The fallout from the recent Bitcoin CVE bug provided a fascinating insight into the Bitcoin codebase, its development and governance. CVE-2018–17144 was a ‘critical inflation’ bug in versions 0.16.3 and 0.17.0rc4 of Bitcoin Core. It allowed a rogue miner to mine a block that created additional bitcoins, violating the strict coin release rules. If exploited, this bug would have severely compromised Bitcoin’s value proposition as a digital sound money. Luckily, the bug was discovered before it was exploited and no harm was done.

The causes of the bug are numerous — if a bridge collapses we cannot blame the last vehicle that drove over it. As Jimmy Song describes in his excellent analysis, the CVE bug involved three separate pull requests dating back to 2011, 2013 and 2017. However, one important factor that cannot be ignored is the haphazard nature of the Bitcoin Core codebase that pre-disposes it to coding inter-dependencies and conflicts. Core developer John Newbery in the Noded Podcast 0.29.0 -

‘Validation for processing a new block is pretty complex and spread out over lots of different functions…It seems overly complex and ripe for refactoring…if this was anything else we might refactor it and say this doesn’t make much sense we should put this here…in consensus you don’t want to refactor because any small change can introduce a consensus bug or incompatibility…you can’t just fix it by moving things around, that would do more harm than good’ — John Newbery

Bitcoin core developers are careful making changes to consensus code because there are so many interdependencies and a high probability of critical failure, which would jeopardize the entire Bitcoin network.

Why is the Bitcoin codebase so precariously balanced? It is the product of Satoshi’s trial-and-error approach based on bottom-up tinkering. Each component of the codebase was layered based on function. Neither Satoshi, nor anyone else at the time knew that Bitcoin would succeed. The first successful implementation of trustless electronic money was by no means the final or optimal code implementation of the technology. Tim May, the cypherpunk godfather, said as much in a recent interview,

‘Satoshi did a brilliant thing, but the story is far from over. She/he/it even acknowledged this, that the bitcoin version in 2008 was not some final answer received from the gods.’ — Tim May

The fact that is Bitcoin was the first trustless currency to survive and thrive in the real world (an unparalleled achievement in the history of humanity). The probability is almost zero that the first successful iteration of a technology is the optimal implementation.

Bitcoin’s core developers

The fallout from the bug also demonstrated that Bitcoin core developers Greg Maxwell, Peter Wuille, and Matt Corallo might as well be the ‘lead developers’ of Bitcoin. UASF in 2017 showed that Bitcoin couldn’t be co-opted by corporate interests, but the response to CVE showed exactly the power that these few men wield. This is not necessarily bad thing — its important to have the most intelligent and competent developers making the decisions about a network worth hundreds of billions of dollars. It does call into question the validity of claims that Bitcoin development is completely decentralized — many ‘medium tier’ developers might proposing features and pull requests, but seems that these select few ‘upper tier devs’ have the final say as to which changes are incorporated. They are also the first to be called when problems like CVE occur.

Re-factoring the Bitcoin code

Later in the podcast discussion, Noded host Pierre Rochard enumerates the case for re-designing Bitcoin from the bottom up, and the opportunities to ‘fix’ the codebase based on real-world knowledge of digital currencies in the wild. He implies that the only altcoins that improve on Bitcoin from a code point-of-view have done so to get rich— a reasonable default position given the extremely low signal to noise ratio of the ‘crypto’ markets and the flagrant profiteering of ICOs and other bad actors.

But what if there were a coin built specifically to address these codebase conflicts and incompatibilities with a similarly well-intentioned vision as Bitcoin? It would never be a one-for-one replacement of Bitcoin, as it could not mimic Bitcoin’s immaculate conception. However, it would have a vastly lower probability of critical consensus failures like CVE, having been designed from the ground up with the lessons learned from distributed digital currencies since Satoshi released Bitcoin in 2009.

Skycoin — Bitcoin redux

It appears there is such a project — Skycoin. Lead developer Synth saw the patchwork nature of Bitcoin code base and lead the charge to re-design it from first principles. Although the Skycoin launch announcement on bitcoitalk forum is December 2013, the Skycoin project has apparently been under development since 2011, the same time as Litecoin.

Skycoin has ambitiously sought to redesign many of the essential components of Bitcoin — most notably Proof-of-Work consensus and mining rewards. In the process they have incorporated many changes and features that have never and probably will never enter Bitcoin. This includes a soon-to-be incorporated implementation of G Maxwell’s privacy proposal CoinJoin among a host of others.

Excerpt from the Skycoin Launch announcement on Bitcointalk forum, December, 2013.

Beyond a re-design of Bitcoin, the Skycoin project quickly expanded to a series of interconnected, modular projects that all seek to address different problems of the real-world implementation digital currencies.

Skywire, an encrypted MESH network routing protocol

Most interesting is an encrypted MESH net protocol that cryptographically protects every packet, designed to act as a highly secure ‘new internet’ and transport network for Skycoin transactions. Named Skywire, it is the networking protocol for the first incentivized MESH net of the same name. It is designed to be platform agnostic — running on dark fiber, copper cables but predominantly on low-cost, 3D-prinable point-to-point directional WiFi antennas.

It is intended that Skywire usage will drive Skycoin adoption, as people will use Skycoin natively to pay for bandwidth on this new internet. This will provide what the developers hope will be one of the first real use cases for blockchain outside of speculation, ICO fund raising and censorship-resistant store of value.

As a contributor to both Skycoin (a distributed digital currency) and Skywire (a distributed networking protocol) Synth demonstrates that he understands the codebase vulnerabilities mentioned above on a very deep level. He describes the Skywire approach distributed system engineering —

‘‘A lot of the system is by composition, you can’t design a complex system and expect it to work. You have to build simple systems that are single purpose that do one thing… the properties of the greater system have to emerge from individual components that have no ambiguity and you know you can implement…or else it will take too long or be too complicated…you’re not innovating very much, you’re using components that have been implemented before, that are straight-forward and simple.’ — Synth

This sounds strikingly similar to Satoshi’s approach to building Bitcoin, which was not the first attempt at digital currency (David Chaum’s Ecash) nor the first application of Proof-of-Work (Adam Back’s Hashcash for email spam & DDOS prevention).

Skycoin is concerned with the larger question of on-boarding billions of people onto a trustless cryptocurrency. This is a wider perspective compared to the Bitcoin monetary maximalists who are only interested in a digital form of sound money to replace central banking. Delineating these two contrasting, but ultimately aligned goals is key to understanding the role that Skycoin plays with respect to Bitcoin in the decentralized cryptographic monetary ecosystem.