93 comments

[ 2.8 ms ] story [ 168 ms ] thread
the web site is very brief on the passport verification mechanism. Anybody can explain how it works? I understand they are compatible with passports with a chip. How do they read them? NFC? OCR a string of letters inside the passport? I would love to hear a report from somebody who tried it.
> This is done by reading the unique digital signature the government apposed in the NFC chip included in your passport. Your personal data such as your name or facial image are not read out during this process and your identity remains hidden from the other UBIC participants.
Forget the cryptocurrency stuff. Being able to verify online identity with a passport and phone is valuable and has many other uses.
> How do they read them? NFC? OCR a string of letters inside the passport?

I actually work on software that does this. To read a passport you first need to OCR the two lines of text at the bottom of the data page, the machine readable zone or MRZ (actually: you only need the document number, date of birth and date of expiry, but OCRing the MRZ is the easiest way to input these without error).

These 3 pieces of data form a kind of password to access the chip, this is so someone can't skim your passport, they have to already be looking at the data page with all your info before they can access the same info in the chip. (Note that there is an additional way on some passports, which uses a PIN code printed on the passport but this isn't very common yet).

Once you got the key, you can authenticate yourself towards the chip and read its data. The data is digitally signed by the government of the issuing country and if you have the root certificates you an verify the data is genuine and not tampered with.

Then there is also a mechanism to detect if the chip is not a copy, which is what the cryptocurrency seems to use, called 'active authentication'. You basically send an 8-byte challenge to the passport, which signs it and returns the signature. The passport's public key is readable, the private key is not and stored in a secure way in the chip. By verifying the response against the public key you verify the chip is not a copy. This public key is part of the signed data so you can form a chain-of-trust back to the signing authority.

Notice that what this cryptocurrency is doing (signing data using a passport) is considered a problem by some governments (specifically Germany) and thus a new standard was created called EAC-CA (Extended Access Control - Chip Authentication) that specifically prevents this from happening. Both AA and EAC-CA are optional features.

Is there any danger is using the app and exposing the information in your passport to this app? I'd think so, otherwise why all that effort to keep the information from being skimmed.
Obviously the potential for abuse is high; if you don’t trust the author of the app then I certainly wouldn’t use it.

Passports contain personal information, a color photo of the holder, and optionally can contain a copy of your signature or fingerprints.

Note that some information can be behind an additional level of access control called EAC-TA (Extended access control - terminal authentication). For example the fingerprints in Dutch passports are protected like this. Accessing them requires a certificate which is so closely guarded that hardly anyone has access to it.

That is why I was concerned. But if you read through the technical descriptions in this hacker news discussion, some people say you are only verifying that the information in it is a valid and unique passport, effectively. I want someone with more information than me to state a definitive answer of the dangers here. Let my try asking the questions:

1. The user info that leads to that 'key' or hash, they get that name and number on the inside, and that's a hash to verify that its a passport issued by a real authority?

2. Isn't there a danger in leaking that internal information in #1? If there was no danger, then they wouldn't put it on the inside, right?

3, Do they have access to further information when they get that hash and verify what else is contained? Is this access to everything that is encoded? It seems not.

I think that you are leaking that information on the inside cover, that is of little use to outside people who don't have your passport. They'd know of your existence, and they'd maybe be able to use it if they ever got your passport? I don't want to speculate on important information like your passport credentials.

I looked into it a little more, and it's even more dubious than I originally thought.

To first address your questions: they claim they only get the document signer certificate from the security object in the document. This in itself isn't dangerous but if they can read this file, they can also read files which do contain privacy sensitive information. More than enough to be very worried about identity theft.

Even more more worrying is that they treat having the document signer certificate as proof of holding a passport. This is not in any way a proof of you holding a specific passport. Document signer certificates are not unique to a document, and even if they were it doesn't prove in any way you're not using a copy.

By why? Cryptocurrencies used to at least claim to be useful, but this one does not even try to?

Is there a need it fulfills, or some advantage over one of the thousands of existing ones?

This is useful.. to someone. They are just collecting a lot of passport information.
Would love to know why HN is so blindly anti-crypto.
I realize the appeal of it: it's just complicated enough it makes normal people think there's something to it. It's just full enough of tough technical challenges engineers have something to bite into. It's just futuristic enough to make everyone believe it's the future. And it's just ancap enough to inspire those fearful of the government and the world. Then it made a handful of people wealthy and inspired fomo.

But at the end of the day it's just a negative-sum solution in search of a problem, riddled with holes big enough to drive a dump truck through, wasting the world's resources, likely created by a Bond-villain-esque racist narcotics trafficker to move his money around [1]. And all the "pricing" of every single coin is controlled by a giant fraud perpetrated by Bitfinex and Tether that bagholders are intrinsically disincentivized from exposing -- all to avoid anti-money laundering / AML/KYC regulations.

It's twelve years of solution in search of problem, with nothing legal to show for it. Except Sia, I guess, I dunno, that's what some people have told me, but that still seems better solved by AWS to me.

[1] https://www.wired.com/story/was-bitcoin-created-by-this-inte...

I have never seen someone dismiss the ideas behind cryptocurrency or the failings of modern banking as blindingly as this post. Your criticisms are a tautology - any defense put against it will be disarmed by your pre-rejection of anarchism, decentralization, applied cryptographic research, or real-world improvements to banking and the exchange of currency.

