A post by Stephen Diehl about Facebook Libra is making the rounds this morning. It makes a number of claims about flaws in the software. Many of these claims are factually inaccurate. I consider it to be a gish gallop that bombards you with a... | Tony Arcieri | Hi there. These days I dabble in cryptography, but in the past made the Celluloid actor framework for Ruby and the Reia programming language
Throws out his credentials, while good for context, its not really an argument point
Says BFT design is fine because Libra is designed for both Trust and Trust-less networks. This is not convincing, because in that case BFT should only be present in the "Trust-Less" mode?
Talks about transaction rate e.g the 1000 transaction/sec but this is not an "apples to apples" comparison as BACs + others preform many other checks e.g AML etc
Agrees that Move is unsound! then says its ok because there is a byte verifier, but he doesn't actually know if said verifier is sound!
He says the Crypto has been audited. This point is fine if true. But he then takes a cheap shot at Chris because he's blog doesn't have SSL, I don't think that was really needed for this discussion, I think it was in poor taste.
So to start off, the first claim that Libra is centralized is supposed to be debunked by the fact that Facebook has the option to not centralize it? The fact that centralization is considered at all is in issue in itself.
Tony might be motivated, but the details in this article are given with more confidence and nuance than in the " **Facebook Libra is Architecturally Unsound"** article. Not having the crypto background to fully comprehend the discussion, I would tend to find Tony's article more plausible, even though I have a natural distrust of FACEBOOK 's motives.
Arcieri's post is also just better-written. I *shouldn't* let that influence me ... but Diehl's post is full of typos and grammatical errors – I found these quite distracting while trying to read it.*
Whereas Arcieri correctly uses the subjunctive mood ("if it were to")...
*I was surprised, since "What I Wish I Knew When Learning Haskell" (and other things of Diehl's I've read) seemed well-written and clear.
I'm guessing creating a blog post vs a book have different levels of concentration?
While I agree typo's and the like are distracting, it shouldn't by any means invalidate the core points raised, which are rather serious!
.. That doesn't make any sense: Arcieri's piece is also a blog post. (Or am I supposed to assume that you agree that Arcieri is the better writer; and that if he *did* ever write a book, it would be of almost mind-blowing excellence?)
And when I say: "I *shouldn't* let that influence me ..." — you're supposed to pick up on the fact that I agree that any clumsiness in the writing doesn't invalidate the points made.
You can take another example in Huaweis own OS. It mostly just shows there's something there and a lot of marketing.
Like Facebook's libra, which was supposed to revolutionise and combine the financial market, Huaweis OS was supposed to revolutionise the way we deploy software to customers (by making one application rather than multiple binaries for different platforms/operating systems).
The only thing different from the two is that Libra had a github repo, while Huawei has **a lot** of Chinese fandom repos, all claiming some weird thing that just screams nationalism, and the supposed release of its source code was at first a giant pile of shite that was on the level of DOS (maybe, if it worked) and was very clearly not written by them.
I've come to the conclusion for myself, that things like Libra, Tiananmen OS, V-Lang and all those things that are mostly just giant fuck yous to people who are actually invested into these things, should just be ignored for the piece of mind. Like knowing that a child starves to death every minute is something that's usually pushed away as there's no direct action you can do to stop these massive inequalities.
Problem is they created a ton of political barrier,s due to concerns about competing currencies potentially taking power away from the U.S being able to effectively print money at will.
If they just launched it when it was ready, it would be a lot harder to stop if people were using it and satisfied with it.
so the way to get their demographic to trust it is by pushing something that's halfway done with serious problems to solve yet? I mean seriously if we intend to push people to digital currency we need to be extremely serious about it, and why that stephen gentlemen may not have completely done his due diligence he has a point that we need to really put these technologies through the ringer, it would be nice to see decisions made in libra get peer reviewed like the cardano folks do etc.. hype train can go both ways, and i think this one started going the opposite direction because it was premature
well that's his opinion, every time someone releases a white paper and code for a crypto, people talk shit about it and have opinions about why it's unsound, yet many of them launch and "work" just fine. consensus algorithms are not black and white, many people disagree and have theories about why something can't work, but those theories are not proven and can only be proven after the fact.
