Bitcoin Cash (BCH): Investment flow data (update)

Abstract: In early September 2017, we published a piece on Bitcoin Cash  (also known as BCash) and how one can analyse transaction data on the two blockchains involved in the split, to try to draw conclusions about the potential investment flows between the two chains.  In this piece we update the analysis, with another three months worth of data.


Total coins spent

Bitcoin had an initial lead with respect to total coins spent at least once since the fork, when compared with Bitcoin Cash.  However, Bitcoin Cash caught up in early September.  Since then both coins have been approximately neck and neck.  As at 29th November 2017, 6.5 million and 6.3 million Bitcoin and Bitcoin Cash coins have been spent at least once since the fork, respectively.


Figure 1 – Bitcoin Cash (BCH) vs Bitcoin (BTC) – Number of coins spent at least once since the chain split

Source: BitMEX research, Bitcoin blockchain, Bitcoin Cash blockchain, Bittrex (Price data)


Daily Bitcoin Cash Spend for the first time

Although there have been several spikes, normally after a rally in the Bitcoin Cash price, the number of Bitcoin Cash coins spent each day (for the first time since the fork) continues its decline.  In the last five days, the average daily first time spend has been just c19,000 per day, compared to lows of around 50,000 in August.


Figure 2 – Bitcoin Cash coins spent for the first time since the split (daily)

Source: BitMEX research, Bitcoin Cash blockchain, Bittrex (Price data)


Transaction Volume

With respect to transaction volume, a more normal metric compared to our somewhat convoluted first time spend since the fork metric, there is not much change in the relative transaction volumes of the two chains.  The total cumulative Bitcoin Cash transaction volume is 5.5% of Bitcoin, since the fork.  Although this figure is increasing slightly, averaging at 6.0% in the last 10 days, compared to the overall total figure of 5.5%.


Figure 3 – Daily transaction volume (Number of transactions)

Source: BitMEX research, Bitcoin blockchain, Bitcoin Cash blockchain, Bittrex (Price data)


Proportion of Bitcoin Cash coins spent

In the first four months of Bitcoin Cash, 38.5% of all coins that existed at the time of the fork, have been spent at least once on the Bitcoin Cash chain.  In our view, this is a remarkably high figure, considering many millions of coins are lightly to have been lost forever years ago.


Figure 4 – Bitcoin Cash (BCH) – Proportion of spent vs unspent coins since the chain split

Source: BitMEX research, Bitcoin Cash blockchain



In our view, the above data shows that after just four months, there may have been considerable investment flows between the two coins.  Therefore, many supporters of each coin may have already made their respective investment/divestment decisions, and the future of each coin may now be determined more on merit or utility, rather than the opinion of the holders at the time of the fork.

We would like to remind readers that there are many weaknesses with resepect to this analysis, the main one being that a spend on the Bitcoin Cash chain does not necessarily relate to a divestment.


Bitcoin’s Unique Value Proposition

Abstract: In this piece we examine the question of “What is Bitcoin for?”  We conclude that neither low cost payments, censorship resistance nor digital payments, are particularly compelling on their own. However, when combining both censorship resistant money, with the ability to use money electronically, we have a potentially interesting and somewhat unique set of characteristics.



There has been a significant amount of debate and discussion in the Bitcoin ecosystem, about what Bitcoin is for.  Should Bitcoin be a form of “digital gold”, where a robust rule-set and a resilient network are the priority, or should Bitcoin primarily be considered as a payment system, where low transaction fees are the focus?

Of course most people would like Bitcoin to excel in both of these areas and in the long term,  Bitcoin may be able to do so.  However, the blocksize debate opened up a schism in the community, about which area should be the priority, in the short to medium run.

In this piece we look at three key characteristics of money and payment systems:

  1. Low transaction fees,
  2. Censorship resistance, and
  3. The ability to transact electronically.

We then look at various choices one could make when deciding which type of money to use and the set of characteristics that each choice provides.  We look at where Bitcoin should position itself, such that it may be able to provide a unique option.


1. Low transaction fees

Low transaction fees and usability have clearly been a key selling point of Bitcoin to many people.  Bitcoin has had lower transaction fees than many online international banking transfer systems and Western Union for example. A simple user experience is key to adoption, and there is a fear that if user adoption is too slow, Bitcoin may lose out to alternative payments solutions, either traditional centralized type systems or alternative distributed proof of work based tokens such as Ethereum.

However, although Bitcoin is cheaper and perhaps easier to use than some centralized alternatives, in many cases centralized alternatives are faster and cheaper than Bitcoin.  For example in many Western European countries, retail domestic interbank transfers are both free and instant.  In China, Alibaba (BABA US) and Tencent (700 HK) are offering fast, simple and cheap payment solutions.  Tencent is said to be able to handle 200,000 transactions per second, far in excess of what Bitcoin can achieve.  Some may see these offerings as a risk for Bitcoin, while others see this as a battle Bitcoin was always going to lose anyway.  Although currently fast and free payments are not available to everyone in the world, therefore Bitcoin can fill a useful niche.  However, if instant and free payments can eventually be provided by traditional payment solution providers, is it really sustainable to build Bitcoin based on the assumption that they won’t ever provide such an offering?


A shop window displaying various electronic payment options, including Alipay, WeChat Pay and Apple Pay


2. Permissionless & censorship resistant money

Other members of the Bitcoin community prioritize other features, ahead of low fees.  This is often characterized as “censorship resistance”, but may actually refer to a range of related properties.  The main aspects of these features are the following:

  • The ability to use the system without seeking permission,
  • The inability of the government or the authorities to block payments,
  • The inability of the authorities to reverse payments, and,
  • Resistance against the entire system being shut down.

However, just like the low transaction fee use case mentioned above, these characteristics are also non unique.  Physical cash (notes and coins) also have these features, again making Bitcoin seemingly useless.  Physical cash not only has these features, it has them to a far greater extent than Bitcoin.  Cash also has additional features which Bitcoin cannot offer, such as the ability to use cash when communication networks are unavailable or without a device such as a smartphone.

It should be mentioned that Bitcoin may have one interesting feature here that physical cash does not have, the censorship resistance of the rules of the monetary system as a whole.  In Bitcoin, end users may have the ability to enforce all the rules of the system, which cannot be said for physical cash.  This ensures some interesting properties such as the 21 million supply cap or preventing other inflationary type policies, not available as an option for physical cash.  In this respect Bitcoin can be said to be most like “digital gold”, in regards to its monetary characteristics.


The use cases of censorship resistant money

These censorship resistant type features are sometimes associated with illegal activity, the so called black market or grey market.  Although there are of course many legitimate use cases of this feature, for example a lack of trust with respect to your partner in the transaction or the high costs associated with enforcing payments, due to dealing in multiple jurisdictions.

Black market areas could include things like, tax evasion, money laundering, illegal drug dealing, sex related services, the sale of illegal weapons, bribery and organized crime.  Grey market areas could be considered as legal goods and services, sold in an unauthorized way.  Grey market type transactions could be said to include:


  • Remittance to or from a country imposing some form of capital controls,
  • An individual subject to political oppression restricting the use of their funds,
  • Purchasing products or services from a lower price or alternative region without the consent of the regulator, manufacturer or service provider, for example pharmaceuticals, consumer electronics or media subscription services,
  • Donations to a politically sensitive cause,
  • The sale of cars without proper registration,
  • The unauthorized sale of copyrighted material such as textbooks,
  • Computer software or digital content sold without the correct license,
  • Unauthorized transactions in stocks and shares in the OTC market,
  • Participation in online gambling or poker without meeting regulatory requirements,
  • Sporting event tickets sold in violation of the terms printed on the ticket,
  • The sale of airline loyalty points in the secondary market,
  • A young teenager using online e-commerce systems or in store mobile payment technologies, without being old enough to have the necessary banking relationships,
  • A female using online e-commerce systems, in a cultural environment where its socially unacceptable for females to have banking relationships,
  • Payments for basic services such as babysitting, without registration for sales tax or employment,
  • Payments to a babysitter who has inappropriate immigration status, or,
  • Payments from intelligence services to informants.


These examples may make this use case somewhat controversial and many may think there could be limited upside due to a lack of demand for these goods and services.  However, in our view there is significant demand for this type of use case, indeed some people estimate these types of activities account for the majority of global economic activity, depending on how its measured.

Additionally, as we explained above, Bitcoin offers nothing new here, physical cash already has the features which make it ideal for these scenarios and actually has superior qualities to Bitcoin in relation to censorship resistance.  One key cultural difference is that physical cash is already deeply embedded in society, while Bitcoin is relatively new, making it potentially more controversial.

HSBC UK credit card eligibility criteria – requiring users to be over 18 years old

Note: Credit card systems are typically used as the base layer for mobile payment technologies, which are therefore often inaccessible to those under 18 years of age, unlike cash which is permissionless.


3. Electronic payments

In our view, as we enter the digital age, one characteristic of money trumps all of them.  The ability to use money electronically, such that it can be used over the internet or on a mobile device.  The internet and electronic communication systems are becoming increasingly integral parts of our culture and therefore the ability to use money electrically is an incredibly powerful feature, becoming increasingly important.

However, Bitcoin certainly does not provide anything new in this area either.  When using traditional currencies like the US dollar, internet based payment systems, controlled by computer interfaces have been around for years.  Recently, the options available in this area are improving rapidly, with mobile payment systems gaining significant traction.


Evaluating the combinations of these three characteristics

After reading the above, one may conclude that Bitcoin has no unique characteristics whatsoever.  This is true to some extent, however the key value proposition of Bitcoin, is a unique combination of the above characteristics, namely to have both censorship resistance and an electronic transaction system.  This subtlety can make the value proposition of Bitcoin difficult to understand, resulting in significant amounts of scepticism, when one first comes across the subject.

The below table aims to illustrative the three key features discussed in this note.  Two alternative strategies for Bitcoin are outlined below, one prioritizing low transaction fees and the other prioritizing censorship resistance.  The analysis is an oversimplification, assuming a binary choice between one or the other, when the reality is far more nuanced, however it still illustrates a point.

When choosing to prioritize low fees, the boxes ticked in the below table are identical to those ticked for traditional electronic payment systems, which can already provide both low fees and electronic payments.  However, by focusing on censorship resistance, a unique set of boxes is ticked, ensuring Bitcoin provides a unique set of features that cannot be offered by any of the competing systems.  No other monetary or payment system is able to offer both censorship resistance and electronic payments.  Therefore, in our view, however vital low transaction fees are, if we are faced with a decision, the smart choice may be to prioritize the strategy that provides the most unique combination of characteristics.  This could mean choosing censorship resistance, rather than focusing on what appears to be the most immediately useful requirement.


Ability to offer low transaction fees Ability to offer censorship resistant type features Ability to transact electronically
Physical cash
Bank deposit/traditional electronic payment systems
Bitcoin (Priority: Low fees)
Bitcoin (Priority: Censorship resistance)


Of course Bitcoin still needs to balance the need for both low fees and censorship resistance, and hopefully can achieve both, perhaps with new technology. Therefore, in the medium or longer term, perhaps all three boxes in the above table can be ticked.