Some of your assertions could even be correct (who invented it, problems with architecture, energy consumption) and you would still be out of line with the wholesale dismissal of all its concepts.

I can take another stab at it if you like, but just because my defense is irrefutable doesn't make it a tautology ;)

> decentralization

Decentralization of currency is provably less efficient than centralization. Trust is a huge optimization, as you can see by the sheer overwhelming inefficiency of proof of work algorithms. It's tens of thousands of times less efficient. With reference to [1] a single BTC transaction releases 332 KILOGRAMS of CO2, consumes 700kWh of power and generates 87 GRAMS of e-waste. That's enough to drive a Tesla Model S from San Francisco to New York, and throwing half an iPhone out the window en route. And that's without paying for the fill-ups on the way.

Then there's the pragmatic: every stumble down the timeline winds up with all coins lost. We're at 20% of BTC lost already, since there's nobody to appeal to, you're just SOL.

> anarchism

Anarchy is not an effective way to ... anything. If there are some proven successes of anarchy at scale please do cite them.

But without that, the entire "anarchist" crypto space has shown as soon as you open the door to the architecture, scammers and schemers follow through immediately. [2] The entire pricing structure of all cryptocurrencies has centralized thanks to anarchy and is centrally controlled via Bitfinex' totally oversight-free generation of billions of dollars in fake money in Tether. This is just the tip of the iceberg.

> applied cryptographic research

Doesn't matter if they're pointing in the wrong direction.

> real-world improvements to banking and the exchange of currency

Everything crypto does can be done better, faster and cheaper with traditional currency since it's not boat anchored to the inefficiency of decentralization.

Not to mention, it fails at even the most basic aspects of modern currency theory by being deflationary.

[1] https://digiconomist.net/bitcoin-energy-consumption

[2] https://www.newyorker.com/humor/daily-shouts/l-p-d-libertari...

I am not anti-crypto, but I am anti- stupid ideas and get-rich quick schemes that are incredibly prevalent in the "blockchain" space. I am for one or two cryptocurrencies/tokens, and that's about it.
This is also the problem encountered in the development of blockchain
Informed skepticism is the opposite of “blindly anti-crypto”: hawkers have had years to make the case for their systems but most of them have failed to produce anything of value. If you can talk knowledgeably about a system and a real problem which it solves, you won't have a problem.
But it's rarely informed. The US has very outdated, insecure and absurdly expensive retail banking and most people seem to be completely oblivious to it, which is why they fail to the potential of settlement systems like Ripple. Financial transactions are just small pieces of information, no different than funny GIFs or instant messages. It costs virtually nothing to move them around instantaneously across the globe in a secure way, and yet here we are, discussing if that has any value over snail-mail type of experience.

Europe stands out somewhat and we can argue that cryptocurrencies don't bring much improvement onto the table. Banking fees are already very low and Europe is currently rolling out instant credit transfer. I can open a bank account for free and without any recurring fees, and make up to 5000 payments a month for free to anyone in Europe, arriving in less than 20 seconds, available 24/7/365, automatable through APIs. But the rest of the world... my God what stone age you're living in, people with paper checks and overdraft fees imagine they're "informed skeptics" against modern settlement systems. Feels like early 1990s with people saying that email is pointless and they'll never use it.

Agree on all counts (I am in the US), but what does it have to do with crypto? And with this coin in particular?

Whatever the solution we end up with, it won't be decentralized. No one wants to lose their money because they lost some token or paper, and their computer broke.

It will be great new distributed world -- but it would also be licensed, insured, centrally approved, KYC'd, and free of chinese cryptominers and people stealing your passport numbers.

I am left puzzled by the strong skepticism and even downright hostility I often see. I don't think any current cryptocurrency will take over the world and replace existing financial systems like fanboys argue, but they are trying out highly desirable features in real-world environment. I am certain many of them will eventually become widely adopted.

Even the basic requirement of all transactions being digitally signed is a huge step forward, especially when paired with hardware wallets[1]. It's crazy that we're still typing plain-text credit card numbers into inherently insecure computers, hoping that we'll be charged the correct amount (I recently wasn't), and that no keylogger or sketchy merchant steals or accidentally leaks the information.

Sure, dealing with digital keys and long hex addresses is clunky like sending email in 1984[2], but I feel there's a lot of real innovation thrown out with the bathwater when the whole sphere is called pointless Ponzi and so on, which is particularly odd to see in a forum dedicated to startup culture.

[1] https://shop.ledger.com/pages/ledger-nano-x

[2] https://www.youtube.com/watch?v=szdbKz5CyhA

I have been dealing with the computers for a long time, and I know they fail. The hardware breaks, my computer gets malware, vendor's computer gets malware, I get nothing, I get wrong item and vendor is unresponsive, software makes errors, I type the wrong thing and click the wrong button.

I think it is a terrible idea to keep any significant amount of money in any place where it is easy to lose, like a cryptocurrency. And if you are recommending cryptocurrency as a safe storage to someone who is not an expert, you should feel bad, because you are lying to them.

And the worst part of all, is cryptcoiners _never_ _listen_. In fact, directly in the message you are replying to, I wrote: "No one wants to lose their money because they lost some token or paper, and their computer broke." And what was your response? You point me to hardware wallet.

The hardware wallets are great if you are a crypto expert. If you are a regular person, you are going to be lose your recovery words and forget your password after vacation, and then you'll (almost) lose $30K like Mark Frauenfelder did [0]

Telling people to use crypto for significant amounts of money is like encouraging them to juggle live grenades. Yes, it looks cool and pretty safe if you know the trick. But if everyone starts doing this, someone will get killed.