I'm not reading any hard fact or evidence in his article, mostly opinions without proof. Which is good that people take the time to do this, but there's always multiple sides to a story.
> yet many of them launch and "work" just fine.
Name a single cryptocurrency that "works just fine"
"works just fine" meaning solves a problem cheaper/more efficiently than existing solutions
Even the crown jewel cryptocurrency (Bitcoin) is barely even used because it doesn't "work" as a payment method.
The original article hit the front page of hacker news and then r/programming today. This response has been quickly climbing on hacker news this afternoon, so I guess r/programming should hear this side too.
> I suspect Facebook’s longer term plans, were they to actually launch Libra, are to move to a permissionless proof-of-stake model much like the one used by Cosmos
It seems really naive to think that if FB were to get a foothold in the currency markets with a permissioned product that they would later on go against their own interests and transition to a permissionless alternative (not to mention the massive legal and technical hurdles that this transition would require)
...but I don't know why I'm arguing against Libra, it's such an all-around terrible product, I should just keep my mouth shut. Facebook is tarnishing the idea of a "corporatecoin" for the next few years and doing all of us a favor in the process.
There shouldn't be two posts about the same thing on the front page. In most cases we'd merge the follow-up into the original, but since the points of view here are so opposed, it's going to seem like favoritism no matter what we do. My first crack at this is to let the opposing side have a hearing since the original has already spent many hours on the front page.
There are likewise some inaccuracies in this post. Both OPs seems to agree on the fact that Libra has no transaction privacy and then pick nits about features not being there at this point in time:
> Libra’s byzantine tolerance on a permissioned network is an incoherent design.
This post's argument rests on their being a unused flag in the configuration file for a feature which is not implemented. The Libra whitepaper indicates that a permissionless design is beyond their ability to implement at this time. There is no reason to believe a proof-of-stake model is what is intended. Even the whitepaper states:
> The challenge is that as of today we do not believe that there is a proven solution that can deliver the scale, stability, and security needed to support billions of people and transactions across the globe through a permissionless network.
> Libra HotStuff BFT is not capable of achieving the throughput necessary for a payment rail
This seems like some actual benchmarks that simulate real system load are needed before a conclusion can be made.
> Libra’s Move language is unsound
It seems like the OP takes a more traditional view of type checkers as a Haskeller programmer. Pushing type-checking to the bytecode level is a very nontraditional approach to compiler design and contradicts the original Libra whitepaper claiming to implement linear types. Libra does not do this provide any linear typechecker or formal verification at this time.
> Libra’s cryptography engineering is unsound
This section is subject to some debate. It seems there are some unpublished audits of the libraries that may lend credibility to the Rust libraries but are unpublished. The original post doesn't claim that they are insecure, just that the more audits and testing the libraries undergo the more trusted they should become trusted (i.e. libsodium).
It also seems that Libra implements a lot of extraneous next-gen crypto that is dead code and not used for any purpose in the core logic.
> Libra has no capacity for consumer protection mechanisms
The section agrees with the OP that this does not exist.
I'm by no means a fan of Facebook and Libra, but Diehls post felt far from frontpage worthy to me.
> Stephen Diehl doesn’t understand cryptography, but sure has a lot to say about it.
This is how I felt about the entire post, to be honest.
It felt like a consultant on a mission, who doesn't really understand the topic, only took a cursory glance at a project, and yet berates it extensively. All while sprinkling in some of his particular knowledge, giving a false sense of technical expertise.
The section critiquing the critique of the cryptography is quite good.
That said, can we please all agree that a prediction of probable future action is not a defense of the status quo?
> I suspect Facebook’s longer term plans, were they to actually launch Libra, are to move to....
>...it’s being worked on, and it certainly has “the capacity” for them.
This is all well and good but it's certainly not a thing that is happening now. At the very least I would like to see Facebook write down that they intend to do these things before I accept this as a justification.