We conclude that the “point” of Bitcoin is to provide characteristics traditionally only available when using physical cash, but in an electronic form, suitable for the digital age.  An “electronic cash system“.  Therefore its a false dichotomy to believe we are facing a choice between “digital gold” and a cash type system.  Bitcoin can be considered as a hybrid option, between digital gold, physical cash and traditional electronic payment systems.


Revisiting The DAO

Abstract: In this piece we revisit “The DAO” and the events following its failure.  We analyse what happened to the various buckets of funds inside The DAO, on both sides of the chainsplit which it caused.  We identify US$140 million of unclaimed funds still inside what is left of The DAO.


Key points

  • The DAO hacker appears to control tokens worth approximately US$60 million.
  • There are currently around US$140 million of unclaimed funds still inside The DAO withdrawal contracts.
  • In June 2017, the US Dollar value of funds unclaimed inside The DAO was higher than the value of the amount initially raised in May 2016.
  • A deadline is approaching, 10 January 2018, after which some of the funds, around US$26 million, may no longer be available to be claimed.


The DAO marketing material from May 2016

Source: DaoHub




In the early summer of 2016, one project generated a substantial amount of excitement and buzz in the crypto space, “The DAO”. DAO stands for Decentralized Autonomous Organization, and to the confusion of many, “The DAO” consumed that entire moniker for itself. The DAO was to be an autonomous investment fund, investing in projects determined by the token holders.  The fund was to be governed by a “code is law” philosophy, as opposed to the centralized top down control mechanisms in traditional investment funds, where key individuals matter.  

Many believed this novel approach would lead to superior investment returns.  Although it is a unique and potentially interesting approach, in our view, expecting strong investment returns at this point may be somewhat naive.

The fund raised Ethereum tokens worth approximately US$150 million at the time, around 14% of all the ether in existence, with investors presumably expecting spectacular returns.  The downside risk was expected to be minimal or zero, since one was supposed to be able to withdraw one’s Ethereum from The DAO, whenever one wished. In reality, doing so was a complex and error-prone process.



Problems with The DAO

As it turns out, The DAO was fundamentally flawed on several levels, as many in the Ethereum Foundation pointed out before the exploit was discovered.  For instance:


  • Economic Incentives – The incentive model of the project was poorly thought out.  For example there was little incentive to vote “no” on investment proposals, since “no” voters became invested in approved projects. Those that did not vote did not become exposed to the project. Additionally, there was no stated enforcement mechanism for successful projects to contribute profits back into The DAO.
  • Token viability – When projects were created, it would have end up creating new classes of DAO tokens, such that each class was entitled to different risks and rewards.  This would mean the tokens would not be fungible, an issue poorly understood by exchanges and the community.
  • Buggy code – The code did not always implement what was described or intended.  The smart contract code did not appear to be reviewed adequately. The coders did not appear to fully grasp its language, Solidity, nor some of the states the contract could reach.


A few weeks after the conclusion of the token sale, a “hacker” managed to find an exploit in the code, enabling them to potentially access The DAO’s funds, by draining the main pool of funds into a child DAO in which the hacker potentially had significant control.  This then led to an Ethereum hardfork, to attempt to prevent the hacker from accessing the funds and to return the funds to the initial investors. Since some in the Ethereum community were unhappy about this, it lead to the chain split between ETH and ETC.


In this piece we will:

  • Describe the relationships between the main actors involved in The DAO,
  • Revisit the key events surrounding Ethereum’s DAO hardfork,
  • Explore the movement of ETH and ETC funds inside The DAO, and
  • Speculate on what will happen to the unclaimed funds.



The main groups and individuals related to The DAO


Network map of the main groups and the individuals involved in The DAO

Sources: BitMEX Research, Full sources provided in the table below
Notes: There are other Ethereum foundation members with no association to The DAO, which are excluded from the above mapping.  Blue circles represent individuals; while yellow circles represent organisations.


List of the major parties involved in The DAO

Name Description People involved A DAO community website promoting The DAO, hosted by DAO.Link Felix Albert , Auryn Macmillan, Boyan Balinov, Arno Gaboury, Michal Brazewicz ,  Taylor Van Orden , Des Donnelly, Daniel McClure (Source) wrote the code for The DAO and the company was hoping to develop smart locks. was expected to be financed by The DAO Stephan Tual, Lefteris Karapetsas, Griff Green, Christoph Jentzsch, his brother Simon Jentzsch, Gavin Wood and Christian Reitwießner (Source)
The “Hacker” The exploiter of The DAO Anonymous
DAO Token Holders (DTH)

Individuals from the general public who contributed to The DAO crowdsale or purchased DAO tokens on the open market

22,873 account holders (Source)
The DAO Curators 3rd party “arbitrators” separate from to manage disputes or emergency situations arising from The DAO Taylor Gerring, Viktor Tron, Christian Reitwießner, Gustav Simonsson, Fabian Vogelsteller, Aeron Buchanan, Martin Becze, Vitalik Buterin, Alex Van de Sande, Vlad Zamfir and Gavin Wood (Source)
Note: Gavin Wood resigned as a DAO Curator prior to the exploit
Bity A Swiss based cryptocurrency exchange in partnership with  The exchange publishes WHG announcements (Source) Alexis Roussel (Source)
DAO.Link A Swiss registered joint venture company between and Bity, which hosts the DAOHub website (The website promoting The DAO, pictured above) Stephan Tual, Simon Jentzsch, Alexis Roussel (Source)
Robin Hood Group (RHG) The original “white hat” group, which secured the majority of The DAO funds pre-fork

Publicly: Alex Van de Sande, Griff Green, Lefteris Karapetsas
Stephan Tual claims: “individuals from the eth foundation, devs, security experts, ethcore, slock, etc” (Source)

Whitehat Group (WHG) The organisation which took ownership of ETC from the RHG.  The WHG has close ties to Bity Only publicly known members are Jordi Baylina and Griff Green (Source)
The Ethereum Foundation Non profit foundation behind the creation of Ethereum Many individuals including some of the founders of Ethereum (Source)



The DAO timeline

In order to fully understand and account for the proper ownership of the funds, we must revisit the provenance of The DAO funds before, during and after the hardfork.


Date Event Movement of Funds
30 April 2016 The DAO crowdsale is launched (Source:
25 May 2016 The DAO crowdsale concludes c11.5 million pre-fork ETH raised
17 June 2016 The DAO is drained into a Child DAO by the hacker
(Source: New York Times)
c3.6 million pre-fork ETH drained to Hacker’s Child DAO


A “Child DAO” can be “split” from the main DAO as part of the The DAO’s governance process, similar to a spin-off company.

The splitting process was exploited by the hacker using a recursive call exploit, which drained more funds from the parent DAO than intended. The owner of a newly formed Child DAOs cannot withdraw those funds immediately; they have to wait for a voting period to end before securing those funds and being able to freely transfer them.

This voting period gave the Ethereum community a window of opportunity to attempt to reclaim the funds by attempting to exploit the hacker’s Child DAO using the same vulnerability. This, however, may have resulted in perpetual splitting and a “DAO War”, whereby the funds would be stuck in limbo forever as long as neither the hacker nor RHG gave up. This process could be easily scripted so would not take much effort on either side.

One way to solve this would be the implementation of a softfork to censor the hacker’s transactions, preventing him/her from participating in this war and quickly allowing the funds to be recovered.


Date Event Movement of Funds
21 June 2016
RHG begin “DAO Wars” and are able to to recover a majority of the funds
(Source: Reddit)
c8.1 million pre-fork ETH Drained into the RHG’s Child DAOs using the same vulnerability
24 June 2016
“DAO Wars” softfork proposed to secure attacker’s c3.6 million pre-fork ETH
(Source: Ethereum Foundation)
Would have censored transactions to prevent hacker from accessing their Child DAO
28 June 2016
Critical flaw in “DAO Wars” softfork discovered and it is abandoned
(Source: Hacking Distributed)


At this point, the RHG have managed to secure around 70% of the funds by exploiting other Child DAOs, but in order to guarantee the ability to reclaim the remaining c30% (around 3.6 million pre-fork ETH), a hardfork is the only possibility.  Moreover, the softfork proposal was found to have critical security vulnerabilities and was quickly scrapped.


Date Event Movement of Funds
20 July 2016
Hardfork is implemented, effectively undoing the effects of The DAO hack and making DTH whole on the forked ETH chain. Implemented via two withdrawal contracts.
(Source: Ethereum FoundationThe Ethereum Wiki)
c11.5 million post-fork ETH returned to DAO withdraw contract and can be claimed by DTH based on their current DAO token balances
20 July 2016
ETC, the ‘not-forked’ chain continues to be mined
The RHG and The DAO hacker will eventually have access to ETC in Child DAOs


After the fork, there are two chains in parallel universes. One, ETH, where the hack is undone, and one ETC, where the hack remains. The RHG have still secured around 70% of the ETC, and could have continued the attack on the ETC chain using the aforementioned ‘DAO wars limbo’ strategy, but decide not to. To refund DTH on the ETH chain, a withdrawal contract is used, which DTH must call to claim their ETH.


Date Event Movement of Funds
23 July 2016
ETC is listed on Poloniex, other exchanges follow suit. ETC/USD reaches 1/3 of ETH/USD
(Source: Twitter)
9 Aug 2016
The RHG hands ownership of the ETC funds to the WHG. The WHG receive funds in their ETC multisig wallet as the ETC Child DAOs mature
(Source: Bity)
c8.1 million ETC Secured by the WHG
10 Aug 2016
Unannounced, WHG/Bity use Bity’s “verified money service business” account to attempt to tumble and swap 3 million ETC on 4 exchanges for ETH, BTC and EUR
(Source: Bity)
Poloniex freezes 2.3 million ETC, Kraken trades but freezes 1.3 million worth of ETC, Bittrex trades and processes 82k ETC, Yunbi trades and processes 101k ETC
12 Aug 2016
After the majority of the tumbled ETC is frozen, WHG/Bity announce that they have decided not to sell the ETC for ETH, and instead will distribute ETC to DTH
(Source: Reddit)
Bity trade back BTC, ETH and EUR into c1.5 million ETC, bringing their balance back to c8.1 million ETC


Graphical illustration of the above transactions

Source: Gliffy


Date Event Movement of Funds
26 Aug 2016
Bity announce launch of the “Whitehat Withdrawal Contract”
(Source: Bity)
30 Aug 2016
Bity announce that the first version of “Whitehat Withdrawal Contract” is published
(Source: Bity)
c4.2m ETC transferred from WHG to the withdrawal contract, c0.6 million claimed by DTH.  DTH are entitled to receive funds based on their DAO token balance at the time of the harfork, not the current token balance as is the case for ETH.
30 Aug 2016 Bity announce that second version of “Whitehat Withdrawal Contract” is published
(Source: Bity)
c3.8 million ETC transferred from old contract to new contract
6 Sept 2016
Bity announce that the remaining ETC (including that which was attempted to be traded on exchanges, and some from matured Child DAOs) is transferred to the Whitehat Withdrawal Contract
(Source: Bity)

c4.3 million ETC transferred from WHG exchange accounts and multisig into withdrawal contract.

