Is every Initial Coin Offering a Scam?

OK. Stop! Please, just stop! I get this question every day. More and more people asking about ICOs. I get it… I am an early Bitcoin user, I give blockchain presentations, I write a blog, and I work for a standards association. And so, this is my definitive response to a very pesky question.

Ron, in New York City reads this Blog. He asks this:

I work for an investment bank. Some banks, like Merrill Lynch, are hostile toward Bitcoin and other cryptocurrencies. Others, like Fidelity are dipping their toes in the water. And some, like Morgan Stanley speak with forxed tongue—condeming and hedging at the same time…

My employer is preparing to embrace Bitcoin with gusto. Once regulatory guidelines become clear and unified, we will offer crypto trading, options, futures and margin accounts. I am already working on customer literature and compliance training. We will also use crypto as money in all operations—to pay staff & consultants or purchase supplies & utilities We will even accept Bitcoin and Bitcoin Cash as payment from clients.

So, please tell me: Why does our in-house crypto expert constantly warn our managers and clients that ICOs are scams? How can she condem an emergent commodity? ICOs have sparked a massive new investment class. Are they really scams?

Listen up, Ron! Pay attention to your crypto expert. Follow her advice. With very few exceptions, ICOs are all scams, plain and simple.

Why are almost all ICOs scams?

Initial Coin Offerings are scams because of:

  • The way that they are promoted
  • What investors must do to profit
  • Their fundamental purpose: Dodge securities regulations, create MLM pyramids, or facilitate pump & dump. None are are sustainable, ethical or legitimate goals!

For those intent on using, investing in, or advising others on ICOs, this article explains how to discriminate a scam from a credible and functional instrument. Note the list of traits just below the red “Scam” button. If the ICO that you are evaluating exhibits even one of these characteristics, treat it like The Plague or the Mark of the Beast. It is most certainly a scam.

Note that ICOs are not Altcoins. There is a big difference. Altcoins are forked from Satoshi’s blockchain code. They are open source, license free, permissionless, with a transparent mining history going all the way back to the genesis block. The ownership of all pre-mined coins is known and auditable. There is absolutely no MLM aspect to an altcoin. If there is any central or authoritative component, it serves only to aid in quicker governance decisions or to overcome the energy overhead associated with Proof-of-Work. There is never another valid excuse for an authority, because authorities are chokepoints.

Many altcoins are legitimate projects designed to trade value, or serve as a functional component of an IOT (Internet-of-Things) process. This is also explained in the definitive guide to Why ICOs are almost all scams. Some of the IOT altcoins attract speculators and hoarders seeking to profit from trades. This is unfortunate, and it intereferes with the utility of the token (IOTA is a clear example). But, just as with Bitcoin, speculator interest doesn’t define a scam.

What about altcoins. Are they as toxic as ICOs?

Referring to my own definition, above, many altcoins—perhaps even most—are not scams. But, I am pretty picky on the altcoins that I recommend, because most of the clever features and functional improvements introduced by altcoins will be ripped and folded into Bitcoin. It is inevitable.

Apt metaphor for ICOs

After all, Bitcoin has an enormous lead, it has already achieved a two-sided network, and none of the altcoins are protected by patent, trade secrecy or opacity. By definition, they are free, transparent and without any licensing or proprietary features.

I was never burned by an ICO, but I have certainly consoled friends and colleageus who have been sucked into them. Unlike many columnists and consultants, I am not beholden to issuers. So, if your wondering what is an ICO? It is a puss-filled boil on your privates. You may quote me on that. The article linked above is honest, unbiased and definitive.


John Oliver explains Bitcoin, Blockchain & Crypto (with precision & clarity)!

John Oliver is a crossover who bridges the art of a comedian with the reporting and perspective of a liberal political pundit. Even detractors acknowledge that Oliver addresses serious issues with unusual wit and humor.

I never thought Oliver could (or would) tackle the topic of cryptocurrency—at least not with value to the viewer. It is too geeky, and too esoteric. (It also cuts into my mission of evangelism and education). 🙂

He did, and he sparkles! Feel free to jump past the fluff. The Bitcoin tutorial starts at 3:40. Of course, my friend, Shechter, in Long Island New York will bust a gut over what Oliver says at 9:40. It is not only clear and concise, it is accurate and terribly funny!

