Page 1

Touro College ​- Let's talk about directed acyclic graphs. (R&B music) Hey there, it's Jackson. Thanks for watching. Today I wanted to do a video about a topic that I've been asked about many times over the last few months, and that is directed acyclic graphs. And you'll sometimes hear cryptocurrencies which use this data structure as DAG coins, D-A-G. And the real big innovation of these coins is that they that they're not using a blockchain. Today I just want to talk about what does that even mean, and talk about it in simple-to-understand terms which you often won't find because this is quite a complex topic. Before we get started, if you do find these videos helpful, I really do recommend you hit the subscribe button below so you'll get weekly updates as I post more of these. Let's dive in and learn about directed acyclic graphs. So I have a bunch of videos on this, and I recommend you go watch them, but I want to just recap what a blockchain is. In reality, a blockchain is just a cryptic, graphically verifiable list of things that have happened in the past. And to the people out there that have studied any computer science, you'll know that a list, or a linked list, is just a data structure, one of many different data structures out there including arrays, et cetera. So you can really look at a blockchain like Bitcoin as just a linked list where every new node or entry in that list that's written in just references the previous block so you can verify it all the way back to the beginning of history. This establishes a sequence, or a blockchain. But this sequential nature, the fact that you have to write everything in sequence in this flat list, can actually be a bottleneck, and we see this bottleneck in Bitcoin with a new block only being written every 10 minutes. So if the security of your data structure relies on the fact that everything be sequential in this flow, which is a blockchain, that can cause all sorts of scaling issues. And the only solutions we've really seen to date are we can make the blocks much bigger so you can fit more in there, or you can make the blocks happen more rapidly, i.e. you can go from 10 minutes to just one minute block times, or two minute block times. But these approaches have tradeoffs and there's a lot of divide in the community as to which variable you should change in that equation. Cryptocurrencies that use directed acyclic graphs kind of flip that in its head and say, you know what, we should just use a different data structure altogether. So just like a blockchain which I've just described from the viewpoint of a linked list, a directed acyclic graph is just another form of data structure, like a linked list. And it falls under the type of data structure known as a graph. You've probably seen these before, they have a whole bunch of nodes, sometimes called vertices, and they're connected by these connectors, which can be called edges. So if this is just a graph data structure, let's break down the words preceding that. Directed just means that all of these links all have to move in the same direction. They're not going back and forth, they can't be bi-directional, they're always going in the same direction. And the acyclic part simply means that a node cannot reference back to itself. So in a nutshell, the thing can't loop; a node can't say yes, I am a descendant, and loop back to itself. This can be kind of hard to wrap your head around, but a super-simplifying example is to think of a flow chart where everything can only flow in one direction. If you've ever drawn a flow chart that kind of goes off as a tree, you know you can have these parallel branches that spread off and then might come back together in the future. Another example you're probably familiar with is something like a file directory structure. If you think of folders, and you have subfolders within them, they keep drilling down, and down, and down in the one direction. So the benefit of this graph-like structure is that everything doesn't have to be sequential in nature. So unlike the linked list and the blockchain where every block has to come after one another on a main chain, all you need to make sure of with a directed acyclic graph is that all of those nodes are just flowing in the same direction eventually. So now that we have an understanding of what a directed acyclic graph is, let's look into some of the cryptocurrencies which are using this technology to power their platform. The first and probably the most well-known that you hear about in the news is called IOTA. And they call their directed acyclic graph a Tangle. IOTA is interesting in that it removes miners completely from the equation. If you remember, technologies like Bitcoin require that miners compete with their hashing power for the privilege to write to a block every 10 minutes. In IOTA, everybody essentially becomes a miner, because to broadcast a transaction, you actually have to validate two previous transactions yourself, and also do some work to broadcast transactions that are in something called a subtangle. That's really complicated, I'm not going to get into it now, but