During the time these trades were made, the price of ETC dropped in value relative to ETH, BTC and/or EUR, causing the trade back into ETC to yield an additional 700,000 of ETC that was added to the Whitehat Withdrawal Contract.  The exact details of these on-exchange swaps were not made public.


Graphical illustration of the above transactions

Source: Gliffy


Date Event Movement of Funds
6 Sept 2016
DAO Hacker moves the funds from his “Dark Child DAO”
(Source: Gas Tracker)
c3.6 million ETC Secured by Hacker
6 Sept 2016 DAO Hacker donates some ETC to the ETC development fund
(Source: Gas Tracker)
1,000 ETC sent to ETC developer fund
25 Oct 2016 to
7 Dec 2016
DAO Hacker tumbles funds into many different accounts, potentially swapping to different currencies
(Source: Gas Tracker)
c0.3 million ETC tumbled by hacker


At the time of writing the hacker has not touched the vast majority of the drained ETC, and is sitting on a stash of 3,360,332 ETC, worth US$58 million.

One feature of the Whitehat Withdrawal Contract is that a limit is set for the ETC funds to be withdrawn (originally set to 3 months, expiring on 30th January 2017). Due to a large proportion of the funds not being claimed within the 3 months given, this period was extended twice:


Date Event Movement of Funds
30 Jan 2017
Bity Announce the extension of the ETC Whitehat Withdrawal contract deadline to 14 April 2017
(Source: Bity)
14 April 2017
RHG Announce the extension of the ETC Whitehat Withdrawal contract deadline to 10 January 2018
(Source: Reddit)
10 Jan 2018
ETC Whitehat Withdrawal contract deadline ?


There have been no major events since then to the present day; the vast majority of ETH funds have been withdrawn by DTH, as has the majority of ETC.



The unclaimed funds

As at 19th November 2017, there is approximately US$140 million of unclaimed funds, as the approximate breakdown below illustrates.


DAO related funds on the ETH side of the fork

Bucket ETH Unclaimed US$ million Percent
Claimed balances
ETH Withdrawn by DTH 11,286,046 97.3%
Unclaimed balances
Unclaimed ETH in DAO Withdraw (Source) 235,414 86.6 2.0%
Unclaimed ETH in DAO ExtraBalance (Source) 76,204 28.0 0.7%
Unclaimed total 311,618 114.7 2.7%
Claimed & unclaimed
Total funds 11,597,664   100.0%

Source: BitMEX Research, Ethereum blockchain
Note: USD/ETH price of $368 used


DAO related funds on the ETC side of the fork

Bucket ETC  US$ million Percent
Hacker funds
ETC retained by Hacker 3,642,408 66.6  30.1%
WHG Funds
ETC Withdrawn by DTH (including donations) 7,035,319 58.2%
Unclaimed ETC (Source) 1,405,072 25.8 11.6%
WHG Total 8,440,391   100.0%
Hacker & WHG funds
Total funds 12,082,799

Source: BitMEX Research, Ethereum Classic blockchain
Note: USD/ETC price of $18.30 used


DAO related funds on the ETC side of the fork

Source: BitMEX Research, Ethereum Classic blockchain


Unclaimed DAO balances over time – ETH & ETC

Source: BitMEX Research, Github


Unclaimed DAO balances over time – USD

Source: BitMEX Research, Coinmarketcap, Github


As the chart above illustrates, at the Ethereum price peak in July 2017, the US Dollar value of unclaimed Ethereum inside DAO withdrawal contracts was even higher than the US$150 million initially raised.



Withdrawal Contract “Gotchas”

Whilst the notion of a withdrawal contract sounds binding, all of the unclaimed funds are still in the control of the owners of those contracts.


Safety Hatches

All of the three withdrawal contracts have ‘safety hatch’ mechanisms, meaning the ‘owners’ of these contracts have the ability to withdraw all of the funds at any time.



Whilst The DAO Curators have not indicated this is planned, it may be tempting to appropriate these funds if it is deemed that no more withdrawals will take place. The WHG, in contrast, have designed their contract specifically to ensure this happens.


Whitehat Deadline

The Whitehat Withdrawal contract also has a timeout system for when DTH are able to withdraw their funds. This deadline will expire on January 10th 2018 (although it has been extended twice before), so attempts to withdraw after this deadline may be denied.



What next for the US$26 million of unclaimed ETC?

The next obvious question is:

What happens to the unclaimed funds on January 10th 2018?

There are four clear options at present:


  1. Have WHG/Bity keep the funds as payment for their service, returning some of the ETC
  2. Donate the funds to a charity or the “community”, perhaps  the ETC, DTH or ETH community
  3. Extend the deadline again
  4. Commit to allowing withdrawals indefinitely, as with the ETH withdrawal contracts


An official response from Bity, suggested they may lean towards option two:


We feel that these funds should be donated to the DAO Token holders community where they originated from. After 6 months, we want to be able to donate these unclaimed funds to a community wide effort, like a foundation supporting smart contracts security. We want these funds to be used to develop the future of structures of Decentralized Governance, DAOs and smart contracts. We will see what options are available at the time.

Source: Bity


Of course, questions of who represents the ‘DTH Community’ will arise, and whether or not the funds are being spent in a transparent matter may come into question. Due to the anonymous nature of who is behind WHG, it may be difficult for the community to properly audit the spending of these unclaimed funds.

Additionally, this arbitrary timeline that prevents individuals in the future from claiming funds that are rightfully theirs may result in future legal action. As such, there is a possibility that WHG is only left with option 3 or 4, and will potentially allow ETC withdrawals to continue in perpetuity.

However, January 2018 will be over 18 months after The DAO, a long time in the crypto space.  In addition to this the price of both ETH and ETC has risen considerably since The DAO. Therefore perhaps some DTHs may forget about their tokens in all the excitement and wealth generation, which is prevalent in the Ethereum ecosystem.



Whilst many claims made in this note are cited, we do not guarantee accuracy. We welcome corrections.

The implications for Bitcoin of the new Bitcoin Cash difficulty adjustment mechanism

Abstract: In this piece we examine the potential impact of Bitcoin Cash’s new rolling 24 hour difficulty adjustment algorithm on the Bitcoin network.  We look at the possible implications of price movements of Bitcoin Cash, with respect to hashrate oscillations between the two coins.



In our last piece we looked over the history of coins sharing the same hashing algorithm and some of the potential problems related to swings in the hashate between the two respective coins.  In this piece we look more closely at Bitcoin and how it could be effected by changes in the price of Bitcoin Cash.

Bitcoin has a longer difficulty adjustment period than Bitcoin Cash, a two week adjustment windows, compared to the rolling one day period Bitcoin Cash now has.  Therefore, in the event of price movements changing relative mining incentives between the chains, Bitcoin will be slower to adjust and achieve the the 10 minute target time than Bitcoin Cash.  This could be a potential problem for the usability or integrity of the Bitcoin network.


A worked example of a Bitcoin Cash price increase

For this rest of this piece, broadly speaking, we assume miners have the objective of maximizing profits in the short term.  In reality miners may also consider other factors or have other objectives, for example, to see their favorite coin succeed, their hated coin fail, or they may try to maximize the long term value of their investment in coins and mining hardware, by focusing on maintaining network stability.

The following scenario applies to an increase in the price of Bitcoin Cash,  similar logic can be used for other price movements:

  1. There is stable equilibrium, where each coin is approximately achieving its 10 minute target time and the hashrate distribution is broadly speaking allocated in proportion to the relative price of each coin.
  2. The price of Bitcoin Cash increases.
  3. Bitcoin Cash then has higher mining profitability than Bitcoin and a significant amount of hashrate moves over to Bitcoin Cash.
  4. Within a day, Bitcoin Cash’s difficulty re-targeting mechanism quickly adjusts, such that the Bitcoin Cash block interval is around 10 minutes.
  5. Due to the higher difficulty on Bitcoin Cash, some of the hashrate moves back over to Bitcoin.  The Bitcoin block interval is longer than 10 minutes, since not all of the hashrate moves back over.
  6. Within around two weeks, Bitcoin’s difficulty re-targeting mechanism adjusts, and Bitcoin’s block interval reaches 10 minutes again.  More hashpower moves back over to Bitcoin, such that the hashrate distribution is approximately in proportion to the new relative price of the two coins, an equilibrium state.

The below table illustrates the above example with actual numbers.


Illustration of hashrate oscillation dynamics – Increase in the price of Bitcoin Cash

Initial state Immediately after the price increase After the Bitcoin Cash difficulty adjustment After the Bitcoin difficulty adjustment
Relative prices
Bitcoin 1.0 BTC 1.0 BTC 1.0 BTC 1.0 BTC
Bitcoin Cash 0.2 BTC 0.4 BTC 0.4 BTC 0.4 BTC
Relative mining profitability
Bitcoin 1.00x 1.00x 1.00x 1.17x
Bitcoin Cash 1.00x 2.00x 1.00x 1.17x
Expected hashrate distribution
Bitcoin 83.3% 0.0% 66.7% 71.4%
Bitcoin Cash 16.7% 100.0% 33.3% 28.6%
Expected block interval
Bitcoin 10 minutes n/a 12.5 minutes 10 minutes
Bitcoin Cash 10 minutes 1.7 minutes 10 minutes 10 minutes

Source: BitMEX Research
Notes: The above model is an over simplification and excludes several other stages of hashrate oscillations.  The table assumes hashrate is distributed according the relative price levels of the two coins.  Transaction fee dynamics are excluded.


Implications for the Bitcoin network

The above illustrates that the Bitcoin chain could experience block interval swings for longer periods than Bitcoin Cash, due to the longer difficulty adjustment window.  However, the data also shows that even a large fluctuation in the price of Bitcoin Cash, from 0.2 BTC to 0.4 BTC, only increases the expected Bitcoin block interval by 25% to 12.5 minutes, after the Bitcoin Cash difficulty adjusts.

These slower blocks may generate some additional transaction congestion on the Bitcoin chain.  Although, somewhat ironically, this particular problem is likely to be of greater concern to Bitcoin Cash supporters than a Bitcoin supporters.  Many long term Bitcoin holders may not be concerned by periods of 12.5 minute blocks, as they are looking ahead to the long term, while this issue should be resolved within around two weeks.  Although this may be disruptive to users in the medium term, in our view, it is unlikely Bitcoin Cash will maintain such high levels of price volatility for extended periods of time.  Therefore the above problem may not be a serious concern.

However, it is possible that price volatility and therefore hashrate oscillations could remain for extended periods of time.  If this is the case, although Bitcoin may deviate from 10 minute intervals for longer periods, the magnitude of the deviation could be larger for Bitcoin Cash.  This could therefore impact both coins in a negative way.  Should this occur, the eventual Nash equilibrium end game solution could be merged mining, as we discussed in the previous piece.  Although due to the current confrontational political climate, reaching such a solution could take a considerable amount of time and reconciliation.