Whether you are a Bitcoin newbie or a seasoned blockchain coder, this is the video you have been looking for. This one is durable.

Related Videos:

What sets cryptocurrencies apart from each other?

Today, I was asked to answer this question at Quora:

“What sets each cryptocurrency apart from the others?”

“Cryptocurrency” is a broad term. It refers to payment coins, of course—such as Bitcoin and Litecoin. But, because most tradeable tokens attain an asset value, the word is often used to refer to smart contract devices, such as Ethereum, a host of other blockchain based tokens, functional Internet-of-Things tokens, and even ICOs (Initial Coin Offerings). Since people treat ICOs and IOT tokens as investment instruments even if they are useless as a payment mechanism, they all fall within the realm of a cryptocurrency.

So, before addressing the question, let’s distinguish between Altcoins and ICOs. I assume the question refers to Altcoins, and not ICOs…

ICOs are almost all scams. A very few of these are designed to function in a well-defined IOT role (Internet-of-Things). But, any ICO that you are likely to hear about share one or more traits described here.

But Altcoins are different. These are typically forked from Bitcoin or another established blockchain-backed coin. They are created because developers feel that they have solved one or more of the problems that limit the growth or appeal of Bitcoin. For example, Bitcoin has (or recently had) all these problems or perceived limitations:

  • Transaction Malleability (Recently solved with activation of SegWit)
  • Speed of transaction (Now being addressed by Lightning Network)
  • Cost of transaction (Also addressed by Lightning Network early 2018)
  • Very high electrical demand by miners (Still a major problem)
  • Fairness of and speed of distributed governance process (a big problem)
  • Finding a validation incentive after mining runs out (a long term issue)
  • Deep privacy features. These are inherent to Monero and Zcash. (Bitcoin will soon support onion routing transactions to enhance privacy)
  • Disparate goals of miners, developers, vendors and users (still a problem)
  • Limited Smart Contract mechanism (Ethereum is the current king in this realm, with slick methods of administering and executing contracts. Bitcoin will eventually acquire these features & benefits.
  • Like ICOs (these are almost all scams), some Altcoins (not scams) address specific IOT applications. This is a legitimate and non-payment use of blockchain technology. It represents a promising evolution. It is not yet clear if Bitcoin can eventually adopt these features and function in a non-payment, IOT capacity. The intrinsic, stored value aspect of Bitcoin would make it difficult to use in such applications.

One big problem facing Bitcoin is that the distributed consensus mechanism that makes it a trusted, peer-to-peer mechanism is based on Proof-of-Work (POW). Coupled with a mining incentive that increases dramatically with exchange rate, Bitcoin is—quite simply—untenable. With consumption topping 33 terawatt hours in December 2017, it already consumes more power than some countries. If even 2% of the world’s payment transactions were settled in Bitcoin, the mining would consume more power than is generated throughout the world. This just cannot continue!

Fortunately, developers and armchair inventors have proposed or demonstrated clever POW alternatives to achieve a fair distributed consensus. Some of these use a Proof-of-Stake mechanism, while others add a limited central-authority nexus to facilitate governance and scaling. Some are built on a modified blockchain that weaken several pillars of a true decentralized, p2p network. Of course, researchers are concerned that these systems deteriorate the decentralized nature of Satoshi’s original blockchain.

But, other systems may allow for a fully distributed and democratic trust platform, such as BFT Replication (IBM) or Distributed Objective Consensus, which was proposed by an amateur mathematician.

In reply to the title question, Altcoins are set apart by their claim to address the above problems & limitations, or to add features.

Will an Altcoin Triumph over Bitcoin?

Perhaps, a few altcoins will thrive, due to specific niche advantages; features that Bitcoin chooses not to address, such as deep anonymity or with a novel utilitarian feature that facilitates a specific Internet-of-Things process.

Unfortunately for altcoins, all coins require public trust and transparency. For this reason, they are open source, permissionless, without licensing, without patent protection and with a fully disclosed pre-mining history. And for that reason, Bitcoin is free to steal any clever advantage that works. It’s all up for grabs and no one can be sued.

