeemable at participating restaurants. In the future, it “may be exchangeable and interactive with other blockchain tokens, web3 applications, and third-party rewards platforms,” the white paper says.
“They are not consumer-grade yet”
Success for Blackbird will hinge in large part on whether it can cultivate an economy around $FLY that really does help restaurants and restaurant-goers get more value from the data Leventhal says tech companies are now hoarding. But novel, more equitable markets like this have long been the high-minded promise of crypto. Now something else is happening, too: while DeFi and “web3” applications have historically offered notoriously clunky user experiences, that’s changing fast.
For example, if you’ve ever used a crypto wallet, you understand how inconvenient it can be to have a seed phrase, a long list of random words that serves as a key to your wallet. A seed phrase had better not be forgotten, lost, or stolen—or you’re likely not getting your money back. The Blackbird app is a wallet, but Blackbird has partnered with a startup called Privy, which pulls off certain cryptographic tricks in the background to authenticate users using a mobile phone number.
Also helping improve the crypto user experience is something called “account abstraction.” It’s super crypto, even the name, but the simple effect is that it’s become a lot easier recently for developers to abstract away annoying things about using a crypto wallet, like the need for users to navigate back and forth between the wallet and a web-based application. Apps like Daimo, a payment app that looks and feels like Venmo, and Yonk, a quirky voice memo-based social app, demonstrate how account abstraction and other novel tools can make the crypto wallet user experience much more familiar to normies.
Crypto apps seem finally on the verge of some important breakthroughs. Maybe Blackbird will lead the way. But a lot is still unclear about how exactly Blackbird and $FLY will work, and ultimately how the world of Blackbird will be governed. A lot is also unclear about how rollup systems like Blackbird’s home, Base, will ultimately be governed. That’s important because blockchains are adversarial environments; if vulnerabilities exist, someone will exploit them.
Blackbird is taking a long view, Leventhal said. “We believe that crypto is going to be some of the fundamental infrastructure of the future world and I think the potential of the technologies that we’re looking at and that we are building with right now is incredible,” he said. “But they are not consumer grade yet. So we have to take the time to get to that.”—Mike Orcutt
In case you haven't noticed, the saga involving Binance’s Tigran Gambaryan is quite mad…
Unless you’re an avid crypto news consumer, the Tigran Gambaryan saga may not have registered on your radar yet. After all, it’s happening in Nigeria and the main character works for Binance, a crypto exchange known for doing shady business in the past. But it’s now registering at the highest level of the US government.
On June 4, 16 members of Congress and 100 former US federal prosecutors and federal agents wrote to President Biden, accusing Nigeria of taking Gambaryan, a former IRS agent and current compliance officer for Binance, “hostage” and asking for help in securing his release. They said the case should be referred to the Office of the Special Presidential Envoy for Hostage Affairs.
A day later, the prosecutors and federal agents wrote to Secretary of State Antony Blinken asking for the government to do more to help Gambaryan, according to an Axios report. Crypto venture investor and former US prosecutor Katie Haun spearheaded that letter.
The dramatic saga began in January, when, according to the New York Times, Gambaryan received what he believed to be a request for a bribe from someone in the Nigerian government—which, according to the Times, he reported to Binance’s lawyers and contacts in the Nigerian government. In late February, Gambaryan and his Binance colleague Nadeem Anjarwalla, the company’s regional manager based in Kenya, flew to Nigeria’s capital on business at the invitation of the government. According to reports, the pair hadn’t planned on being there for long. But now Gambaryan is holed up in prison, reportedly infected with malaria and facing an ongoing trial in Abuja.
Anjarwalla and Gambaryan were detained following meetings with the Nigerian officials, which had been slated to discuss compliance at Binance. Instead, they were criminally charged, alongside the company, for tax evasion and money laundering. The authorities demanded that they name Nigerians trading on their platform in order to clamp down on tax evasion, according to the BBC.