Bitcoin Cash difficulty adjustment schemes designed to cause disruption

There may be some small elements within the Bitcoin Cash community who wish to disrupt the Bitcoin network. For example, some people may have attempted to combine the timing of a rally in the price of Bitcoin Cash with a sharp downward difficulty adjustment caused by the EDA, to drive miners to Bitcoin Cash and disrupt the Bitcoin network.

If the plan is to cause this kind of disruption, one potential idea could be to increase the difficulty adjustment period, for example to a two month window form a one day rolling period.  This would mean that following a sharp price rally of Bitcoin Cash, the difficulty of Bitcoin Cash would take longer to adjust than Bitcoin.  Therefore Bitcoin Cash could remain more profitable than Bitcoin for longer periods, potentially causing disruption and transaction congestion on the Bitcoin network.

However, a long difficulty adjustment window like this may contradict the Bitcoin Cash philosophy. A shorter difficulty adjustment period, larger blocks and lower block times improve usability, which is a key focus of Bitcoin Cash.  In contrast, longer difficulty adjustment periods, smaller blocks and longer block intervals, may improve resilience, which appears to be a key priority for the Bitcoin community.  Therefore Bitcoin Cash is unlikely to adopt such a policy, in our view.

Another issue with this longer two month difficulty adjustment window is that the level of disruption to Bitcoin Cash, relatively speaking, with respect to periods with fewer blocks, will be even larger than for Bitcoin.  Therefore this approach could be considered a lose lose type scenario.  As we expressed above, ultimately, the win win scenario could be something like merged mining.

The Litecoin vs. Dogecoin hash-rate wars of 2014 and implications for Bitcoin vs. Bitcoin Cash

Abstract: In this piece we look at the hash-rate oscillations between Litecoin (LTC) and Dogecoin (DOGE) in 2014. We compare it to the current Bitcoin (BTC) and Bitcoin Cash (BCH) hash-rate oscillations and  consider whether we can learn any lessons from history.


Although there are many crypto tokens, the number of proof-of-work tokens, with their own set of miners, is surprisingly small — so having two significant proof-of-work tokens that share the same hashing algorithm is quite rare. There appear to be three examples of significant hash-rate oscillations caused by this kind of setup:

Year Coins Hashing algorithm
2014 Litecoin (LTC) vs Dogecoin (DOGE) Scrypt
2016 Ethereum (ETC) vs Ethereum Classic (ETC) EtHash
2017 Bitcoin (BTC) vs Bitcoin Cash (BCH) SHA256

(Source: BitMEX Research)

A comparison of the 2014 Litecoin (LTC) versus Dogecoin (DOGE) hash-rate oscillations with the 2017 Bitcoin (BTC) versus Bitcoin Cash (BCH) oscillations may reveal some lessons.

In early 2014, Dogecoin enjoyed a sudden, meteoric increase in price (figure 1). Its mining incentives increased quickly and this attracted significant hash-rate. The consequences resembled those of Bitcoin Cash’s infamous emergency difficulty adjustment (EDA), which resulted in sharp drops in mining difficulty and made Bitcoin Cash’s mining incentives higher than Bitcoin’s for short periods. Both instances caused sharp swings in the hash rate and network distribution between the respective coins.

We will look back at the 2014 incident with the help of some charts of hash-rate oscillation to see what it has to tell us about the swings in hash rate between Bitcoin and Bitcoin Cash, which many are tracking on the website.

Mining incentives vs. the difficulty adjustment

The hash-rate distribution between two tokens with the same hashing algorithm should, in theory, be allocated in proportion to the total value of mining incentives on each respective chain. Mining incentives can be thought of as the USD value of both expected block rewards and transaction fees in any given period of time.

Even when token prices, block rewards, and transaction fee levels are temporarily stable, within difficulty adjustment periods further oscillations can occur because miners may switch to more profitable tokens with lower difficulty until the difficulties of the two tokens achieve equilibrium.

Litecoin vs. Dogecoin in 2014

Dogecoin enjoyed a large price rally in early 2014 and then began to challenge Litecoin for the title of the highest hash-rate Scrypt-based token. Litecoin has a two-and-a-half-minute block target time and its difficulty adjusts every three and a half days. Dogecoin has a one-minute target time and at the start of 2014 had a four-hour difficulty adjustment period.

Figure 1: Litecoin (LTC) versus Dogecoin (DOGE) price chart for 2014 (in USD). (Source: Coinmarketcap, BitMEX Research)

The Dogecoin price increased much faster than Litecoin in the early part of 2014 although, as figure 2 shows, Dogecoin never really approached Litecoin’s market capitalisation. Despite its lower market capitalisation, Dogecoin’s higher inflation rate meant that miner rewards were often higher, and a majority of the Scrypt hash rate switched over to Dogecoin during some periods.

Figure 2: Litecoin (LTC) versus Dogecoin (DOGE) market capitalisation in 2014 (in millions of USD). (Source: Coinmarketcap, BitMEX Research)

Dogecoin’s hash rate exceeded Litecoin’s in late January 2014, as figure 3 indicates. The hash rate swung between the coins for roughly a month as miners switched back and forth.


Figure 3: Litecoin (LTC) versus Dogecoin (DOGE) hashrate chart – billion hashes per second – 2014. (Source: Litecoin blockchain, Dogecoin blockchain, BitMEX research)

When, in 2017, Bitcoin Cash had higher mining incentives per unit of time than Bitcoin, many miners switched to Bitcoin Cash, repeating the pattern of 2014. As figure 4 shows, miners followed the money back then too.

A key difference is that even after the difficulty found equilibrium, Dogecoin at times offered higher USD value of mining incentives. In 2017, in contrast, Bitcoin Cash’s incentive lead was always only driven by anomalies in the difficulty adjustment algorithm. Bitcoin always had higher incentives per block than Bitcoin Cash. The higher incentives of Bitcoin Cash came per unit time from its faster blocks and as soon as the difficulty returned to equilibrium, Bitcoin regained its position as the highest incentive SHA256 coin.

Figure 4: Litecoin (LTC) versus Dogecoin (DOGE) mining incentive (USD per day) versus hash-rate share in 2014. Transaction fees were not included in the mining-incentive calculation. (Source: Coinmarketcap, Litecoin blockchain, Dogecoin blockchain, Dogecoin Github, BitMEX Research) 

In order to calculate mining incentives for Dogecoin, we had to consider what occurred in 2014, including six changes to the block reward and two hardforks. These changes are outlined in the table of figure 5.

Date Block number Event type Expected block reward Comment
New Old
14 Feb  100,000 Mining-reward change  250,000 500,000 Random reward between 0 and 500,000 DOGE.
17 Mar  145,000 Hardfork 250,000 250,000 Difficulty retargeting period reduced to one minute from four hours. Randomness removed from block reward.
28 April  200,000 Mining-reward change 125,000 250,000
15 July  300,000 Mining-reward change 62,500 125,000
11 Sept  371,337 Hardfork Merged mining with Litecoin enabled.
2 Oct  400,000 Mining-reward change 31,250 62,500
14 Dec  500,000 Mining-reward change 15,625 31,250

Figure 5: Dogecoin (DOGE) 2014 event timeline. (Source: Dogecoin blockchain, Dogecoin Github, BitMEX Research)

As figure 5 indicates, on 17 March 2014, Dogecoin changed the difficulty adjustment algorithm, reducing the target time to just one minute (one block) in order to try and alleviate some of the disruption caused by the hash-rate volatility.

Merged mining

In September 2014, Dogecoin activated its merged-mining hardfork. Merged mining is the process by which work done on one chain can also be considered valid work on another chain. Dogecoin can therefore be thought of as an auxiliary blockchain of Litecoin, in that Dogecoin blocks contain an additional data element pointing to the hash of the Litecoin block header, which is considered as valid proof of work for Dogecoin.

The merged-mining system is considered the ultimate solution to the hash-rate oscillation problem, ensuring stability even in the event of sharp token-price movements.

Implications for Bitcoin Cash

The Bitcoin Cash community is unlikely to want to implement merged mining, perhaps for political reasons, in the medium term. Some in the Bitcoin Cash community see Bitcoin as an adversary chain, rather than one with which it should coexist peacefully. Allowing merged mining can be considered the ultimate peace arrangement between two chains. Initially, some in the Dogecoin community were also unhappy about merged mining, but the community eventually realized that it was the best solution to their hash-rate oscillation problem.

However, Bitcoin Cash has recently fixed the EDA issue, which we highlighted in early September as a potential problem. Perhaps the new one-day rolling difficulty adjustment, combined with better price stability, will solve the hash-rate oscillation problem, such that no more fixes are required. If this doesn’t solve the problem, perhaps alternative difficulty adjustment schemes could be tried before merged mining may slowly makes its way onto the agenda.

Trading Tip: Attempt to obtain free Bitcoin Cash on Bitfinex

Abstract: In this piece we explain a reasonably risky way to obtain free Bitcoin Cash (BCH) on the Bitfinex platform, by purchasing the BCC token.  This BCC token represents the Bitcoin Core side of the Bitcoin Unlimited futures contract.


Strategy overview

As we explained in our piece a few weeks ago, Bitfinex allow their customers to trade various Bitcoin chain split tokens, however as we explained some of these tokens have overlapping periods.

One of these tokens, Bitcoin Cash (BCH), launched in August 2017, we discussed this token in our earlier piece on the subject.  The launch of Bitcoin Cash occurred during the Bitcoin Unlimited futures contract period.  Therefore in theory, those who held BCC (the “Bitcoin Core” side of the Bitcoin Unlimited contract), had their Bitcoins locked up in this contract at the time of the Bitcoin Cash hardfork.  When this contract settles in December, holders of BCC may receive some Bitcoin Cash.

Bitfinex even eluded to this with the following statement:

CSTs with overlapping contract periods and other forking events may need to be adjusted to reflect the correct economics. We are aware the the BCC/BCU CSTs need retroactive adjustments to reflect BCH, as well as BTG, after the event tomorrow. Similarly, BT1/BT2 may need to be adjusted to reflect any BTG that accrues to the locked up BTC. We have a plan for this and may not be able to implement it immediately, but it is fair to our users and will be applied retroactively in a non-intrusive way. More details will follow on this next week.

Source: Bitfinex


Investment recommendation

Due to the recent price rally in Bitcoin Cash, with it currently trading at around 0.35 BTC, in our view, it may be a good idea to invest in the BCC token on Bitfinex, to try to obtain some exposure to Bitcoin Cash, without paying for it.

There are two ways of achieving this:

  1. Buy BCC in the market.  The current price of BCC is around 0.96 BTC and in theory the price could increase and trade at 1.0 (Or in theory BCC could even trade at a premium to BTC, although new units can be created if this occurs).
  2. Deposit BTC into Bitfinex and then split it into BCU and BCC.  Then one could hold the BCC to the settlement date and hopefully obtain the free BCH.