[0] https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-...

https://www.wired.com/story/i-forgot-my-pin-an-epic-tale-of-...

So, I rarely see people saying that the U.S. financial system doesn’t have tons of room for improvement. The problem is when someone comes in pushing something which features at least one of {costs more, no consumer protections, harder to use, slower}, especially when it’s something like Bitcoin where they have an obvious financial stake in getting you to buy in even if it’s not good for you.
If you actually look at how the software work it's clear they're not doing that - they are just having the passport encrypt a nonce. Then they decrypt it with the passport's public key to confirm that the passport is authentic.
If you have proof of passport, you have proof of identity (at least up to the difficulty of obtaining a counterfeit passport - pretty expensive). If you have proof of identity, you have secure private online voting. You also have solved the astroturfing bot problems, and multiple-accounts problems on most communication platforms.

Want to get into cryptocurrency-specific applications? If you used that proof-of-passport design and issued an inflationary currency around it such that inflation was issued one-coin-per-passport, then you have a currency that auto-taxes the rich and auto-distributes a UBI (parameterized however you like). Could be governed via online voting. Would need to have considerable penalties (or bounties) to those who are found with fake passports though. This currency could be quickly substituted with effectively no usable difference to most people for anything currently purchasable with Bitcoin/Ethereum/etc. It could also be used as a decentralized asset registration system for non-cash assets. If enough people simply held and used this currency as opposed to other crypto or USD/etc, and enough started requiring buyers/sellers to use it (for political reasons at first, then later practical reasons) then its price would quickly stabilize and make it a reserve currency, and there's not much any other party could do to stop it. Participation in the economy could then effectively require use of this currency, which means effectively registering your assets and your accounts under a single identity and exposing those assets to automatic taxation in their effective value due to inflation. It is simply built into the system at that point. Though this inflation relationship could be set to be a net benefit users up to a net worth of e.g. 2 million USD equivalent.

This also opens the doors for automated anonymous auditing of assets, anonymous proof-of-ownership, etc.

Enter "but we could do this already without cryptocurrencies!" - sure, probably. But now you can do it without centralized control of the system by anyone.

It's a universal basic income. It requires a passport.

Those two assertions are contradictory. Not everyone has a passport, a lot of people (especially lower-income, which UBIs tend to be pitched as being the most beneficial for) don't own passports.

I suppose it's more a proof of concept than an actual serious attempt at creating a cryptocurrency.

If people want the UBI they need to get a passport. Are there people that are not eligible for a passport?
In the US, it's not mandatory that you get one. Many people don't get one unless they plan to leave the country. This is especially true given that many driver's licenses are valid as a form of federally recognized ID here (i.e. you can fly domestically or whatever).

The people "not eligible" for a passport are those too poor to afford the process or those without any other reason to get one.

That's just not true.

Only 42% of Americans have passports. A passport is not in and of itself required to live in a country, just to leave one. It's also expensive -- out of reach for many lower income folks. All you really need to get UBI is proof of citizenship, like a birth certificate.

Never-mind that passports tend to be expensive (relatively speaking, for the average person), many countries don’t issue passports for a variety of reasons: the UK will refuse to issue - or confiscate - passports of football hooligans specifically - or suspected terror-tourists, I’m sure other democracies have similar policies, let alone more authoritarian regimes.
Passports are confiscated if you misbehave at a sports match? My God.
British fans don't have a good reputation in Europe so it's likely the governments way to stop us exporting hooligans.
> misbehave

That spin does kinda trivialize the conduct of hooligans - things like simple assault or battery won't be enough, it's more like if you're involved in a specific football hooligan gang, and conspire to do grevious bodily harm and/or arrange organized fights between gangs, and you must have a prior conviction too: https://assets.publishing.service.gov.uk/government/uploads/...

Many refugees have no feasible means of obtaining a passport. Many people are too poor to pay the bribes that would be necessary to get a passport they are nominally entitled to. Others may find it impossible in practice on account of being of the "wrong" ethnic minority.
E.g. Tibetans, who are not allowed to travel outside of China...
I guess this is kind of interesting but what's the value in holding the coins? I do all of this to hold monopoly money?
It does not say anything about loosing your pasport. I wonder what that might do. I am assuming they at least cover the case of replacing your pasport when it expires as it is a known date.
Just like any other cryptocurrency: you lose your keys, you lose your coins, end of story. That's one of the many reasons crypto is utterly worthless.
I mean, you also lose your money if you lose paper bills. Makes it difficult to use as a store of value, but not as a medium of exchange.
It's possible to store your paper somewhere that's not the case. It's not possible to do the same with crypto. There is no workaround for crypto -- intentionally so. Not to mention, mediums of exchange aren't supposed to fluctuate 10% in value in minutes, for reasons that should be immediately obvious, and it certainly shouldn't be priced in USDT / Tether Funbux.
Anywhere you can store a dollar bill, I can store a piece of paper with my private key written on it.

Yes, it absolutely is rendered less useful by the fluctuation of exchange rate.

Not in a real bank, which is insured by the FDIC so in the event it becomes insolvent I get my money back. Unlike an exchange where I get a big ol' SFYL.
Banks have vaults and offer storage services for important documents, including encryption keys. Retrieval difficulties etc can be dealt with by having multiple copies stored in different places.