essentially, everybody is validating previous transactions in order to get their transactions processed. This is a really interesting concept because if you look at Bitcoin mining, it means that the only people really taking part in consensus are the miners. And we know that there's a limited number of miners in the world, they say that around eight big companies control all of Bitcoin mining, which is a very small consensus pool. In something like IOTA, the vision is that if everybody is participating in the consensus, and contributing to the validation, it's even more decentralized. When a person wants to send a transaction, they have to grab and validate two transactions from the past in order to get recognized. And they also attach a small amount of proof of work, but one that only takes a second or two to compute, to that transaction to avoid spam on the network. By attaching this small proof of work, which is just a bit of computation the computer has to do, they're able to remove fees entirely. People are actually paying their way by helping the network and validating with the transactions they send. In premise, this allows for microtransactions of really small amounts because there's absolutely no fees attached to sending a transaction. If it works, it also promises to scale, because the more nodes you have in the network, the more people you have validating other transactions. So more usage and more adoption actually means better, faster network. This is great in contrast with something like Bitcoin because as things scale and there's more adoption of the network, you're still relying on that bottleneck of miners processing a block every 10 minutes. The other cool thing you can do with IOTA is you can send data, and transfer it as part of a transaction. This is really kind of their whole shtick where they got their name from. The IOT in IOTA is actually an internet of things reference, and they're really trying to go for this kind of machine-to-machine transaction with their marketing stuff. This kind of makes sense because fees are a really big issue if you're trying to do a lot in a lot of microtransactions between different devices. So from a vision standpoint, IOTA seems really promising. But that's not to say that it hasn't been without its issues. Back in late 2017 MIT were actually able to come out and find some issues with the cryptography inside IOTA. This is because the team behind IOTA actually rolled their own crytographic algorithms rather than using something off the shelf that has been proven. This is a real big no-no in cryptography because when you're inventing something new from scratch it hasn't had the chance to be scrutinized by cryptographers, and just battle tested in the wild. As such, these fresh, new attempts at crytographic algorithms are often found to have vulnerabilities later on, and that's what happened with IOTA. After it was disclosed by the MIT team, IOTA did patch this issue, but it kind of shakes my confidence in the team building it, because rolling your own crypto is just something that experienced cryptographers would not do. Another problem that's come up is that because of the way IOTA works, it would only take 33% of the network power in order to mount an attack. And when I say power, it's a bit different to Bitcoin, because there's no mining. The power here is just simply the number of nodes and that small amount of proof of work I said was attached to every transaction. Because it's just firing up a node, and a very small amount of proof of work, getting together 33% of hashing power wouldn't be a real issue, especially in a small, new network like IOTA. You've probably heard of this issue in Bitcoin, it's called the 51% attack. Well in IOTA, it's a 33% attack, if you can pull it off. This issue potentially goes away as the network scales and there's a lot more competition in terms of nodes and people transmitting that proof of work. But in the meantime, the IOTA team have implemented something called the Coordinator. And this is essentially a server they run centrally that all transactions have to get validated through. They claim this is a temporary solution, and they refer to it as training wheels while the network grows, but it is a central point of failure. To be clear, all transactions on IOTA need to go through this thing for now, until it's removed. And that means if its private key is leaked or hacked in some way, all sorts of problems could occur on the network. IOTA claim the need for the Coordinator will go away at some point later in the year of 2018, but it has to be seen whether they'll remove this from the code and make it a truly decentralized solution. And once they do that, will the thing stand up from a consensus perspective? The one last thing to mention, and it's kind of tied into that previous point, is that people have been saying IOTA is just slow to use currently. And that's really because there just aren't enough full nodes out there processing all the transactions, combined with the fact that they all have to go through this Coordinator node. So that's a huge bottleneck. The network just hasn't grown enough to meet the demand of people sending IOTA to and from one another. A contributing factor to this is most likely that people trading IOTA are just keeping it on an exchange, which means you don't have this decentralization of lots of peer-to-peer clients running full wallets and nodes on their local machine. Side note, you shouldn't keep all your money on an exchange, terrible idea. So just to wrap up on IOTA, it's beta software, it's a very promising vision. My confidence is kind of shaken in the team based on the issues we've seen thus far. Bitcoin's had eight years since its birth to be scrutinized by people, and vulnerabilities have been found and patched. So it wouldn't surprise me if we see more of that happening with IOTA. I don't think the MIT disclosure was the last problem we'll see with that protocol. Next up, let's talk about Byteball. Byteball is another cryptocurrency using a directed acyclic graph, and their main net's actually been out on production for longer than IOTA, I believe.