There are some risks to this trade, as we explain in the section below.  However, with the recent rally in the BCH price, in our view, the risk/reward balance is somewhat favorable.


Investment risks

  • Distribution coefficient – Although the Bitcoin Unlimited futures contract launched prior to BCH, the split tokens could be created both prior to and after the launch of BCH.  Therefore there may not be sufficient BCH in reserve to allocate to all BCC token holders.  A distribution coefficient may be required in order to adjust for this.  Actually some market participants may create new BCC in order to benefit from the trading idea mentioned in this piece, which would make any distribution coefficient less favorable to BCC investors.
  • Bitcoin Cash price – The market value of BCH could fall substantially prior to the Bitcoin Unlimited contract settlement date.
  • Bitfinex Policy – Bitfinex policy with respect to this matter is uncertain and could change.
  • Counterparty risk – The risk that Bitfinex becomes insolvent prior to the Bitcoin Unlimited contract settlement date.


Non Empty Smaller Block Data By Mining Pool

Abstract: In this piece we present data displaying the proportion of smaller blocks produced by the different mining pools, over time.  This follows on from our piece last week looking at empty blocks.


Smaller blocks overview

Following on from our analysis on empty blocks last week, some readers asked for a similar analysis to be conducted for non empty but smaller blocks, by mining pool.  For your consideration, we present some data trying to capture the proportion of smaller blocks by mining pool.  We are not unable to draw any interesting conclusions from this analysis.


Charts illustrating the proportion of smaller blocks by mining pool


Figure 1 – Blocksize bucket analysis by mining pool (in bytes) – 2017

Source: Bitcoin Blockchain, BitMEX Research, (For mining pool name)
Notes:  Data up to 22nd October 2017. Mining pool with less than 800 blocks in the period is excluded


Figure 2 – Blocksize bucket analysis by mining pool (in bytes) – 2016

Source: Bitcoin Blockchain, BitMEX Research, (For mining pool name)
Notes:  Mining pool with less than 800 blocks in the period is excluded


Figure 3 – Blocksize bucket analysis by mining pool (in bytes) – 2015

Source: Bitcoin Blockchain, BitMEX Research, (For mining pool name)
Notes:  Mining pool with less than 800 blocks in the period is excluded.  BTCC Pool had many blocks with 2 transactions in this period


Figure 4 – Percentage of non empty blocks smaller than 10,000 bytes by mining pool – monthly

Source: Bitcoin Blockchain, BitMEX Research, (For mining pool name)
Notes:  Mining pool with less than 250 blocks in the the month is excluded



We chose 10 blocksize buckets:

  1. Less than 500 bytes
  2. 500 bytes to 5,000 bytes
  3. 5,000 bytes to 10,000 bytes
  4. 10,000 bytes to 25,000 bytes
  5. 25,000 bytes to 50,000 bytes
  6. 50,000 bytes to 75,000 bytes
  7. 75,000 bytes to 100,000 bytes
  8. 100,000 bytes to 250,000 bytes
  9. 250,000 bytes to 500,000 bytes
  10. 500,000 bytes to 1,000,000 bytes

The selection of the bucket boundaries was entirely arbitrary and therefore this could weaken the analysis.  Figure 1 appears to indicate that the 10,000 byte bucket may be most significant, due to the apparent spike for some miners in 2017.  Therefore non empty blocks less than 10,000 bytes were chosen as the range for the monthly chart, which is shown in figure 4.


Concluding remarks

As a reminder we do not believe any of the above data is strong evidence for covert ASICBOOST.  Others have argued that smaller or empty blocks by some mining pools could be considered as circumstantial evidence for covert ASICBOOST, without always providing data backing up these claims.  Our objective here was simply to produce charts illustrating the prevalence of these smaller blocks by mining pool.

Empty Block Data by Mining Pool

Abstract: In this piece we present data displaying the proportion of empty blocks (blocks containing only the coinbase transaction) produced by the different mining pools, over time.  We look at the mining methodologies pools could choose and how these policies could impact the proportion of empty blocks.


Empty Block Overview

We recently published a piece describing covert ASICBOOST and we explained the allegation that particular mining pools may be using this methodology.  Some claim that circumstantial evidence supporting this allegation, is that some mining pools produce more empty blocks (or more smaller blocks) than other mining pools.

Readers have asked us for data backing up this assertion, as only limited data has been published on this specific topic, as far as we are aware.  We are not going to draw any firm conclusions from the data on the prevalence of empty blocks, however we present it for your consideration.  We also explain some of the other potential reasons for empty blocks, including SPV mining and SPY mining.


Figure 1 – Summary chart – Rolling average percentage of empty blocks (over 1,000 block period) by pool

Source: Bitcoin Blockchain, BitMEX Research, (For mining pool name)
Notes: Data up to 25th August 2017. Due to the different frequency with which different pools find blocks, the same dates on the chart could reflect different periods


Charts illustrating the proportion of empty blocks by mining pool


Figure 2 – Percentage of empty blocks by pool – 2017 YTD

Source: Blockchain, BitMEX Research, (For mining pool name)
Notes:  Data up to 22nd October 2017


Figure 3 – Percentage of empty blocks by pool – 2016

Source: Blockchain, BitMEX Research, (For mining pool name)


Figure 4 – Percentage of empty blocks by pool – 2015

Source: Blockchain, BitMEX Research, (For mining pool name)


Figure 5 – Percentage of empty blocks by pool – 2014

Source: Blockchain, BitMEX Research, (For mining pool name)


Figure 6 – All time percentage of empty blocks by pool – Monthly data

Source: Blockchain, BitMEX Research, (For mining pool name)
Notes: Data only included if the pool found 300 blocks or more within the month, Data up to 22nd October 2017


Figure 7 – 2016 onwards – percentage of empty blocks by pool – Monthly data

Source: Blockchain, BitMEX Research, (For mining pool name)
Notes: Data only included if the pool found 300 blocks or more within the month, Data up to 22nd October 2017


Figure 8 – 2017 YTD – percentage of empty blocks by pool – Monthly data

Source: Blockchain, BitMEX Research, (For mining pool name)
Notes: Data only included if the pool found 300 blocks or more within the month, Data up to 22nd October 2017


Summary statistics by year (top 11 pools ranked by the last 12 months)


Figure 9 – Summary table for 2017 (to 25th August)

Pool # of blocks Average block size % Empty blocks
Antpool 6,298 897KB 1.8%
F2Pool 3,897 919KB 1.3%
BTCC 2,733 896KB 0.7%
Bitfury 2,852 965KB 0.0%
BW Pool 2,034 933KB 0.1%
ViaBTC 1,990 952KB 0.4%
BTC.TOP 3,199 978KB 0.7%
Slush 1,921 947KB 0.4% 2,265 951KB 2.4%
HaoBTC 931 957KB 2.3%
BitClub 1,236 980KB 0.0%
All Blocks 35,899 936KB 1.1%

Source: Blockchain, BitMEX Research, (For mining pool name)


Figure 10 – Summary table for 2016

Pool # of blocks Average block size % Empty blocks
Antpool 11,479 747KB 4.2%
F2Pool 11,444 772KB 0.9%
BTCC 7,023 718KB 0.8%
Bitfury 5,298 834KB 0.0%
BW Pool 5,373 710KB 2.5%
ViaBTC 1,995 822KB 0.7%
BTC.TOP 27 961KB 0.0%
Slush 2,842 720KB 0.5% 657 976KB 2.1%
HaoBTC 1,443 982KB 1.5%
BitClub 1,662 964KB 0.0%
All Blocks 54,851 776KB 1.8%

Source: Blockchain, BitMEX Research, (For mining pool name)


Figure 11 – Summary table for 2015

Pool # of blocks Average block size % Empty blocks
Antpool 9,815 484KB 8.2%
F2Pool 10,851 499KB 4.0%
BTCC 5,780 390KB 0.1%
Bitfury 5,459 604KB 0.0%
BW Pool 4,129 495KB 4.5%
ViaBTC 0 n/a n/a
BTC.TOP 0 n/a n/a
Slush 2,445 492KB 1.2% 0 n/a n/a
HaoBTC 0 n/a n/a
BitClub 210 509KB 0.0%
All Blocks 54,311 480KB 3.1%

Source: Blockchain, BitMEX Research, (For mining pool name)


Validationless mining – SPV mining & SPY mining

SPV mining

In order to build on top of the previous block and extend the chain, mining pools need the hash of the previous block, but not necessarily the full block with all the transaction data.  Mining pools are in a rush to make the chain as long as they can as fast as possible to increase profits.  Therefore miners often have a policy of trying to find the next block before they have even had time to download and verify the previous block.  If this occurs, a miner typically avoids putting any transactions in the block (apart from the coinbase transaction), as the miner may not know which transactions were in the previous block and including any transactions could result in a double spend, resulting in an invalid block rejected by the network.  The term used to describe this type of activity is “SPV mining”.

The efficacy of SPV mining is debated in the Bitcoin community, with advocates claiming this is legitimate profit maximising activity. While opponents of this policy claim it reduces the transaction capacity of the network (since empty blocks still keep the mining difficulty up) and that it increases the probability of an invalid block receiving more confirmations, ensuring the network is less reliable for payments as double spends are more likely.


SPY mining

Another term often used is “SPY mining”.  When a mining pool wants to get the previous block even faster, they often participate as a miner on a competing pool, but instead of adding actual hashpower to the pool, they use the access to the network to get access to the previous block hash even faster and then use this information obtained by “spying” on their own pool.


Pool policies

Different mining pools are said to have different policies.  For example AntPool is said to conduct SPV mining, while Bitfury is said to not engage in this practice.  As figure 9 shows, Bifury produced 0.0% empty blocks in 2017, compared to Antpool on 1.8%.  SPV mining is believed to be the primary cause of this difference.


The ASICBOOST allegation

The above factors may explain the difference in the proportion of empty blocks, rather than covert ASICBOOST.  Alternatively, there could be another factor which we are not aware of, neither SPV mining nor ASICBOOST, causing the variation.

However, those supporting the covert ASICBOOST theory have been able to use the empty block data to generate circumstantial evidence supporting their theory.  For example figure 8 could be said to demonstrate the following:

  • Up until April 2017 Antpool (orange) produced the highest proportion of empty blocks, at a rate far higher than its peers
  • In April 2017 this switched to (dark blue) a pool owned by the same company as Antpool
  • In October 2017, unknown miners (light green) started to produce empty blocks, as Antpool tried to conceal its policy even further

In our view this hypothesis is certainly possible, but also reasonably weak. Further evidence may be required to draw any firm conclusions.


The time gap between blocks

Another factor to consider is timing.  SPV mining occurs because miners are keen to get to work on the next block quickly, before they have had time to validate the previous block.  Therefore, in the majority of cases where miners do not quickly find the next block, say within 30 seconds, the impact of SPV mining should be limited, since miners do have time to validate.