Paper money is no different from keys. If you burn either of them, they're gone for good, but that doesn't stop them from being useful if you use reasonable precautions.

Paper money can be converted to digital, insured, replaceable currency by being deposited in a bank. Cryptocurrency cannot.
So can cryptocurrencies be converted. Each form of storage comes with its upsides and downsides. During the Cypriot banking crisis of 2012-13, 47.5% of savings over 100 000 EUR were seized by the government. A 200 000 EUR deposit became a 152 500 EUR deposit overnight.
I think you're not following what I'm saying but I'll dive into the two aspects here:

(1) You can convert cryptocurrencies but that doesn't change the fact your key remains a single point of failure, or your exchange's key remains a single point of failure. This is as designed. There is no remedy. It is intentional. It does not apply to an FDIC insured bank account.

(2) During the MtGox crisis and the QuadrigaCX [1] crisis (among many, many, many others), 100% of deposits disappeared overnight with zero recourse (aka SFYL). While neither this nor the Cypriot banking crisis are ideal, I know which one I'd prefer to have gone through. Not to mention at the end QuadrigaCX sent $400,000 on crypto to their dead founder's wallet which is just thrown in with the rest of the pool of lost coins.

[1] https://www.forbes.com/sites/dantedisparte/2019/02/05/quadri...

> (1) You can convert cryptocurrencies but that doesn't change the fact your key remains a single point of failure, or your exchange's key remains a single point of failure. This is as designed. There is no remedy. It is intentional. It does not apply to an FDIC insured bank account.

There can be unlimited number of copies of the same key. For more secure storage, a key can be split into parts that allow reconstruction only if, for example, any 3 of the original 5 parts are present. You can't have such backups with cash. There's no single point of failure, unless the whole system fails and keys have no value anymore.

Speaking of which...

> (2) During the MtGox crisis and the QuadrigaCX [1] crisis (among many, many, many others), 100% of deposits disappeared overnight with zero recourse (aka SFYL). While neither this nor the Cypriot banking crisis are ideal, I know which one I'd prefer to have gone through.

I lived through the collapse of the Soviet Union when money became completely worthless. The photos of the Weimar Republic and baskets full of bills - I've seen that with my own eyes, and I'm not sure that was the last time for me to experience a complete financial collapse.

Cash isn't as long-lasting as people seem to think, with a few notable exceptions like the USD. Most currencies that existed in Europe 30 years ago are gone. If you tear down a wall during home renovations and come across a hidden stash of 1997 French francs, they're worthless and can't be exchanged for the Euro anymore: https://europa.eu/european-union/about-eu/euro/exchanging-na...

As to the exchanges - they a are a mirror image of traditional bank accounts (deposit money and hope it doesn't vanish) and should be avoided as much as possible. One of the aims of cryptocurrencies is getting rid of such blind trust based relationships and replace them with cryptographically secured ones that are bound to well-established rules that cannot be arbitrarily changed.

> There can be unlimited number of copies of the same key.

Unlimited copies of a single point of failure remains a single point of failure.

> ... 47.5% of savings over 100 000 EUR were seized by the government. A 200 000 EUR deposit became a 152 500 EUR deposit overnight.

I should say that Cypriot haircut is nothing compared to how far all the cryptos have fallen in the last 3 years. Nothing. [1] If you got in over the last few years a Cypriot haircut would look downright luxurious. Speaking of wheelbarrows full of garbage, how do you think Zcash and Iota holders feel? Think they're glad they invested in "secure money"? Or are we just going to blame them for picking the wrong crypto?

> As to the exchanges - they a are a mirror image of traditional bank accounts (deposit money and hope it doesn't vanish) and should be avoided as much as possible. One of the aims of cryptocurrencies is getting rid of such blind trust based relationships and replace them with cryptographically secured ones that are bound to well-established rules that cannot be arbitrarily changed.

They are not. Traditional bank accounts are insured by the government which is also the sole issuer of the currency. To the extent the government remains functional your cash is secure, safe and insured.

If the government fails, your bitcoin won't help you either.

[1] athcoinindex.com

> Unlimited copies of a single point of failure remains a single point of failure.

There's no single point of failure if any single point can fail without destroying the private key. Cash is inferior in many ways, can't restore from backup if you've burned a $100 bill to ashes by accident.

> Traditional bank accounts are insured by the government which is also the sole issuer of the currency. To the extent the government remains functional your cash is secure, safe and insured.

Nice in theory, doesn't really work in practice. Look up how little the insurance funds actually have per every insured account. Where I live, accounts are insured up to 100 000 EUR and the insurance fund has 400 EUR per account. Should shit hit the fan with any bigger bank, the money printing press will go brrrrrr and everyone will get poorer through inflation, because the insurance fund has nowhere near the money to cover the promised amount. Crypto exchanges can't rob customers like that, their failures are more obvious.

I noticed you completely ignored how all the cryptocurrencies lost way more value than any alternative, but I'll just assume you ceded that point to me.

> There's no single point of failure if any single point can fail without destroying the private key. Cash is inferior in many ways, can't restore from backup if you've burned a $100 bill to ashes by accident.

Again, the key is a single point of failure. No matter how many copies. And nobody uses or advocates for physical cash specifically for these reasons.

> Nice in theory, doesn't really work in practice. Look up how little the insurance funds actually have per every insured account. Where I live, accounts are insured up to 100 000 EUR and the insurance fund has 400 EUR per account. Should shit hit the fan with any bigger bank, the money printing press will go brrrrrr and everyone will get poorer through inflation, because the insurance fund has nowhere near the money to cover the promised amount. Crypto exchanges can't rob customers like that, their failures are more obvious.

