Saturday, November 25, 2017

Government backed blockchain for currency

Bitcoin, and blockchains in general, threaten a government's ability to enact monetary policy. This creates a rift between bitcoin and governments that will likely prevent its universal adoption in its current form. However, we can take the advantages of a blockchain and modify them in a way to create a government sanctioned and controlled blockchain that is still, to a degree, distributed and takes advantage of the efficiency of a digital and secure currency.

A government sanctioned blockchain based currency would need to have the government act as a central authority. What this means is that the government entity would be able to modify the rules of the blockchain to allow it to control the money supply, invalidate/reverse transactions, assign addresses to users, and possibly other ways.

A central authority would have access to private keys that would assert its identity. Using these keys, it could sign certain actions (special transactions) that would be recorded in the blockchain. For example, a government signed transaction could generate coins with no proof of work required (unlike how it is traditionally created through mining blocks). This would allow the government to "print money". Additionally, transactions signed by this authority could remove coins from an address, effectively erasing coins. Also, it could use its authority to possibly grant each citizen an address(es) that it approves of, tying that citizen to an address for tax purposes or other reasons.

Another powerful tool would be the ability to reverse transactions. Addresses of known criminals, or those who owe money to the government, could have their coins forcefully removed/garnished from their addresses. An advantage of this is that if someone was ordered to pay an amount, they could simply send the agreed amount to the recipient's address, proving publicly they paid the debt owed. This would also allow the government the ability to track transactions, monitor fraud/laundering, etc.

Several technical challenges exist with this setup. A single private key owned by the government would be susceptible to a rogue employee effectively destroying the economy if he had access to the key (as it could print money and take money from anyone). Actions signed by the central authority would have to be distributed across multiple agencies, where all agencies would be required to sign the action/transaction before it would be acknowledged and added to the blockchain. Additionally, the government entity would need to be able to revoke and grant keys. Perhaps only require a majority signed for a transaction (to avoid the issue of one lost key preventing the government from being able operate the blockchain).

The government entity would need to provide a significant amount of the mining power for the blockchain. It would need to in order to prevent attacks by foreign governments, and to assert the reliability and secureness of its digital currency. To encourage mining by the public, the government entity could arbitrarily control both the transaction fees and reward for mining a block. Since the govnerment entity provides a large portion of the mining power for the blockchain, it could pick up slack when temporarily lowering block rewards and fees it would accept. The large amount of mining power provided would also allow the government to prioritize government signed transactions.

An additional advantage of a central authority running a blockchain is that it would adapt very quickly to technical challenges. Things like controlling how often a block is created (to increase verification speed), how large a block is (to control the number of transactions verified in a given time span), control the block reward to control inflation, and even adopting new standards to modify how the blockchain fundamentally operates.

Blockchain based currency is still in its infancy stages and still needs time and heavy research to determine how to be utilized in a way beneficial to a government and its peoples, but the above are possible solutions to this problem that will allow a government to adopt a digital currency in a secure yet controlled manner.

Saturday, November 11, 2017

Bitcoin can't compete with fiat currency

Bitcoin's most important achievement is that it solves the double-spending problem. This allows, on a distributed and decentralized platform with no single authority, for digital credits to be spent in a verifiable and reliable manner. This means that if a transaction occurs using Bitcoin, you can verify that the credits spent only went to the address you specified.

The ability to avoid double-spending without a central authority means that trust is no longer needed to make transactions and assert identity. This allows you to do things such as sending digital credits to someone on the other side of the world without any concern over multiple banks communicating to transfer from one bank account to another and making sure it all occurs successfully. Additionally, blockchains inherently enforce identity by requiring a near impossible-to-break private key that only the owner of the credits has. This key allows the owner to publish transactions on behalf of the address they represent, asserting that they are who they say they are. This means that fraud cannot occur as long as your private key is secure.

While a powerful tool, blockchains suffers drawbacks that prevent it from being used as a mainstream currency. First and most importantly, is that it completely nullifies a country's ability to use monetary policy. This is dangerous as it prevents a government from working to prevent an economy from entering a recession or from overheating. To add to this, bitcoin is deflationary. The supply of Bitcoin is limited and by 2036, 99% of bitcoins that will ever exist will have already been mined. This results in hoarding (and less spending), real debt increasing over time, and a possible deflationary spiral.

Another vulnerability to bitcoin is that it is susceptible to a panic. All it takes is one time, and if bitcoin's price were to ever sharply dip (due to other reasons like adoption of other coins, government sanctions,  etc), it could create a panic where people start to sell en masse to avoid losses until the price went back up. This feedback loop would cause even more to sell until bitcoin were to eventually lose all value. If an economy relied on bitcoin for everyday business, this would cause an economic crisis.