Figure 12 below is a repeat of figure 3 above, except this time we have excluded the empty blocks which occurred within 30 seconds of the previous block being found.  This may partially remove the impact of SPV mining.  Although the data with respect to timing may not be reliable.


Figure 12 – Percentage of empty blocks by pool – 2016 (30 second gap or more from the previous block)
Source: Blockchain, BitMEX Research, (For mining pool name)
Notes:  The time gap may not be reliable


Smaller but non empty blocks

The analysis in this piece only looks at empty blocks.  The ASICBOOST allegation is not only about empty blocks, but also smaller blocks. Smaller but non empty blocks can also assist with covert ASICBOOST due to the smaller size of the Merkle tree.  In a later piece we plan to look at the proportion of these smaller blocks in more detail.

In the below analysis we compared the timing between the previous blocks and the blocksize, for two particular pools.  One which claims to do SPV mining (Antpool) and one which claims not to (Bitfury).

The charts illustrate that the variations between pools are not just about empty blocks, but also smaller blocks.  The charts show that Bitfury has a more “tidy” chart, with smaller blocks only occurring when the time gap between the previous block was small.  In contrast the Antpool chart appears more “messy”, with empty and smaller blocks more prevalent regardless of the time gap between the previous block.


Figure 13 – Antpool (2017 YTD) – Blocksize compared to the time gap between the previous block

Source: Blockchain, BitMEX Research, (For mining pool name)
Notes: The y-axis is the time gap from the previous block in seconds, the x-axis is the blocksize in bytes.  The time gap may not be reliable


Figure 14 – Bitfury (2017 YTD) – Blocksize compared to the time gap between the previous block

Source: Blockchain, BitMEX Research, (For mining pool name)
Notes: The y-axis is the time gap from the previous block in seconds, the x-axis is the blocksize in bytes.  The time gap may not be reliable


It is difficult to draw any firm conclusions from these charts.  However one ironic thing stands out to us, from this analysis.  The pools arguing most vigorously for larger blocks, tend on average, to produce smaller blocks.


The Bitfinex chain split tokens

Abstract: In this piece we look at the ten different chain split tokens that could exist on the Bitfinex platform in 2017 and some of the complexities and challenges involved.  There are circumstances in which the policies Bitfinex has chosen are unfair and place a burden on customers, however perhaps this could not be avoided.


Chain split token overview

Bitfinex chain split tokens – 2017

Source: Bitfinex, BitMEX Research
Notes: It is not known if the Bitcoin Unlimited chain will exist as a different coin to Bitcoin at the time the contract is due to settle in December 2017


The above diagram illustrates the 10 chain split tokens which could exist on the Bitfinex platform in 2017.  During the year various groups created spin-off coins of Bitcoin and Bitfinex provided its customers the opportunity to trade these tokens.  Typically each spin-off can result in three new tokens.  For example SegWit2x resulted in:

  • BT1 – The futures contract token redeemable for BTC after the fork
  • BT2 – The futures contract token redeemable for B2X after the fork
  • B2X – The SegWit2x token itself

As we explain below, allowing the trading of all these tokens results in operational problems for Bitfinex, places inconvenient burdens Bitfinex customers and results in various scenarios which are “unfair” for customers.  However, avoiding any of these issues is difficult and perhaps potentially impossible, given the complexities involved.  In many ways Bitfinex has done a service to the community by rising to the challenge and supporting these tokens.

A full timeline of the events related to the 10 chain split tokens is provided in the table below.


Bitfinex 2017 Chain Split Token Timeline

Date Event From To Margin longs receive tokens Margin shorts owe tokens BTC lenders receive tokens* BTC borrowers owe tokens*
 18/03/2017 Optional Split BTC BCC + BCU n/a n/a n/a n/a
 01/08/2017* Distribution BTC BCH    
 06/10/2017 Optional Split BTC BT1 + BT2 n/a n/a n/a n/a
 23/10/2017 Optional Split BTC BG1 + BG2 n/a n/a n/a n/a
 24/10/2017 Conversion BG1 BTC n/a n/a n/a n/a
 24/10/2017 Conversion BG2 BTG n/a n/a n/a n/a
 24/10/2017 Distribution BTC BTG  
 27/10/2017 Buy back BTG BTC n/a n/a n/a n/a
 16/11/2017* Conversion BT1 BTC n/a n/a n/a n/a
 16/11/2017* Conversion BT2 B2X n/a n/a n/a n/a
 16/11/2017* Distribution BTC B2X  
 XX/12/2017* Distribution BTC BTU  ?  ?  ?  ?
 31/12/2017 Conversion BCC BTC n/a n/a n/a n/a
 31/12/2017 Conversion BCU BTU n/a n/a n/a n/a

Source: Bitfinex, BitMEX Research

  • The BCH distribution had a coefficient of 0.85 for lenders
  • 16/11/2017 is the expected date of the SegWit2x hardfork
  • The date of the Bitcoin Unlimited hardfork is not known, its not easy to define if the fork occurs due to some of the nuances in Bitcoin Unlimited and it may not occur at all
  • With respect to BTG and B2X distributions, lenders only receive the token when BTC is in “use as financing collateral”
  • We apologies for any inaccuracies in the above table


Margin positions & lending

As we mentioned in our previous piece on the SegWit2x hardfork, the spin-off token distribution decision for financial platforms is not straight forward.  There are essentially four options:


Potential financial platform policies regarding the distribution of spin-off tokens

Policy A Policy B Policy C Policy D
Split user Bitcoin deposit balances into BTC & spin-off  
Split user Bitcoin margin long positions into BTC & spin-off long positions
Split user Bitcoin margin short positions into BTC & spin-off short positions    
Bitcoin lenders are due back BTC & spin-off
Bitcoin borrowers owe BTC & spin-off  

Note: It is also possible to have a different policy with respect to Bitcoin lending and Bitcoin margin positions, which is not illustrated in the above chart.


BitMEX may choose policy A (or perhaps B in some circumstances), however Bitfinex typically chooses policies (or variant of the policies) C or D. While Bitfinex’s policies can be considered “fairer” in many respects, it can lead to some problems.  Supporting additional tokens can not only put additional burdens on the exchange, but also on customers, as the situation with Bitcoin Gold below illustrates.


Bitcoin Gold (BTG)  – The forced buyback

Bitfinex clients who were short BTC on margin at the time of the fork had a BTG liability added to their account when the fork occurred.  This needed to be done to balance out the impact of users who were long BTC on margin at the time of the fork and benefited by receiving BTG.

This places a burden on customers who were short, as they now have to go into the market and buy BTG to cover their positions, despite potentially having no interest or knowledge in BTG.  This may frustrate some customers as they were not given much notice in this particular case (perhaps under 24 hours).  Since margin trading may not be enabled on BTG, customers have been given three days to cover their BTG shorts, or Bitfinex may buy back the BTG for them in the market with their BTC.


Anyone with a negative balance resulting from being a BTC borrower at the time of the fork will need to buy back into BTG within 3 days or risk having the system do it for them

Source: Bitfinex


The issue may be of particular concern to Bitfinex customers, since the BTG token does not exist yet, nor is the client ready to be released, as further development work may be required.  The date Bitfinex enabled trading, 24th October, was only the date of the snapshot of Bitcoin balances, not when the token actually launched.  Therefore Bitfinex customers who were short BTC at the time of the snapshot will not be able to deposit BTG to the platform to cover their short positions, as the token does not yet exist and instead they appear to be forced to buy it on the market at Bitfinex.  There may be insufficient liquidity, which could cause problems.

Although this is “unfair” and likely to frustrate some customers, it is easy to criticize and there are no perfect policies.


The chain split tokens do not consider the impact of the other chain split tokens

The above contracts do not fairly reflect each other.  For example there was a distribution of BCH tokens in August given to holders of BTC.  However, holders of BCC never received any BCH. This problem is illustrated by the overlapping nature of the contracts in the chart above.

If Bitfinex wants to increase the complexity of the above even further, the following additional distributions could be conducted:

  • When the SegWit2x hardfork occurs, distribute BTG to holders of BT1
  • On 31 December 2017, the Bitcoin Unlimited contract settlement date, distribute BCH, BTG and B2X tokens to holders of BCC

Bitfinex may actually make adjustments for these events and even eluded to this possibility in a recent post.  It would be interesting to see if any of their customers actually demand this.

Bitcoin Economics – Credit expansion and the characteristics of money which make it possible (Part 1)

Abstract: In this piece on economics, we look at misconceptions with respect to how banks make loans and the implications this has on the ability of banks to expand the level of credit in the economy.  We analyze the inherent properties of money which ensure that this is the case and the impact this could have on the business cycle.


Dynamics of Credit Expansion

The core characteristic of the traditional banking system and modern economies, is the ability of the large deposit taking institutions (banks) to expand the level of credit (debt) in the economy, without necessarily needing to finance this expansion with reserves.

An often poorly understood point in finance, is the belief that banks require reserves, liquidity or “cash”, in order to make new loans. After-all where do banks get the money from? It is true that smaller banks and some financial institutions do need to find sources of finance to make new loans. However, in general, this is not the case for the main deposit taking institutions within an economy.

If a main deposit taking institution, makes a new loan to one of their customers, in a sense this automatically creates a new deposit, such that no financing is required.  This is because the customer, or whoever sold the item the loan customer purchased with the loan, puts the money back on deposit at the bank.  Therefore the bank never needed any money at all. Indeed there is nothing else people can do, the deposits are “trapped” inside the banking system, unless they are withdrawn in the form of physical notes and coins, which rarely happens nowadays.

Please consider the following simplified example:

  1. A large bank, JP Morgan, provides a mortgage loan to a customer, who is buying their first home, for $500,000
  2. JP Morgan writes a check to the mortgage customer for $500,000
  3. The mortgage customer deposits the check into his deposit account, at JP Morgan
  4. The mortgage customer writes a new check, for $500,000 and he hands it over to the seller of the property
  5. The seller is also banking client of JP Morgan and as soon as she receives the check, she deposits it into her JP Morgan bank account


Illustrative diagram of a new home mortgage with one dominant bank in the economy

As one can see, the above process had no impact on the bank’s liquidity or reserves, the bank never had to spend any “cash” at any point in the above example. Of course, the seller of the property does not necessarily have to have an account with the same bank as the one which provided the loan.  However large deposit taking institutions, such as JP Morgan, HSBC or Bank of America, have large market shares in the deposit taking business, in their local markets.  Therefore, on average, these large banks expect more than their fair share of new loans to end up on deposit at their own bank. Actually, on average, new loans in the economy actually increases the liquidity for these large banks, rather than decreasing it.