It's literally worked for a hundred years. The FDIC was put in place after the great depression and since then nobody has lost a single penny of insured deposits. Nobody. Not in 2008, not during COVID, not at any point along the way. Zero dollars.

On the other hand, hundreds of millions are lost in crypto exchanges all. The. Time. Not a week goes by without people losing their life savings due to hacks, negligence and fraud. And nobody can help them. Because that's the point. It's intended behavior.

Yes, governments could print money. No, printing money doesn't always lead to inflation. Since the 1970s, the M2 money supply has increased 15X and yet inflation has remained a well controlled 2% per year, totaling 7X. Printing money doesn't actually cause inflation. Surprising right? A lot of that has to do with expansion of the population and the economy. I suggest digging in and learning more about macroeconomics. [1]

Then the most important part: don't hold large quantities of money -- invest it. Then you're utterly safe from inflation.

[1] https://www.forbes.com/sites/johntharvey/2011/05/14/money-gr...

(comment deleted)
The money in a bank is not paper currency. Your deposit is backed by as little as 3% cash reserves. My original point was that crypto is a medium of exchange, like cash, not that it is a store of value, like bank account deposits.
> The money in a bank is not paper currency. Your deposit is backed by as little as 3% cash reserves.

Utterly irrelevant so long as it's backed by the FDIC. Nobody has lost a single penny since the Great Depression to a bank failure. Not during COVID. Not in 2008. Not ever.

> Your deposit is backed by as little as 3% cash reserves.

I'm not sure the Bank of Tether even has that much on hand, and it defines the pricing of all cryptocurrencies.

> My original point was that crypto is a medium of exchange.

It's not a useful medium of exchange due to its insane volatility and high implied and direct fees.

> ...not that it is a store of value, like bank account deposits

Cash and bank deposits are a medium of exchange and an intentionally lossy store of value.

This is all pretty much ECON-101.

It's no different than bearer bonds [1]. "Utterly worthless" is a little strong; while for 99% of users, it's arguably inferior to a banking authority than can restore your assets in the event of fraud, there are those that would consider this a feature rather than a bug, since it also means that a government or bank can't seize your assets either (given sufficient precautions, etc). It's a tradeoff, like so many things.

[1] https://en.wikipedia.org/wiki/Bearer_bond

> It's arguably inferior to a banking authority than can restore your assets in the event of fraud, there are those that would consider this a feature rather than a bug, since it also means that a government or bank can't seize your assets either (given sufficient precautions, etc).

And they would be wrong, since all crypto is priced in USDT which is a fiction brought to you by the Bitfinex team.

Obviously the government should be able to seize funds, because you know, crimes. Somehow they seem to actually manage to seize bitcoin from time to time, too. So I'm not really even sure that's an argument. I guess if you lose it there's nothing to seize, like 20% of BTC so far.

Yes, it takes some precautions to make crypto unseizable (sufficient encryption and/or brainwallets). Even then, governments always have the "$5 wrench" option, in which they hold you in contempt and jail you for not turning over a password they believe you have. Still, for better or worse, a crypto-asset is a tool that can be used to store value that is purely under your control. Whether that's a good thing, or even should be a socially permissible thing, is certainly an open question.
Yeah, and bearer bonds no longer exist because of those problems.
From the wiki: "Bearer bonds have historically been the financial instrument of choice for money laundering, tax evasion, and concealed business transactions in general"

Ah good! That, but digital. Just what the world needed. I almost feel like you made my case just there.

"I don't like the use case" is different than "useless."
Ok, then it's great for crime, and nothing else.
And low fee transactions
Low fees aren't a feature of cryptocurrencies, I'm not sure the big websites even list it as such because:

(1) Fees are irrelevant in the face of overwhelming volatility. Who cares if the fee is a couple of cents on your million dollar transaction when BTC regularly flings up and down 10%, or more? How could you willingly risk $100,000 on a million dollar transaction when your bank would charge you between $25 and $0 depending on your account size for the same transfer?

(2) Fees only appear low because nobody's using it. The minute people start using it, as we've seen, the fees absolutely skyrocket. BTC transaction fees hit $35 last time around.

(3) Fees only appear low because they're being socialized through inflation/dilution. A single BTC transaction consumes 700kWh of power -- enough to drive a Tesla from SF to New York. That's currently being absorbed by the system in the form of inflation/dilution ("block rewards"). But make no mistake, each transaction actually costs about $0.08/kWh in China = $56.

(4) Fees for traditional currency are really low. Really, really low. Cash is free to hand to someone. Checks are free. ACH costs your bank 1/10th of 1 cent per transaction, and often that's passed along free of charge (see Venmo, Square Cash). Even wires are a few pennies in bulk, and often free -- my bank doesn't charge me for wires.

(5) Before you start on international transactions, those are really really cheap too. The cheapest option for small transactions is TransferWise, charging 0% on the USD-INR corridor up to 0.85% or so. Most credit cards charge nothing on forex.

If you're doing big transactions, InteractiveBrokers is a great bet for forex. On monthly transactions under 1,000,000,000 (that's right, a billion dollars) they charge 2/10th of a basis point - 0.002% -- minimum $2. $20 per million. SIPC insured.