The letter from the 16 US lawmakers to Biden argues that Gambaryan is being held illegally. “The charges against Mr. Gambaryan are baseless and constitute a coercion tactic by the Nigerian government to extort his employer, Binance,” they wrote. “Following these charges, Mr. Gambaryan qualifies as a ‘U.S. Citizen wrongfully detained by a foreign government.’”
Nigerian officials have rejected the notion the pair were wrongfully detained. “They have committed a crime,” Nigerian Information Minister Mohammed Idris told Bloomberg.
While Gambaryan remains in jail, the BBC reported in March that British-Kenyan dual national Anjarwalla fled—but the details around his escape and possible whereabouts are hazy. According to one regional report, Interpol is looking for Anjarwalla and aims to bring him back to Nigeria to face trial. But there’s been no official word from Interpol online.
Binance is no stranger to legal and regulatory troubles. Its co-founder and former CEO Changpeng Zhao is currently in prison in the US, serving a four-month sentence for failing to enforce financial compliance and know-your-customer measures following a $4.3 billion settlement. After a Binance spokesperson sent me the company’s blog post relating to Gambaryan, I wasn’t able to open it in the UK, with a firewall placed on its website due to regulations around financial promotions.
But Binance wants to talk this one out. “Let us work through this collaboratively,” the company's chief compliance officer Noah Perlman said on CNBC on Monday. “If we’ve done something wrong in the past—and I'm not saying that we have or we haven’t—but if we have, we want to come to the table and resolve it.”
Gambaryan’s trial started last week, but has so far gone in fits and starts, Perlman said. At one point Gambaryan collapsed in court and has reportedly been denied access to a hospital for treating malaria. “We don’t really see a clear roadmap to getting him back in the near term,” Perlman added. Wild!—Lucy Harley-McKeown
ODDS/ENDS
Coinbase donated $25 million to pro-crypto super PAC Fairshake. “The best way to get regulatory clarity in democratic countries is to elect pro-crypto candidates on both sides of the aisle, and vote anti-crypto candidates out of office,” Coinbase CEO Brian Amstrong said in a statement, adding that it “must be a bipartisan effort.” We talked about Fairshake’s growing influence in the last issue. As Decrypt noted, Fairshake’s $160 million war chest makes it one of the richest PACs this election cycle.
E*Trade has discussed banning meme stock influencer Keith Gill AKA Roaring Kitty. Gill, who played a central role in the GameStop rally in 2021, had been absent from social media for three years before suddenly reappearing last month and igniting another rally. Then last week he posted screenshots showing that he owns $140 million worth of GameStop shares, causing the price to surge again. According to the Wall Street Journal, the debate inside Morgan Stanley, which owns E*trade, “includes whether (Gill’s) actions amounted to manipulation and whether or not the firm is willing to risk drawing the attention of his meme army by removing him.” Meme army.
New York state lawmakers have passed a bill that bans platforms from serving “addictive” social media content to users under 18 without parental consent. The legislation is specifically aimed at algorithms designed to keep users on the platform for extended periods of time. The bill, which Governor Kathy Hochul is expected to sign, will make New York the first state to impose restrictions on how content is delivered, according to the Wall Street Journal.
The US Department of Justice indicted the CFO of the right-wing media publication Epoch Times, charging him with laundering $67 million using crypto. Weidong Guan, also known as Bill Guan, “fraudulently obtained unemployment insurance benefits and other crime proceeds,” according to the DOJ. Next, Guan and his fellow members of the media company’s “Make Money Online Team,” purchased those benefits “using a particular cryptocurrency platform, at discounted rates of approximately 70 to 80 cents per dollar, in exchange for cryptocurrency.” The MMO team then used stolen personal info to open accounts, including crypto accounts, “that were used to transfer the crime proceeds into bank accounts” associated with the media company.
Follow us on Twitter or get corporate with us on LinkedIn—if you want.