Just like IOTA, Byteball uses a DAG, or directed acyclic graph in the place of a traditional blockchain. It has a native currency called bytes, but unlike IOTA, it doesn't get rid of transaction fees. There are transaction fees to mitigate spam. So I'm not going to rehash things because the data structure is very similar to that of IOTA, but the difference in Byteball is that you do pay those fees, and those fees go to 12 witnesses who are the ones that validate all the transactions on the network. So you don't have the Coordinator, and you don't have everybody validating transactions for other people. Whereas IOTA offers just a currency that you can send to and from one another with some basic data transfer, Byteball kind of throws in the kitchen sink with it, and does a bunch of conditional payments, and kind of smart contracts its own variety of smart contracts that allow you to achieve a lot more than you can natively with IOTA right now. It's important to note, though, that this conditional payment platform that Byteball has is nowhere as robust as something like the Ethereum Virtual Machine. It's not kind of a distributed computer, as Ethereum is. It's really more just if-then conditional statements if you've received certain payments to certain addresses. As I said, they kinda have thrown in the kitchen sink. That means they also have privacy features for people that want anonymous transactions. They do this with something called black bytes, which are kind of their privacy coins, or privacy currency on their network. In addition to that, they have an instant messaging system, and chat bots, they've kind of loaded everything into this wallet. And I understand why they've done that. It shows an example of how this platform can be used, but it does feel like they're kinda trying to boil the ocean with the functionality instead of just nailing the currency out the gate. Just like IOTA, everything is not peachy in Byteball land. If you'll remember, a minute ago I said the fees get paid to witnesses who do all the validation on the network. This witness structure essentially means that there's just 12 people out there that control the entire network. Now the developer obviously trusts these people, and he's made them share their real-world identities, so if they do anything bad they can be held accountable, but it does sacrifice decentralization. The reason they've likely done this is because of the whole 33% attack which I talked about with IOTA. They didn't want to have to bring in a single coordinator like IOTA did, so instead, they have 12 witnesses who control the network instead, which, you could argue, it more distributed. The question here is that if IOTA is telling the truth, and they'll be able to remove the Coordinator sometime in later 2018, then its network does become more decentralized than something like Byteball which will just keep its 12 validators. My take on Byteball is that again, it's a pretty new technology, and they're just trying to achieve too much at once with their protocol. When you go to their website, you kind of see a million different use cases and features, and you're kind of overwhelmed at the amount of things they claim they can do. And the problem with that is I don't know how well scrutinized the code, the cryptography, et cetera has been by security researchers. There could be all sorts of vulnerabilities lurking around in the Byteball protocol. That being said, when you only have 12 witnesses which you've assigned as a developer, you kind of don't have to worry about that, because if they're all your friends and they're not going to do anything bad, the network's kind of just like a little centralized payment system. My hope is that over time the Byteball developers are able to find a way to remove the 12 witness system and actually create a decentralized network where anybody can become a witness, and as such as are able to remove a lot of the fees. Lastly, I just want to touch on something called the SPECTRE protocol, and this is not to be confused with the Spectre processor vulnerability that was discovered recently for Intel chips. But the SPECTRE white paper was released in late 2016 by some researchers from Israel as a way to scale Bitcoin. The way they do this, of course, is through a directed acyclic graph, and the paper is proposing this new data structure, the directed acyclic graph, as a replacement for the blockchain technology which has that problem where it can't do parallel blocks. Because the blockchain is that linked list flat structure and all the blocks have to be sequential in nature, moving to a directed acyclic graph means you could do parallel blocks with miners mining different blocks at the very same time. That means you could get block creation times really down to something like multiple blocks per second and really do away with all the throughput problems that Bitcoin is having right now. Unlike the previous two projects I mentioned, Byteball and IOTA, there is still mining involved. It's a lot like Bitcoin with proof of work miners submitting blocks by solving computational puzzles. Instead of having to compete for the one block they can get written every 10 minutes, they'd instead be able to submit blocks at the same time. There's then a conflict resolution and voting procedure for how those blocks then get accepted into the DAG. And this helps resolve the fact that in this super fast network you actually have miners submitting multiple blocks a second all at the same time, often without any knowledge of the work that other miners are doing. SPECTRE is just a white paper at this point, and it hasn't been implemented in a reference implementation just yet, but there is a team called DAGlabs which consists of some of the initial researchers as well, working on an implementation. I'll be watching this really closely over the next year because I think it could be the saving grace for Bitcoin's scaling dilemma, and it's a really exciting project. So that's it for my breakdown on directed acyclic graph technology and the coins that are currently using it. Now before you reach for the comment

button, I know there are several other technologies out there that are using directed acyclic graphs, but to my knowledge, these other coins are actually using other technologies as well, like delegated proof of stake to do some of the consensus work. That's not to say I won't cover them, so if you do have any of your favorite technologies that are also using DAGs, please put them in the comments below and I'll try to get around to talking about them in the future. Pure DAG plays like Byteball and IOTA are really new. As such, the technology hasn't really had a chance to be proven out and scrutinized by people in the field. So I think we're going to see a big evolution in this technology over the next 12 to 18 months. One thing I like about the SPECTRE white paper is that it doesn't throw away all the prior work, it does keep things like proof of work consensus, as that's been battle-tested and proven over the last eight years with Bitcoin. It kind of outlines a future for Bitcoin and a way to scale with directed acyclic graph in the place of the existing blockchain data structure. As I said, keep an eye on SPECTRE, because I think it's going to be one to watch. Well that's it for this video. I hope you found it useful, and you know what a directed acyclic graph is now, if you didn't before. Otherwise, I hope you learned something from my breakdowns of IOTA, Byteball, and the SPECTRE white paper. If you have suggestions for future videos, just pop them in the comments below, and if you found this video useful, hit the like button, it really helps out. Again, thanks for watching. Until next time, see you later. (groovy music) CUNY Law School, Long Island City.