Finally, Bitcoin has the problem of early adopters having a disproportionate amount of bitcoins. The original adopters were earning as much as 50 bitcoins every 10 minutes (worth roughly $360,000 now @ $7200/bitcoin). Large amounts of these bitcoins are tied up in addresses and have not been touched in years, causing uncertainty over the true money supply of bitcoins. The uncertainty of hundreds of thousands of bitcoins possibly flooding the market at any time could create a large disruption in the economy. The founder of bitcoin alone is estimated to have access to roughly 1 million bitcoins, or 5% of the entire bitcoin supply.

While bitcoin has value in being used as a currency, its inflexibility and inability to be controlled by governments will likely prevent it from ever reaching a scale that can compete with fiat currencies. In the same way that gold was banned from ownership and money moved to fiat in the 30s, so too will governments ban blockchains that threaten fiat currency and the government's ability to control the money supply. It is possible however, that governments will adopt a form of blockchain that uses a central authority (similar to IOTA for example) to both allow for a more efficient form of currency while still retaining control over it. Additionally, blockchains will continue to have value outside of monetary uses.

Saturday, February 20, 2016

PokeSynch - Original Pokemon Red/Blue/Yellow with multiplayer features

In my free time the past month I've been working on a modification to my GameBoy emulator specific to the original Pokemon games. The basic idea is to create a multiplayer feature for the games, which includes seeing other players walking around in the game, NPCs positions matching across games, and being able to trade also. These features are all enabled over the network, including online, and all run on the original Pokemon ROMs (this is not a new game that looks like the originals). Below is an example of what I have so far,

Two players in a game, where the NPCs are synchronized in their position.
Requesting a battle with the other player
Battle accepted, game on!
When the battle starts, a trainer battle is started.
The trainer is loaded up with your opponent's pokemon.
How it works is that, upon accepting a battle, a trainer battle is initiated on both player's games by changing a few memory values. When this occurs, the trainer's pokemon party is overridden with the remote player's pokemon party. At this point I now need to synchronize battle moves so that each player can make his move. 

For synchronizing remote players, unfortunately the game does not allow more than 16 sprites, so these remote players are "simulated" and drawn over the game's screen each frame. Additionally, if the player tries to walk into the remote player, the emulator will automatically override the memory value for collision detection to make the game think another unit is there.

For synchronizing NPCs, the NPCs are forced to not walk until the host player's NPC walks, then all clients have their NPCs scripted to follow the position of where the host player's NPC walked to. This is done by overriding memory in the game that tells it to keep walking and in which direction to walk.

I still have a ways to go, but at this point you can walk around and see other players and initiate battles.

Sunday, December 20, 2015

Updates on what I'm up to

I haven't been keeping up on my blog lately (or projects in general until recently), but I have a good reason! For the past year and some change I've been working hard on projects and learning as much about development as I can with the intent of finding a development job to start my programming career. After a lot of studying I felt I was ready and started applying around. One of the resources I used, in addition to LinkedIn and job posting sites, was is a recruiting platform that focuses on providing experienced and capable developers, who qualify through Hired's testing and screening process, a recruiter and a large selection of companies to be exposed to. The idea is that after setting up your page and having your recruiter improve it, they open your page for a short duration to hiring companies and actively promote you. Upon finding an interested company, an offer by the company will be made and you begin the interview process with them.

After going through a couple companies, I was matched up with Frontline Technologies that, after interviewing with, gave me an offer and a great opportunity in Chicago. I took it and started working there back in September. So far, I feel very fortunate to have gotten this job. The company has a management approach called "servant leadership", meaning that management exists to support its employees, and the company focuses very hard on the happiness of its employees as a means to increasing productivity. I'm very happy with my job and my co-workers are great; I am very lucky.

While I began working there using .NET and Visual Basic on one of their web applications (SaaS), I was able to be put on a greenfield project implementing web APIs for the backend of a new web app using Web Api 2 (C#) for ASP.NET. So far things are going great, and my team is an amazing group of developers. I have a lot to learn, and thankfully my teammates have been very helpful in that regard.

On the side I've been studying mostly front-end technologies included JavaScript and CSS (and Compass/Sass). I've also been learning MongoDB and Node.js for back-end. Additionally, a few weeks ago I started a new project called RedditBoost, which is a Chome web browser extension that enhances Reddit (with features including hover image/gif preview, user tagging, blocking of users for comments or links, hiding subreddits on the frontpage, and some other features planned).

Overall my skill as a developer has skyrocketed since I started my new job and it's exciting to see how much I can do now. I can't wait to see what I learn and accomplish in the future.

Sunday, December 13, 2015

Tutorial - Creating a Chrome extension with automatic script injection

Recently I started working on a Chrome extension for Reddit (which you can find here), and I hit a bit of a snag as far as getting it started. After some googling and random stack overflow pages, I was able to get going, but for those who just want to skip the homework, below is a quick guide to get you going.