In effect, each altcoin as a beta test platform for Bitcoin. Now that Bitcoin is finally addressing the problems of scalability and fair/speedy governance, there is little doubt that it will continue to dwarf other coins.

Ellery Davies co-chairs CRYPSA, hosts the New York Bitcoin Event and is keynote speaker at Cryptocurrency Conferences around the world. Book a presentation or consulting engagement.

Building a Bitcoin ATM is easy, but…

…But offering or operating them engulfs the assembler in a regulatory minefield!

A photo of various Bitcoin ATMs appears at the bottom of this article. My employer, Cryptocurrency Standards Association, shared start-up space at a New York incubator with the maker of a small, wall mounted ATM, like the models shown at top left.

What is Inside a Cryptocurrency ATM?

You could cobble together a Bitcoin ATM with just a cheap Android tablet, a camera, an internet connection, and [optional]: a secure cash drawer with a mechanism to count and dispense currency).* A receipt printer that can also generate a QR code is a nice touch, but you don’t really need one. You can use your screen for the coin transfer and email for a receipt.

Of course your programming and user interface will make all the difference in the world. Your ATM must interface with an exchange—your own or a 3rd party.

If your plan is to sell Bitcoin and not exchange it for cash, then you don’t need a currency dispensing component at all. You only need a credit card swipe-reader and an RFI tap reader. Some models are smaller than a cookie and sell for under $30. They can be attractively embedded into your machine. In fact, some bank card processors offer them without cost.

I Have Built a Prototype. Now What?

Desktop ATM. No cash dispensed

Once you have a working prototype, you will need to test it with focus groups (alpha test) and at prospective public sites (beta test). You must also harden the production model against tamper and theft and find paying businesses or property owners, so that you can achieve economies of scale. (A reasonable business model requires that you produce dozens of devices each month).

Parts Cost: Bill of Materials

At scale, you can achieve a unit production cost of less than $200. But that’s for a desktop unit that does not accept or dispense cash. A high-quality and attractive machine that accepts cash and is free standing or ready for outdoor installation into a building exterior might cost you $650. You could sell these for $2,500 plus recurring fees to the property owner, depending on venue, or you might simply lease them, just as Xerox did in the early days of office copiers. (In a hotly competitive market, such as Las Vegas, you may need to pay a portion of your profits to the site, rather than profiting from ‘renting’ the ATM).

A Threat to Your Business

But wait! Before you run off and create an ATM venture of your own, with visions of a 350% profit margin, all is not as easy as it seems!…

Cryptocurrency ATMs intersect with a minefield of regulatory licensing and compliance standards. In many regions, they are not even legal for placement in a public area.

In most countries (including all of USA), you must be a registered Money Transmitter. You will need separate state licensing and—since you are moving cash in or out of the banking system—you must be partnered with a federally chartered bank. You will also need to post a hefty insurance bond—perhaps even for each machine and each municipality in which it is placed! These laws convey liability to both your clinet (the property owner) and to you. Many courts will hold the manufacturer of financial or medical products accountable for ensuring that their customers are licensed and compliant with regulations. That is, you may not be able to legally sell your ATM to organizations that have not demonstrated that they qualify to operate one.

Why is There a Camera in my ATM?

In all cases, you must capture photographs of your user and their state-issued ID, because you are required to know your customer and adhere to a slew of anti-money laundering practices. For example, with transactions larger than $2,000 (from anyone who is not known to you and a regular client), you must generate a Suspicious Activity Report. For transactions larger than $10,000, you must comply with RICO (Racketeer Influenced and Corrupt Organizations Act). This requires a camera, interview, and reporting process. You will be generating forms with data supplied by your user and possibly even a real-time verification of the facts they provide.

If you wonder why you needn’t do these things this when buying or selling your own cryptocurrency, it is because: (a) You are trading your own assets and are not the custodian of customer accounts; and (b) You are a consumer. It is likely that the exchange is required to do all of these things.

With Regulations, Can Bitcoin ATMs Generate Profit?