The accounting treatment of this mortgage, for the bank, is as follows:

  • Debit: Loan (asset): $500,000
  • Credit: Deposit (liability): $500,000

The bank has therefore increased its assets and liabilities, resulting in balance sheet expansion.  Although from the point of view of the home seller, she has $500,000 of cash.  The above transaction has increased the amount of loans and deposits in the economy. From the customer’s point of view, these deposits are seen as “cash”. In a sense, new money has been created from nothing, apart from perhaps the asset, which in this case is the property.  In the above scenario, M0 or base money, the total value of physical notes and coins in the economy, as well as money on deposit at the central bank, remains unchanged.  M1, which includes both M0 and money on deposit in bank accounts, has increased by $500,000.  Although the precise definition of M1 varies by region.

Cash reserves from the point of view of a bank are physical notes and coins, as well as money on deposit at the central bank.  The ratio between the level of deposits a bank can have and its reserves, is called the “reserve requirement”.  This form of regulation, managing the reserve requirement, leads to the term “fractional reserve banking”, with banks owing more money to deposit customers than they have in reserves. However, contrary to conventional wisdom, in most significant western economies, there is no regulation directly limiting the bank’s ability to make these loans, with respect to its cash reserves.  The reserve requirement ratio typically either does not exist, or it is so low that it has no significant impact.  There is however a regulatory regime in place that does limit the expansionary process, these are called “capital ratios”. The capital ratio, is a ratio between the equity of the bank and the total assets (or more precisely risk weighted assets). The bank can therefore only create these new loans (new assets) and therefore new deposits (liabilities), if it has sufficient equity.  Equity is the capital investment into the bank, as well as accumulated retained earnings.  For example if a bank has $10 of equity, it may only be allowed $100 of assets, a capital ratio of 10%.


The credit cycle

To some extent, the dynamic described above allows banks to create new loans and expand the level of credit in the economy, almost at will, causing inflation. This credit cycle is often considered to be a core driver of modern economies and a key reason for financial regulation. Although the extent to which the credit cycle impacts the business cycle is hotly debated by economists.  These dynamics are often said to result in expansionary credit bubbles and economic collapses. Or as Satoshi Nakamoto described it:


Banks must be trusted to hold our money and transfer it electronically, but they lend it out in waves of credit bubbles with barely a fraction in reserve


Ray Dalio, the founder of Bridgewater Associates (a leading investment firm), appears to agree that the credit cycle is a major driver of swings in economic growth, at least in the short term, as his video below explains:



The view that the credit cycle, caused by fractional reserve banking, is the dominant driver  of modern economies, including the boom and bust cycle, is likely to be popular in the Bitcoin community.  This theory is sometimes called Austrian business cycle theory, although many economists outside the Austrian school also appreciate the importance of the credit cycle.

However, there are alternative views.  For example another successful investment firm, Marathon Asset Management, identifies the “capital cycle” as the main driver of the business cycle, rather the credit cycle.  In their view a cycle emerges with respect to investment in production, as the below diagram illustrates.


The capital cycle

Source: Capital Account


The fundamental cause of the credit expansionary dynamic

The above dynamic of credit expansion and fractional reserve banking, is not understood by many. However, with the advent of the internet, often people on the far left politics, the far right of politics or conspiracy theorists, are becoming partially aware of this dynamic, perhaps in an incomplete way. With the “banks create money from nothing” or “fractional reserve banking” narratives gaining some traction. The question that arises, is why does the financial system work this way?  This underlying reasons for this, are poorly understood, in our view.

Individuals with these fringe political and economic views, may think this is some kind of grand conspiracy by powerful elite bankers, to ensure their control over the economy. For example, perhaps the Rothschild family, JP Morgan, Goldman Sachs, the Bilderberg Group, the Federal Reserve or some other powerful secretive entity deliberately structured the financial system this way, so that they could gain some nefarious unfair advantage or influence? Actually, this is not at all the case.

The ability of deposit taking institutions to expand credit, without requiring reserves, is the result of inherent characteristics of the money we use and the fundamental nature of money. This is because people and businesses psychologically and for very logical practical reasons, treat bank deposits in the same way as “cash”, when they could alternatively be considered as loans to the bank. This enables banks to then expand the amount of deposits, knowing they are safe, as customers will never withdraw it, since they already think of it as cash.

Bank deposits are treated this way for perfectly reasonable and logical reasons, in fact bank deposits have some significant advantages over physical cash. Bank deposits are simply much better than physical cash.  It is these inherent and genuine advantages that cause fractional reserve banking, not a malicious conspiracy, as some might think.


Advantages of bank deposits compared to physical notes and coins

Factor Bank deposit Physical cash

Keeping money on deposits in financial institutions, increases security

The money is protected by multiple advanced security mechanisms and insured in the unlikely event of theft

Large physical cash balances at home could be vulnerable to theft or damage

Physical cash cannot be insured and storage costs can be expensive

Electronic transfers Using the banking system, it is possible to quickly send money effectively over the internet or by phone, across the world at low cost and at high speed If physical cash is used, then a slow, inefficient, insecure physical transfer must take place

Using a banking system to manage your money, can result in a convenient set of tools. For example the ability to use money using your mobile phone or on your computer

Precise amounts can be sent so there is no issue with receiving change

Handling cash is often a difficult and cumbersome process. Precise amounts cannot be specified and one may need to calculate change amounts
Auditability Traditional banks offer the ability to track, control and monitor all transactions, which can help prevent fraud.  This improves reporting and accountability With physical cash, effective record keeping is less automated, increasing the probability of fraud


Bitcoin Economics – Credit expansion and the characteristics of money (Part 2)

Abstract: In this piece we look at why Bitcoin might have some unique combinations of characteristics, compared to traditional forms of money.  We examine the implications this could have on the ability of banks to engage in credit expansion.


The main features of the different types of money

Despite the strong advantages of bank deposits mentioned in part 1 of this piece, namely the ability to use it electronically, physical notes and coins do have some significant benefits over electronic money.  The following table aims to summarize the main features of the different types of money, bank deposits, physical cash and Electronic Cash (Bitcoin).


Features of electronic bank deposits, physical notes & coins and electronic cash

Feature Bank deposit Physical cash Electronic Cash
Advantages of physical cash
Funds are fully protected in the event the bank becomes insolvent or inaccessible*
It is difficult for the authorities to confiscate funds
Funds can be effectively hidden from the authorities
Transactions cannot easily be blocked
Transfers can be highly anonymous
Transfers can be irrevocable
Transfers can occur instantly ? ?
Payments can occur 24×7 ?
Transaction fees are zero ?
Payments work during power outages or when communication networks are unavailable
Money can be used without purchasing or owning a device
Anyone can use the system, without seeking permission
Advantages of electronic systems
Payments can be made over the internet
Change does not need to be calculated
Payments can easily be recorded
Funds can easily be secured to prevent theft ?

Note: * Physical cash still has a potential problem with respect to the solvency, related to the policy of the central bank which issues the currency


Due to the strengths mentioned in the above table, physical cash will always have its niche use cases. However, on balance, banking deposits are superior to physical cash, for the majority of users.  The ability to use bank deposits electronically is particularly compelling, especially in the digital age.  As we explained in part one of this piece, it is this ability to use the money electronically that ensures there is always high demand for bank deposits, giving banks the ability to freely expand the level of credit.


The unique properties of Bitcoin

Bitcoin shares many of the advantages of physical cash over electronic bank deposits.  Although Bitcoin does not have the full set of advantages, as the table above demonstrates.  However the key unique feature of Bitcoin, is that it has both some of the advantages of physical cash and the ability to be used electronically.

Bitcoin aims to replicate some of the properties of physical cash, but in an electronic form, an “electronic cash system”.  Before Bitcoin, people had to make a binary choice, between physical cash or using a bank deposit.

Although technically physical cash is a kind of a bank deposit, a deposit at the central bank, physical cash still has unique bearer type properties which could not be replicated in an electronic form.  For the first time ever, in 2009, Bitcoin provided the ability to use a bearer type asset, electronically.  The the simple table below illustrates this key unique feature of Bitcoin and blockchain based tokens.


The binary choice in legacy finance & the new option Bitcoin provides

Bearer type instrument Electronic type instrument
Physical Cash (Notes & Coins)
Electronic money (Bank Deposit)
Electronic Cash (Bitcoin)


Therefore Bitcoin can be thought of as a new hybrid form of money, with some of the advantages of physical cash, but also some of the advantages of bank deposits.


Bitcoin’s limitations

Although Bitcoin has inherited some of the strengths of both traditional electronic money systems and physical cash.  Typically Bitcoin does not have all the advantages of either electronic money or physical cash, however it is uniquely positioned to be able to have subset of the features of each.  This provides a new middle ground option.

For example, Bitcoin may never have the throughput of traditional electronic payment systems or the ability to use without electricity such as with physical cash.  Although as technology improves, Bitcoin may slowly develop more strengths and gradually improve its capabilities, to narrow the gap.


The implications of these characteristics on credit expansion

Understanding the dynamics of these characteristics, can be useful in evaluating the potential economic significance of Bitcoin, should the ecosystem grow. Bitcoin has at least six properties which provide some level of natural resilience against credit expansion, which traditional money does not have. This is because the advantages of keeping money on deposit at a bank are not always as pronounced in Bitcoin, compared to the alternatives.  However, Bitcoin is certainly not immune to the same credit expansionary forces which exist in traditional systems, indeed people can keep Bitcoin on deposit at financial institutions just like they can with physical cash.  Bitcoin may merely have greater resistance to the same credit expansionary forces.

At the core of our reasoning, is looking the advantages of bank deposits compared to physical cash, which are the characteristics that enable large banks to freely expand credit and evaluating to what extent they apply in Bitcoin.  As the table below shows, the advantages of keeping money on deposit at a bank are less significant in the Bitcoin world, therefore we think Bitcoin does have some unique resilience against the forces of credit expansion.


Physical cash vs bank deposits compared to Bitcoin vs Bitcoin deposits

Factor Physical cash compared to deposits Bitcoin compared to Bitcoin deposits
1. Security

Keeping money on deposits in financial institutions, increases security relative to keeping large physical cash balances at home, where the cash is vulnerable to theft or damage

Bitcoin can potentially allow a high level of security, without putting the funds on deposit at a bank

For example Bitcoin can be concealed or encrypted

2. Electronic transfers

Using the banking system, it is possible to send money effectively over the internet or by phone, across the world at low cost.

If physical cash is used, then a slow, inefficient, insecure physical transfer must take place

Bitcoin can allow users to efficiently transmit money over the internet, without using deposits at financial institutions
3. Convenience

Using a banking system to manage your money, can result in a convenient set of tools. For example the ability to use money using your mobile phone or use your computer.

Precise amounts can be sent so there is no issue with receiving change

Bitcoin can allow users to make payments on a mobile phone or without manually calculating change amounts.  Deposits at financial institutions are not required
4. Ability to redeem deposits In the traditional banking system, withdrawing physical cash from a financial institution is a long administrative process which takes time.  Banks therefore do not need to worry about keeping large quantities of physical cash in reserves Bitcoin can allow users to withdraw money from deposit taking institutions quickly, which may encourage banks to ensure they have adequate Bitcoin in reserve at all times
5. Auditability

Banks offer the ability to track and monitor all transactions, which can help prevent fraud and improve accountability.