There's nothing the traditional BTC/ETH/etc cryptos do better than existing systems except crime. The forex market is $5.1T/year, trust me. It's been optimized.

> (1) Fees are irrelevant in the face of overwhelming volatility. Who cares if the fee is a couple of cents on your million dollar transaction when BTC regularly flings up and down 10%, or more? How could you willingly risk $100,000 on a million dollar transaction when your bank would charge you between $25 and $0 depending on your account size for the same transfer?

The same thing is an issue with traditional international transactions, but settlement systems like Ripple offer very fast transaction times (seconds instead of days) and reduce exposure to exchange rates, which makes them much cheaper to use.

> (2) Fees only appear low because nobody's using it. The minute people start using it, as we've seen, the fees absolutely skyrocket. BTC transaction fees hit $35 last time around.

BTC throughput is artifically capped by its developers to 7 transactions per second (globally), which causes ridiculous bidding wars for transactions. This is not an issue with most cryptocurrencies that have large throughput as one of their main design goals.

> (3) Fees only appear low because they're being socialized through inflation/dilution. A single BTC transaction consumes 700kWh of power -- enough to drive a Tesla from SF to New York. That's currently being absorbed by the system in the form of inflation/dilution ("block rewards"). But make no mistake, each transaction actually costs about $0.08/kWh in China = $56.

Cryptocurrencies do not have to rely on Bitcoin's way of doing things. There are energy-efficient ways. A single Bitcoin transaction may consume 700 kWh, but a Visa transaction consumes 0.006490 kWh and a Ripple transaction consumes 0.0000113 kWh (http://papers.netrogenic.com/sid/eco-friendly-money.pdf).

> (5) Before you start on international transactions, those are really really cheap too. The cheapest option for small transactions is TransferWise, charging 0% on the USD-INR corridor up to 0.85% or so. Most credit cards charge nothing on forex.

These are not actual transactions. TransferWise can offer cheap rates only on well-balanced corridors because then real money doesn't have to move. If USD->INR payments have a volume of 1M per day and INR->USD also has 1M, then they don't have to move any money and can bypass the whole international transactions side of things and associated fees and locally pay out the same money that was deposited into their accounts.

If international transactions were cheap, there would be no need for middle-men like TransferWise.

> The same thing is an issue with traditional international transactions, but settlement systems like Ripple offer very fast transaction times (seconds instead of days) and reduce exposure to exchange rates, which makes them much cheaper to use.

Ripple is not decentralized, which is why it's cheap. That also just makes it a direct replacement for SWIFT. You can do that without blockchain. You can stand that up in a single RDS instance in about 5 minutes flat, and hash the previously appended rows in a Merkle tree like we've done for eons.

> BTC throughput is artifically capped by its developers to 7 transactions per second (globally), which causes ridiculous bidding wars for transactions. This is not an issue with most cryptocurrencies that have large throughput as one of their main design goals.

There's no truly decentralized cryptocurrency that even comes close to satisfying simultaneously having anywhere close to the transaction throughput of Visa (just one of many processors) while also satisfying the verifiability goals of being able to download the blockchain onto your computer. Because they're competing goals.

> Cryptocurrencies do not have to rely on Bitcoin's way of doing things. There are energy-efficient ways. A single Bitcoin transaction may consume 700 kWh, but a Visa transaction consumes 0.006490 kWh and a Ripple transaction consumes 0.0000113 kWh (http://papers.netrogenic.com/sid/eco-friendly-money.pdf).

Ripple is not decentralized which is why it's efficient. There are no decentralized, efficient coins. It's also not even close to a fair comparison. They're only counting the electricity consumption of a few validator nodes in that link of yours, and they cap out at 1500TPS, Visa supports 50000TPS.

Further XRP is just a distributed inter-bank ledger. Visa isn't a comparison for that, something like SWIFT is.

> These are not actual transactions. TransferWise can offer cheap rates only on well-balanced corridors because then real money doesn't have to move. If USD->INR payments have a volume of 1M per day and INR->USD also has 1M, then they don't have to move any money and can bypass the whole international transactions side of things and associated fees and locally pay out the same money that was deposited into their accounts.

I have no idea what this means. You do know bags of money don't make their way onto boats every time you make a forex transaction right? The exchange rate is determined by the price that requires no physical currency to leave one country and move to another. Which makes it incredibly efficient. And very real.

> If international transactions were cheap, there would be no need for middle-men like TransferWise.

They're a provider of cheap international transactions. International transactions are cheap.

> Ripple is not decentralized, which is why it's cheap.

Their ledger is inherently decentralized. It runs without a central operator. Consensus is formed by independent parties.

> I have no idea what this means.

No international transactions take place between financial institutions, they just change a few lines in their internal database table.

> They're a provider of cheap international transactions. International transactions are cheap.

They serve limited cases and their volume is tiny, only 4B a month. They are no way an indication what international transactions cost.

> Their ledger is inherently decentralized. It runs without a central operator. Consensus is formed by independent parties.

"Ripple Controls The Network And Who Gets To Validate Transactions, Making It A Centralised And Permissioned Blockchain" [1] That means it's no different than an RDS instance with a Merkle tree. That's not comparable to the other coins we're discussing.

> No international transactions take place between financial institutions, they just change a few lines in their internal database table.

That's literally how SWIFT works. It's literally how TransferWise works. It's how every international exchange mechanism works, and it's what you described as "not actual transactions."

> They serve limited cases and their volume is tiny, only 4B a month. They are no way an indication what international transactions cost.