The goal is to setup a Chrome extension that will, on every page, inject and run your JavaScript (which in this case, will make every page's background red).
  1. First, setup a directory and create some empty text files named "onLoad.js", "manifest.json", and "script.js".
  2. The manifest.json file is the configuration for your chrome extension. The following manifest is setup to load your script, "onLoad.js", on all pages. The injected script is "script.js", and it is added to "web_accessible_resources" so that it's allowed to be used. Finally, make sure to use manifest_version 2, which is the latest version (1 is deprecated).

  3. onLoad.js is loaded on every page, but unfortunately it lives in a separate area than the actual page. We want to actually inject, or embed, script right into web page. That way we can directly access elements and have the injected script behave as if it is a native part of the page. We do this by telling onLoad.js to find and insert our JavaScript file right into the current page on every page load.

  4. We're almost done, all that's left is to define our script and load the extension into Chrome. For now we'll do something simple; we will change the background of every page to red.

  5. Finally, lets install and test this extension. Follow the following steps.
    1. In Chrome, go to Settings->Extensions
    2. Check the "Developer mode" checkbox
    3. Click "Load unpacked extension..."
    4. Select your extension's folder and press OK
    5. After you are done testing, to disable, either uncheck the "Enabled" checkbox or click the trash can to permanently remove it
  6. Now that the extension is loaded, go to and see the background change to red. Good job!

Saturday, August 22, 2015

Camping and Website Authentication

Just got back from vacation and had a great time. We traveled up to Traverse City to see my Grandma and cousin; then stopped by Mackinac Island with our bikes to stay the night; then finally arrived at our destination in Tahquamenon Falls to spend the rest of the week camping with my dad, sisters, and brother-in-law.

After getting back home, I finally got around to adding authentication to my website ( While ASP.NET comes with several forms of authentication support built in, I decided to do it the old fashioned way as a quick learning experience. 

Implementing authentication was done using both the Session state and a User SQL table. The table has a UserName, Salt, Hashed (Password+Salt), and Authentication Level stored. When the user goes to the Manager webpage, if they are not authenticated, they are sent to the Login page. In the login page, they submit a username and password, where the username is found in the table, its corresponding salt is found and appended to the provided password, and that value is hashed and compared against the stored hash value. If they both match, the Session collection is updated with the UserName and Authentication level. When the user tries to access any protected pages, the Authentication level stored in Session is checked, and if it fails, the user is redirected to the login page.

Login page located at

The purpose of not storing the raw password in the database is to prevent a database breach from resulting in user's passwords being visible to the hackers, which, while not very helpful for security of your own website, prevents a user's username/password from being used on other websites. The salt is used as a way to prevent rainbow tables from allowing for easy password lookups on the database, since the hacker would have to create unique rainbow tables for each user.

As a final note, it should go without saying that doing any of this is a really bad idea unless you know exactly what you are doing. Security is an extremely serious topic and, unless you are an expert, should not be done in any serious setting. Additionally, any security related programming should be regularly audited by a third party security company/consultant.

Sunday, August 9, 2015

Update to ASP.NET

Last month I updated my website (mostly to present my projects better). The upgrade included using a free template I found online and then manually creating each page in HTML. The result looked alright but it was a pain to change most of the pages. If I wanted to add a new page, I had to update all the pages with the added link in the header. Or, if I wanted to insert a new project, I had to update the project index present at the bottom of all the project pages. Worse yet, it was very easy for one mistake to occur in all the copy and pasting.

I decided to upgrade to an ASP.NET Web App. The first step was finding all the common elements between each page and moving them to a single Master Page. The beauty of this is that if I need to add a new page to the navigation bar, I simply update the Master Page. Additionally, the projects directory has its own Master Page nested inside the main website's Master Page. It programmatically generates the project directory present at the bottom of each project page which makes things so much easier to update.

Finally, I was able to migrate to Microsoft's Azure web hosting platform. Previously, I had been using Dreamhost's VPS and a simple apache server that pointed to a root directory containing my static website. Now, the website is dynamically generated and updating the website is as easy as clicking the "Publish" button in Visual Studio.

As a final note, I decided to have a little fun with the site and added an web site manager page located at It's nothing fancy, but I added a view count tracker using a SQL database that holds a ViewCount entry that is incremented every time a new session is started. I don't actually care much about this (I'm sure most of the views are just web crawlers anyways) but it's a great chance to learn more. I think from here I'm going to add a login for the page and do things like have a table of unique IPs stored with a view count associated with each IP. What's nice is that I'm using the Azure hosting platform again for hosting the database. I was pretty impressed with the pricing, as the combined cost of the web app hosting and database hosting is roughly the same as a VPS with Dreamhost, which means I'll drop Dreamhost's VPS hosting altogether and just use it as a domain provider.

For those who want to check out the progress, I have the project hosted on GitHub. I made sure to use .gitignore for things like Web.config to prevent secure information (database password) from being released.