Physical cash cannot offer this

Bitcoin’s blockchain or other electronic databases can allow users to effectively audit and monitor transactions, without using third party financial intermediaries
6. “Hybrid banking”

In traditional banking models there are only two fundamental choices:

1. Physical cash which provides full user control of the money

2. Money on deposit at a financial institution

This is a binary choice with no middle ground options, forcing consumers to make a difficult choice with no compromise option available

Bitcoin allows a wider spectrum of deposit and security models, resulting in a more complex credit expansionary dynamic.

For example:

1. 2 of 2 multi-signature wallet, where the bank holds one key and the user holds another key; or

2. 1 of 2 multi-signature wallet, where the bank holds one key and the user holds another key


The economic consequences of less credit expansion

The consequences of the lower level of credit expansion this analysis implies, does not really say much about whether this potentially new economic model will be more beneficial to society, nor does it say much about whether Bitcoin will be successful or not. The former is something that has been heavily debated by economists for decades and the latter is a separate topic, in our view.  Although, despite decades of economic debate, perhaps Bitcoin is sufficiently different to the money which came before it, such that the debate is required again, with new very different information.  For example inflation  or deflation, caused by cycles of credit expansion, may have very different consequences in a Bitcoin based financial system, than on one based on bank deposits and debt.  A key problem with deflation in a debt based money system, is that it increases the real value of debt, resulting in a downwards economic spiral.  For non debt based money systems like Bitcoin, it is less clear what the implications of deflation are.

Although Bitcoin may not necessarily result in a superior economic model, we think this analysis may suggest that Bitcoin may have some properties that make the economic model somewhat unique or perhaps interesting, compared to the possible models that came before it.  Therefore it does look like an area worth examining.

To many, the ultimate objective of Bitcoin is to become sufficiently dominant, such that there is a significant decrease in credit expansionary forces, which can neutralize the credit cycle and therefore the business cycle.  Although, this should be considered as an extremely ambitious objective, which we consider as extremely unlikely.  And even in the remarkable circumstance that Bitcoin grows to this scale, other  unforeseen economic problems, particular to Bitcoin, may emerge.

The SegWit2x (B2X) Hardfork – Protecting Yourself and Your Coins, Part 1: Coin Splitting

Abstract: The upcoming SegWit2x hardfork lacks replay protection.  In this piece we look at what you can do to protect yourself, by analyzing various ways you could split your coins.



SegWit2x (B2X) is a proposal to double Bitcoin’s capacity limit. This is an increase in the maximum block weight to 8MB from 4MB.

The upgrade is an incompatible with Bitcoin’s current consensus rules (known as a hardfork), which means it is likely to result in a new coin, such that Bitcoin holders prior to the fork will receive both original Bitcoin (BTC) and SegWit2x coin (B2X) after the fork. In many ways this is similar to the recent Bitcoin Cash hardfork (also an increase in the blocksize limit to 8MB). A key difference is that unlike Bitcoin Cash, B2X does not include strong transaction replay protection. Therefore many users could lose funds, on the other hand, those that do successfully protect their funds could make positive investment returns.

The hardfork is expected to occur on around Saturday 18th November 2017. (Block number 494,784)


Why bother splitting?

The SegWit2x split will result in two coins, the existing Bitcoin (BTC) and a new “spin-off” coin SegWit2x (B2X). This is likely to lead to significant price volatility, which may present investment opportunities. Due to the lack of replay protection, whatever your view on the situation or your investment strategy, it is sensible to split your coins as soon as possible, to ensure as much flexibility as possible and also to protect your coins.  Many users are likely to intend to send only one of the two coins in a transaction, but accidentally send both, which may result in an irrecoverable loss of funds.  If you do not split, you could be one of these users incurring losses.

Unfortunately the lack of strong replay protection may also present an opportunity for scammers/attackers. For example scammers could repeatedly deposit and withdraw from exchanges, hoping to find any weaknesses. If any exchange has not implemented replay protection, attackers are likely to exploit this quickly, which could make the exchange insolvent. In addition to this, individual users could be targeted by scammers. Scammers could sell the victim Bitcoin, knowing their wallet is following the wrong chain or scammers could acquire Bitcoin from a victim who is expected to replay coins on both chains to the buyer.

These kind of losses and attacks could damage the reputation of the ecosystem, therefore a contentious hardfork without strong replay protection is a high risk event with potentially significant negative consequences. However, there are actions you can take to protect yourself.


Splitting your coins

When the hardfork occurs, your Bitcoin will exist separately on both chains BTC & B2X, in the same output. Since the B2X hardfork does not contain transaction replay protection enabled by default, when spending your coins, in either chain, the transaction could be replayed on the other chain.  Therefore the prudent thing to do is split your coins, so that your BTC and B2X exist on different outputs on each chain, which means that your transactions can no longer be replayed.

Unfortunately this is not a simple process and many people are unlikely to be able to achieve this. You cannot split your coins prior to the hardfork, however a prudent strategy may be to prepare how you plan to split beforehand, for example moving your coins to a different wallet before the fork occurs. For many users this is not likely to be easy, however if you act fast, there could be investment rewards, if you are able to sell the spin-off coin before others have a chance to do so.


Which wallets to use

In order to split your coins, you would either need to manually construct your own transactions or use two wallets, one for BTC and one for B2X, since most wallets will not allow you to broadcast two conflicting transactions. You will then need two separate wallets, to receive the coins on each side of the split.

Unfortunately two full node wallets are likely to be necessary to protect your coins, for example Bitcoin Core for BTC and BTC1 for B2X. A full node wallet means it verifies all the consensus rules on the entire blockchain. Two fully verifying nodes may be needed because:

  • On the BTC side you may need a wallet that enforces the 4 million unit weight limit (which B2X plans to breach), and;
  • On the B2X side you need a wallet that enforces the coin wipeout protection rule, which requires non witness data in the first B2X block to be greater than 1MB.

You need to ensure each respective wallet enforces each of these rules, to make sure your wallets do not follow a different chain to the one on which your coins are located on.  Otherwise your coins could disappear from your wallet.

In order to prudently prepare for the hardfork, it might be a good idea to run full nodes of each client on a separate computer. The syncing process can take several days, therefore perhaps you could start to run the nodes before the fork, as you may want to be ready to split your coins and spend them as soon as possible.


The splitting methods

Method 1: The trial and error approach

The most basic way of splitting is to run a BTC client and a B2X client, import your private keys, and then try to send your coins to yourself, to two different outputs on each chain. Either both transactions confirm, in which case you succeeded, or the same transaction occurs on both chains, and you simply try again.

The trouble with this method is that it could be expensive, in terms of both time and money. Many people may try this approach and therefore network congestion could be high, and the more failed attempts occur the more one needs to pay in fees. In addition to this, at least one of the two chains is guaranteed have minority hashpower, which could increase the block interval in the short term, resulting in more transaction congestion and you would need to wait for your transaction to confirm on both sides of the split to ensure you are protected.

Unfortunately, the trouble with B2X, is not only did this fork not implement strong replay protection, so that BTC transactions are valid on B2X and vica versa, but B2X also uses the same network magic as BTC. Therefore, by default your B2X wallet will broadcast its transactions to the BTC network, making transaction replay likely.


Method 2: Locktime

Locktime is a transaction field, which ensures a transaction is only valid after a certain block height. By default some wallets, including Bitcoin Core, add the current block height to the locktime field for their transactions. There are several motivations for this transaction type, one of which is to reduce the incentive for miners to orphan the current leading block, in order to get more fee income, by scooping up the fees from transactions already confirmed in the last block and the transactions in the memory pool. This is expected to be a potential problem in the future when the block reward is low.

One could try to use this feature to split BTC and B2X coins. For example, if the BTC chain has a 5 block lead over the B2X chain, you could send a BTC transaction with the current block height as the locktime, therefore this transaction will be invalid on B2X for the next 5 blocks. If the transaction confirms on BTC, you could then send another different transaction spending the same output on the B2X network, before the 5 block period is over. This could also work the other way around if B2X has the block height lead.

This method sounds complicated, and involves monitoring both chains. However, using the Bitcoin Core wallet this may happen by default and can be combined with the trial and error method described above. In theory, all you need to do is see which chain is in the lead, with respect to block height, and then send your transaction on that chain first.


Method 3: The “official” opt in replay protection

The B2X chain is considering adding opt in replay protection. This essentially means B2X client defines a subset of existing valid transactions and then prohibits these transactions on the B2X chain. Therefore you could send a transaction in this format on the BTC network and it would be invalid on B2X, resulting in a successful split.

However, this could be technically challenging to do, as it is not clear if any BTC wallets will support this feature and there may not be enough time for wallets to implement this for ordinary users. In addition to this, it is not known what type of opt in replay protection B2X will use or if this feature will be enabled at all. The official B2X client appears to have gone through the following iterations:

  • Initially there was no opt in transaction replay protection
  • A method of replay protection using OP_Return was merged into the codebase
  • A new replay protection method, banning transactions with an output to a particular P2SH address was merged
  • Problems were found with the latest method, which could apparently result in the loss of funds. Therefore a few days ago this opt in replay protection was removed from the B2X client

Therefore it is not clear what the opt in replay protection for B2X will be and it’s possible there could be no option here at all.


Method 4: Taint the coins with already split coins

Somebody else may have successfully been able to split their coins. They could then send you an output from their split coins. You could then use this output as an input for your new transaction. Since this input only exists on one chain, your transaction would be invalid on the other chain. Ideally this could be the coinbase reward from a block mined after the split, that way you can be sure your transaction can only occur on one side of the split, regardless of any potential re-orgs.

This process seems easier than the above methods, although you must ensure you get your coin control in your wallet arranged correctly to ensure you spend the desired transaction input. This method requires waiting for somebody else, therefore it could be slow, which may be a problem if you want to split as soon as possible.


Method 5: Let an exchange do it

You could send your coins to an exchange which supports both BTC and B2X, the exchange could then handle the split for you. You need to check if the policy of the exchange is to split your coins before the split or to also split coins sent to them after the split.

A disadvantage of this policy is that your need to take counterparty risk, which you may not want to do with your long term savings.  Taking such a risk could be particularly problematic during a high risk, high volume period such as a chain split without strong replay protection, which may present operational challenges for the exchanges. This method also goes against a common narrative or mantra in the Bitcoin community, which is you should always control your private keys, especially during a hardfork.

Although an advantage of sending your coins to the exchange before the fork, is that you may be able to trade the two coins very quickly, perhaps even faster than those doing the above split methods. This could provide you better investment opportunities.



Perhaps the best strategy is to combine the above methods. After reviewing the policy of the exchanges, you could send some of your coins to an exchange of your choice before the fork and then attempt to split the remainder of your coins using method 2 explained above.

However, despite all this advice, it’s probably likely that the overwhelming majority of Bitcoin holders will take no preparatory action for the split. Therefore if you do any above, you are probably well ahead of the majority, which could hopefully lead to some financial rewards or at least help you avoid losses.