Generally, the less you serve, the more expensive your service, not less, due to economies of scale. TransferWise represents an upper bound on cost, not lower. As I explained before, at scale, InteractiveBrokers will charge you 0.002% ($20/million) for any Forex transaction you like, up to $1B per month, and will charge you progressively less as you go up from there.

[1] https://www.forbes.com/sites/thomassilkjaer/2019/03/07/14-co...

> "Ripple Controls The Network And Who Gets To Validate Transactions, Making It A Centralised And Permissioned Blockchain" [1]

The quoted part is a misunderstanding that's refuted in following paragraphs. I fully agree with it - Ripple isn't centralized.

> That's literally how SWIFT works. It's literally how TransferWise works. It's how every international exchange mechanism works, and it's what you described as "not actual transactions."

Nope. There's no way for me and you to directly access SWIFT for deposits and withdrawals like we can sign up with TransferWise or send funds directly from one crypto wallet to the other. We have to go through our banks, who route transactions through chain of trusted intermediaries, who add their own processing fees.

TransferWise cleverly bypasses this in balanced corridors where no money has to be moved though the network of financial institutions, but that's a very limited business. They are very far from serving the whole world at cheap rates, and their niche business is no indication of how much a typical international transaction costs.

> InteractiveBrokers will charge you 0.002% ($20/million) for any Forex transaction you like, up to $1B per month

How reassuring. Sadly, banks do not pass on the savings to customers, and the entry barrier for newcomers with better pricing is very high. Even smaller banks are getting fucked, let alone retail customers.

Look I think we're talking past eachother here but to re-iterate one last time:

> The quoted part is a misunderstanding that's refuted in following paragraphs. I fully agree with it - Ripple isn't centralized.

They didn't refute it at all. There's one company that publishes a list of trusted nodes. That's the definition of centralization. There's no proof of work, or proof of stake protecting the system. There's one company that publishes a list of a few other companies that they also trust. That's. Not. Decentralization. Not in any meaningful way. Try getting on that list and let me know how it goes.

They could skip a lot of steps and just, again, run all this through an RDS instance with some Merkle trees and publish a feed.

> Nope. There's no way for me and you to directly access SWIFT for deposits and withdrawals like we can sign up with TransferWise or send funds directly from one crypto wallet to the other. We have to go through our banks, who route transactions through chain of trusted intermediaries, who add their own processing fees.

There's no way to use Ripple to just "move money" without leveraging a fiat gateway. Exactly the same thing. You're comparing just the "swift" analog (Ripple) to the entire banking infrastructure. For example, I've got $20. How do I send it to my buddy in London with Ripple? I can't just "ripple" it. I need a fiat gateway, an exchange, I need to get a bank account at a real bank, deposit the money, move it to an exchange (1-2%, 3-5 days), then I need to pay a transaction fee (and I better not mistype the address otherwise it's gone for good) then my buddy needs to receive the Ripple, move it to his bank account (1-2%, 3-5 days), and withdraw it.

Or, I can just use Transferwise. It's much, much easier, and frankly, a lot less expensive.

> TransferWise cleverly bypasses this in balanced corridors where no money has to be moved though the network of financial institutions, but that's a very limited business. They are very far from serving the whole world at cheap rates, and their niche business is no indication of how much a typical international transaction costs.

What TransferWise is doing is how all forex works. Everywhere. SWIFT and Ripple included. No money ever actually moves between borders, just ledger entries. Ripple isn't doing anything novel.

> How reassuring. Sadly, banks do not pass on the savings to customers, and the entry barrier for newcomers with better pricing is very high. Even smaller banks are getting fucked, let alone retail customers.

Small customers can use Transferwise. Bigger customers can negotiate rates. Literally anyone can sign up for an InteractiveBrokers account and get those Forex rates. Probably easier than signing up for a shady fiat gateway/exchange for crypto. Another common misconception: Western Union isn't at all uncompetitive, and available the world over.

Small banks aren't getting fucked. They may not be passing on the savings but they could use IBKR if they wanted to. And SWIFT is not at all expensive for banks.

You've a deep misunderstanding of how the global economy works, sadly, and I suggest instead of getting swept up in this crypto madness, you learn more about how the global economy functions. Many of the problems you cite don't really exist, and neither do these supposed benefits.

> Look I think we're talking past eachother here

No, we're not talking past each other. At this point, you're arguing with your own source whether Ripple is centralized or not.

I don't agree with my source's conclusions but I do agree with their description: "Each participating node on the XRP ledger network has to trust a number of validators on the network for the Consensus mechanism to work [...], hence each node has a Unique Node List (UNL). All nodes are free to select validators they trust, but while the Consensus mechanism requires a certain overlap of nodes to ensure consensus amongst participants, Ripple issues a recommended UNL" -- that while not required for them to follow, in practice they all do anyways because in lieu of that who on earth would they trust? Unlike the conclusion my source drew, to me, this says:

1. A centralized entity issues a trust list. This is not decentralized, and it's not permissionless.

2. You must trust the entity, and their trust list. This is not trustless.

Once you throw out decentralized, permissionless and trustless, you're left with an RDS instance with extra steps.

I'll dig in more and see if I can refute my own conclusion.

(comment deleted)
Governments don't exactly bat 1000 on all laws being just. Crime is not a-priori evil.