For the reasons described above, the operational cost of deploying and operating an ATM network (or your equipment for sale or rent) is significantly higher than the up front hardware cost. When you add the need to protect your venture from legal claims arising from process glitches or users that claim they lost cash or Bitcoin, you may arrive at an operational cost that makes your business model unworkable.

Of course, Bitcoin ATMs are profitable in some cases. I have consulted with a few start ups that operate them successfully in Las Vegas casinos, a few airports and race tracks, and at large outdoor fairs. But, for everyday use, the heyday of ATMs is most likely 5 or 10 years off. Before this happens, we need a more uniform and functional regulatory & insurance framework, and a higher volume of users per ATM.

Check out various Bitcoin ATM models below. Few manufacturers turn a profit. In the end, it boils down to location (high volume sites with the right people) and location (legal jurisdiction).

* One ATM startup found inexpensive hardware for dispensing currency by recycling mechanisms from bill-change machines used in game arcades or in hotels next to vending machines. These machines are being discarded, because newer vending machines accept credit cards and smart phone payment. But again, if you only plan to accept a credit or debit instrument for Bitcoin, then you don’t need a cash counter or dispenser.

Ellery Davies co-chairs CRYPSA, hosts the New York Bitcoin Event and is keynote speaker at Cryptocurrency Conferences around the world. Book a presentation or consulting engagement.

What happens to your Bitcoin if you die or forget passwords?

Legacy Method of Inheriting Assets

Many Bitcoin owners choose to use a custodial account, in which the private keys to a wallet are generated and controlled by their exchange—or even a bank or stock broker. In this case, funds are passed to heirs in the usual way. It works like this…

An executor, probate attorney, or someone with a legal claim contacts the organization that controls the assets. They present a death certificate, medical proxy or power-of-attorney. Just as with your bank account or stocks and bonds, you have the option of listing next of kin and the proportion of your assets that should be distributed to each. These custodial services routinely ask you to list individuals younger than you and alternate heirs, along with their street addresses, in the event that someone you list has died before you.

Of course, Bitcoin purists and Libertarians point out that the legacy method contradicts the whole point of owning a cryptocurrency. Fair enough.

Multisig to the Rescue

Using multisig would be far easier, if wallet vendors would conform to standards for compatibility and embed technology into hardware and software products. Unfortunately, they have been slow to do so, and there are not yet widely recognized standards to assure users that an implementation is both effective and secure. But, there is some good news: It’s fairly easy to process your ordinary account passwords and even the security questions with a roll-your-own multisig process. I’ve done it using PGP and also using Veracrypt—two widely recognized, open source encryption platforms.

This short article is not intended as an implementation tutorial, but if the wallet vendors don’t jump up to home plate, I may release a commercial tool for users to more easily add multisig to their wallets. It really is safe, simple and effective. (If readers wish to partner with me on this? I estimate that it will take $260,000 and about six months).

What is Multisig and How Does it Protect your Wealth?

Multisig allows anyone with credentials to an account, wallet or even a locked safe to create their own set of rules concerning which combinations of friends and relatives can access their assets without the original owner. The owner sets conditions concerning who, when, how much and which accounts can be accessed — and the heirs simply offer passwords or proof of identity. If implemented properly, it doesn’t matter if some of the heirs have forgotten passwords or died before the original owner.

This can be illustrated in an example. I am intentionally describing a complex scenario, so that you consider a full-blown implementation. Although the ‘rules’ listed below appear to be complex, the process for creating the associated passwords is trivial.

The last 2 rules listed below do not use Multisig technology, but rather Smart Contracts. It enhances an owner’s ability to dictate terms. Here, then, is the scenario…

I want heirs to have access to my assets
at banks, brokers, exchanges or other ac-
counts–but only under certain conditions:

  • If any 4 of 11 trusted family and friends come together and combine their passwords (or an alternate proof-of-identity), they may access my wealth and transfer it to other accounts
    • But, if one is my husband, Fred, or my daughter, Sue, then only two trusted individuals are needed
    • —But not Fred and Sue together (At least one must be an outsider)
  • If any account has less than $2500, then it goes to my favorite charity, rather than the individuals I have listed
  • None of my accounts can be unlocked by my heirs, until I have not accessed them with my own password for 3 months. Prior to that, the Multisig will fail to gain access.

Again, the decedent’s wishes are complex, but executing and enforcing these rules is trivial. In my presentations, I describe the method on two simple PowerPoint slides. Even that short description is sufficient to show anyone who has used common cryptography apps to weave their own multisig add-on.

Of course, each individual will need to locate their own secret password, but a biometric or other conforming proof-of-identity can be substituted. Even if several survivors cannot recall their credentials, the multisig method allows other combinations of individuals to access the assets across all accounts.

This article may leave you wondering about the legal process—and this is where I agree with the Libertarian viewpoint: Sure! The courts have a process and heirs should document their access and decisions for tax purposes and to assure each other of fair play. But a key benefit of cryptocurrency and the disintermediation offered by the blockchain is the personal empowerment of access with impunity and without waiting for any legal process.

Let the courts to what they do, while you honor the wishes of your dearly departed.

If this article generates sufficient interest, I may prepare a short tutorial on how to split off your own Multisig passwords, regardless of which wallet or hosted services you use. It will work with any vendor, app or gadget —or— Perhaps, I will refine my homespun solution and offer it as an add-on app that can be used with any wallet, bank account or exchange. Simple, ubiquitous and effective multisig should have been available to even traditional banking customers years ago!

Ellery Davies co-chairs CRYPSAhosts the Bitcoin Event and presents at Crypto Conferences around the world. Book a presentation or consulting engagement.

Have there been successful Transaction Malleability attacks?

First, let’s get some basics out of the way…

What is Transaction Malleability?

Here are 2 explanations of transaction malleability: [Coindesk] [TechTalk]

In a nutshell, Transaction Malleability is a weakness in the original Bitcoin implementation that enables a bad actor to change the unique ID of a bitcoin transaction before it is confirmed on the Blockchain. Such a change makes it possible for someone to pretend that a transaction didn’t happen, if all necessary conditions are in place.

As the Coindesk article points out, a successful attack requires certain conditions that make a successful attack difficult or even unlikely. Many analysts referred to it as a bug that should eventually be fixed, rather than an urgent issue.

Was This Flaw Addressed

Transaction malleability was addressed (for Bitcoin) with the introduction of Segregated Witness (SegWit) in August 2017. 1, 2

But Was There a Successful Attack?
Attack? Yes. Successful? It’s doubtful…

In March 2017, five months before SegWit was implemented, a mining pool that administers 2% of worldwide activity launched a malleability attack. No one lost money – and some individuals believe that they did this to emphasize urgency and hasten the adoption of SegWit.

What About Lightning Network?

The Lightning Network is a ‘Level 2’ network overlay, currently being adopted by miners (depending on the service or exchange, it is being incrementally activated in the first months of 2018). To function properly, it requires that transaction malleability be solved. But, in the event that a miner is not SegWit compliant, it can resolve the malleability problem in other ways.

1 SegWit should not be confused with SegWit2x, an upgrade process that was cancelled a few months later in November. 2017

2 In the TechTalk article linked above, the author concludes:

“Transaction Malleability is fixed with Segregated Witness by no longer taking into account signatures when calculating the transaction’s fingerprint. Fixing Transaction Malleability means that the Lightning Network can work smoothly.”

Ellery Davies co-chairs CRYPSA, hosts the Bitcoin Event and presents at Crypto Conferences around the world. Book a presentation or consulting engagement.

ICOs & altcoins rise and fall—yet, Bitcoin endures

At the end of 2017 and the first months of 2018, we witnessed a surge of interest in Initial Coin Offerings or ICOs. Perhaps the word “interest” gives too much credit to ICOs. Most are scams. ICOs are pushed through by vendor hype, rather than pulled through by investor research. They are almost all pump-and-dump schemes.

But what about Bitcoin? It is not a scam, but questions remain about regulation, intrinsic value* and its likelihood to be superseded by something better. Bitcoin skeptics point to two facts: (1) Bitcoin is open source, and so anyone can create an equally good altcoin. (2) Newer coins incorporate improvements that overcome governance and scaling issues: cost, transaction speed, the burgeoning electric needs of miners, or whatever…

While both statements are true, they miss the point. This is not a VHS-vs-Beta scenario. Bitcoin has achieved a 2-sided network and it is free to fold in every vetted improvement that comes along. For Bitcoin, all those other coins are simply beta tests.