But even outside that use case, crypto-assets are a perfectly reasonable hedge as a store-of-value; there's a case that an asset guarded with provable math represents a superior Schelling Focus [0] to "Full Faith and Credit of $NATION_STATE". And you can theoretically embed smart-contracts, pool resources reliably with m-of-n contracts, etc.

I'm happy to concede that these non-speculative use cases are relatively rare, and nowhere near justifying the valuation of BTC et al, let alone the ecological footprint (I legit think that PoW mining should be severely taxed, if not banned). Still, that value may be low, but it's not zero. I don't own a lot of crypto, but I consider it a reasonable inclusion in an asset portfolio: essentially shares of stock in a distributed free banking [1] experiment.

[0] https://en.wikipedia.org/wiki/Focal_point_(game_theory)

[1] https://en.wikipedia.org/wiki/Free_banking

I downloaded the app and your key is different from your passport. Verifying your passport just adds your key to the list of keys that can vote and get UBI payouts. Your passport confirms its expiration date. After your passport expires, you stop getting UBI.
I just checked their block explorer[1] and it looks like 98% of the passports are Chinese.

https://ubic.network

The chinese UBIC coin reached a very high OTC price there. A passport would generate about 4$ of daily income. This attracted a lot of people. Now that figure has halved.
That’s interesting. I need to spend more time and look into how this works.
Do you have a source for this? It's not listed on any exchange, so I wonder how people are using it.
This is no better than Libra or Fortnite VBucks: if you have to trust someone or some group, it's not a cryptocoin, it's just entries on someone else's ledger.
I don't understand what you mean... Even in bitcoin you're still trusting some group with a K of N majority agreeing on some software.
No, to verify the ledger you only need to trust the genesis block.
The iPhone app can't actually scan passports - they should make this clear on the website
Even if they did, would you trust it?
Yeah actually - if you know anything about how passports work, you can't actually do anything when interacting with the passport besides confirm its validity.
This is dangerously incorrect. Based on the level of authentication the reader is able to establish (this is likely only basic authentication), you can read the person's photo and other PII, and at higher authentication levels you can read out their biometrics.

Good luck rotating your fingerprints.

Oh shit I looked up the e-Passport specification and you're totally right. Well, at least I have my imaginary internet points :/
It does work, by putting the smartphone on the inner cover of the passport because some have an Aluminium shell in the cover. The chip can be on the first or the last page. Here is a video link: https://youtu.be/NqRPXYNtq7M
Oh that worked - thank you!
"Buy why?"

If you have proof of passport, you have proof of identity (at least up to the difficulty of obtaining a counterfeit passport - pretty expensive). If you have proof of identity, you have secure private online voting. You also have solved the astroturfing bot problems, and multiple-accounts problems on most communication platforms.

Want to get into cryptocurrency-specific applications? If you used that proof-of-passport design and issued an inflationary currency around it such that inflation was issued one-coin-per-passport, then you have a currency that auto-taxes the rich and auto-distributes a UBI (parameterized however you like). Could be governed via online voting. Would need to have considerable penalties (or bounties) to those who are found with fake passports though. This currency could be quickly substituted with effectively no usable difference to most people for anything currently purchasable with Bitcoin/Ethereum/etc. It could also be used as a decentralized asset registration system for non-cash assets. If enough people simply held and used this currency as opposed to other crypto or USD/etc, and enough started requiring buyers/sellers to use it (for political reasons at first, then later practical reasons) then its price would quickly stabilize and make it a reserve currency, and there's not much any other party could do to stop it. Participation in the economy could then effectively require use of this currency, which means effectively registering your assets and your accounts under a single identity and exposing those assets to automatic taxation in their effective value due to inflation. It is simply built into the system at that point. Though this inflation relationship could be set to be a net benefit users up to a net worth of e.g. 2 million USD equivalent.

This also opens the doors for automated anonymous auditing of assets, anonymous proof-of-ownership, etc.

Enter "but we could do this already without cryptocurrencies!" - sure, probably. But now you can do it without centralized control of the system by anyone.

> But now you can do it without centralized control of the system by anyone

Except ICAO's short list of centralized bodies issuing the passports you need to participate, an exclusive club of the same sort of government bodies that regulate traditional currency...

heh. True. Alright then, replace what I said with true decentralized Proof of Identity and consider this article merely another important step in that direction.

PoI is looking like it will have to be an amalgamation of different identity services anyway - something that is expensive, slow and hard to cheat at through the multiple providers. Passport is one piece of that puzzle

I am kind of shocked and glad to see someone has already built this -- for the last few years I have been thinking on and off about an electronic ID based crypto currency UBI.

I see the biggest challenges to the succes of such a project in:

- hardware difficulties: many android phones do not support the extended APDU commands necessary to use the digital signing application of the chip on the passport. If UBIC is not immediately usable on almost every phone, it may not find wide adoption. And an UBI like this only gains value through adoption.

- government restriction of passport use: afaik, the German ID card can only be used to digitally sign data from sanctioned sources, i. e. your service that uses the ID card to sign data must first authorize itself to the ID card using a valid certificate issued by a government certificate authority.

- government sabotage: while flooding the system with fake passport certificates might mean bad PR, the government ultimately controls all the trust anchors and will do this if UBIC gets dangerous. It's good to have different UBICs per country, this way the power of a single government is limited.

- privacy: since reliable passport revocation is not available, proof of passport is not enough to prevent multiple passport use. I think, aside from schemes where people meet in person and check each other's passports, only a non-anonymous proof of identity system will work.