Even the functional tokens will unwittingly feed their “improvements” into Bitcoin. For this reason, it is a safe bet that Bitcoin will reign supreme for years to come—perhaps even long enough for the dominos to fall.

Why I rarely consult to ICOs or prospective ICO investors

I recently presented at cryptocurrency expos in Dubai and Gujarat. As a result of these presentations, my organization now receives ICO pitch decks, white papers and business summaries—15 or 20 each week. About ⅔ are sent by investors asking for advice as an investment opportunity, while ⅓ are from issuers seeking accreditation from CRYPSA or at least a quote than can be used as a comfort statement.

The market potential for consulting to issuers and high-rolling investors is very alluring. Figuring that we could certify gems and advise the dogs (help them to create a more legitimate token), we put together a business plan to address a massive new consulting opportunity. But guess what?

… They are ALL dogs! That’s right! ICOs are scams. They are not the same as ‘altcoins’, which is a term more commonly used for open source forks of legitimate cryptocurrency platforms.

Now, the SEC has begun to investigate ICOs and for good reason. Most are thinly veiled scams to fleece widows and orphans by ducking under securities regulations. Others are MLM scams, proprietary mechanisms (in which founders or early partners hold all the cards), or they are simply poor/fake implementations of Blockchain services.

* How to spot an ICO scam (Hint: They are almost all scams!)

Few ICO tokens are credible, “functional” mechanisms that serve a purpose other than sheer speculation. What fraction are scams? More than 97% according CRYPSA.

To preserve our reputation, our organization has suspended a business unit created to endorse the few gems. Despite scores of applicants, we simply cannot find many worthy of accreditation, with the exception of a few Bitcoin forks. But, these forks are altcoins, and not really ICOs.

Nearly all ICOs that we analyzed fall into one of these categories…

  • Veiled securities offerings, designed to duck under securities regulations
  • Created for the express purpose of pump & dump (without clearly disclosing caps, reserves or pre-mined stakeholders)
  • A non-functioning coin that can only gain value through MLM. (This is not necessarily criminal, but outside our research and advisory mandate. Such coins are unlikely to provide value without quick, speculative trades and market timing that amounts to “dumb luck”).

So, what are the signs that an ICO is a scam? Is there anything you can do—short of hiring an expert—to evaluate each new proposal that comes along? We don’t advise or recommend holding such risky tokens—but for those attracted to the siren call of ICOs, here are six common tale tell signs that you are dealing with a scam:

  • If you received an announcement of an ‘Air drop’ or a coupon to get 25 or 50% bonus coins, it is a scam.  Stop and think: Walks like duck; talks like a duck.
  • If the value of coins is influenced by your ability to find new investors, it is a scam
  • If the coin is not based on Satoshi’s blockchain reference code, or is not open source, peer-to-peer and permissionless, then it is very likely a scam. (There are certain, limited exceptions)
  • If the coin is based on Tangle, then it is a scam—or at least, it is functionally useless—and therefore it is a bad investment risk
  • If the coin was pre-mined, then it is a scam. All mining by principals, insiders and early buyers must be disclosed and must be at least a full month after the first widely available public announcements
  • If any advertisement, announcement, affiliate contact or press release ends up in the hands of someone who did not independently contact the issuer for information and a prospectus, it is most definitely a scam

Are you like me?

Because most initial coin offerings exhibit these traits, I pass on opportunities to consult or present at organizations and conferences that cozy up to ICOs. This decision limits my participation at many crypto venues, but my conscience is clean and my Bitcoin future is secure.

Resist the siren call and keep your wits about you. You, too, can also avoid the illusory trap of ICOs. Run, hide or just ignore them. “These are not the coins that you are looking for.” (with apologies to Obi-Wan Kenobi and Alec Guinness).

* Related:

Ellery Davies chairs CRYPSA, publishes A Wild Duck and hosts the New York Bitcoin Event. He was featuerd at cryptocurrency conferences in Dubai, South Africa and India. Click Here to inquire about a presentation.