Authors Jonathan A. Poritz
License CC-BY-SA-4.0
NFTs: A great way to support
digital artists on the blockchain,
or a nifty tool for grifters?
Jonathan A. Poritz
jonathan@poritz.net
poritz.net/jonathan
17 March 2022
This slide deck, except where otherwise indicated, is by Jonathan Poritz and is released under a
Creative Commons Attribution-ShareAlike 4.0 International License.
An editable form of these slides is available at poritz.net/jonathan/share/NFTs4CSUP/ .
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 1 / 39
Land acknowledgement
Before we begin, we must acknowledge that those of us in Pueblo
and Colorado Springs are physically located at this moment within
the unceded territory of the Ute Peoples. The earliest documented
people in this area also include the Apache, Arapaho, Comanche,
and Cheyenne. An extended list of tribes with a legacy of occupa-
tion in this area can be found here: Colorado Tribal Acknowledge-
ment List.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 2 / 39
The plan for this presentation, and some notes
The plan:
• Our entry point to blockchains will be the widely known cryptocurrency 1 Bitcoin
• We’ll explain blockchains by talking about some building blocks from crypto2
• Some of those primitives use a fair bit of math, to which we’ll take a lightning visit.
• We’ll critique some common use cases of blockchains.
• NFTs are one such use case where the Emperor has absolutely no clothes on at all.
• The goal is for you to understand enough about this bit of cryptology that when you
read stories about it in the press (or hear some examples I will give) you shake your
head and wonder if you are crazy or if the world has gone insane.
Notes:
• There is too much on these slides, I will skim several of them (and probably add
some spoken material to others) – they are available at the URL on the bottom of
every slide, so feel free to copy and look at them later.
• I’ll do a fair bit of detail on some of the material, but if any of it sparks your interest,
there is a long slide of further references near the end that you can consult later.
• Don’t hesitate to stop me if you have any questions or comments.
1
it has become common to shorten cryptocurrency to crypto, but this conflicts with the use of crypto as short for cryptology, which is the way I use it!
2
see?
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 3 / 39
Origins of the blockchain whirlwind: Bitcoin
In October 2009, the pseudonymous
Satoshi Nakamoto posted a paper →
to a cryptography mailing list.
He or she shortly thereafter also
posted, to a FLOSS sharing site,
source code for a reference
implementation of the proposed
protocol.
3
At which point, Yoda could be heard muttering, “Begun, the Bitcoin Wars have.”
3
the full paper is here: bitcoin.org/bitcoin.pdf
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 4 / 39
Some bitcoin hype
Maybe not a good currency?
4
4
from the page Bitcoin price on coinbase; snapshot taken 10:57pm MT 16 March 2022; used by fair use.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 5 / 39
A fly in the ointment here, a few megatons of CO2 , there
Unfortunately:
5
5
from the page Bitcoin Energy Consumption Index on digiconomist.net; snapshot taken 10:59pm MT 16 March 2022; used by fair use.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 6 / 39
Diving into the deep end: how a blockchain works
Why does it consume so much power? I thought you’d never ask.
To answer, we must talk about how bitcoin works. The underlying technology is called a
blockchain, so we’ll talk a bit about How a blockchain works.
A blockchain is built out of three basic pieces [cryptographic primitives]:
• digital signatures,
• a cryptographic hash function, and
• a distributed consensus protocol.
The above three pieces are basically
• a really distinctive, highly personalized flourish one can add to digital files,
• a very effective way of fingerprinting digital files, and
• an method for group decision-making [for groups that meet only on the ’net, never
in person].
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 7 / 39
References for cryptology
Crypto tends to intimidate users, because they hear that small mistakes can be fatal. But
that is also true of many things in life, and we don’t let it stop us.
The other problem with crypto is that it is fairly mathy. Which is a feature, not a bug ...
to a mathematician, but maybe not to others.6
The good news is that there are great free/open resources on the ’net. For example:
• Chapter 4 of my open textbook Yet Another Introductory Number Theory
Textbook [YAINTT], which can be found at poritz.net/jonathan/share/yaintt.pdf
[although, being a math textbook, this is rather unabashedly mathy – even though
that Chapter has a lot of history and terminology.]; or
• Ed Felton’s [Princeton professor of computer science and Deputy Chief Technology
Officer under Obama] Nuts and Bolts of Encryption: A Primer for Policymakers,
found at https://www.cs.princeton.edu/ felten/encryption primer.pdf, which is not
mathy at all.
6
because the mathematical community has done a terrible job of sharing the joy and beauty of our subject!
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 8 / 39
Our protagonists, and an adversary
Most works of cryptology speak of two star-crossed lovers, Alice and Bob, who attempt
to keep the guttering candle of their love alight, though distance separates them and
their communications are being monitored by the evil Eve.
7
[Extra credit if you can name the two famous mathematicians who acted as models for these pictures of Alice and Bob.]
7
“Alice” and “Bob” images in the public domain; “Eve” from Pirate Riley. Aaarrhh Me Hearties! which is by peasap and is licensed under CC BY 2.0;
thanks, CC Search!
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 9 / 39
Why is Eve so powerful?
It’s important to realize that in many – maybe most – situations, it is entirely
appropriate to assume that Eve can see all the communication between Alice and Bob
while it is in transit. All of the channels you are used to using suffer from this:
• A cell phone is basically a walkie-talkie with infrastructure [the infrastructure being
all those cell towers all over the place]. Anyone with a radio receiver of the right
type who is within the footprint of the same tower can hear the entire exchange.
[Stingrays!] [although, actually, cellphone communications are highly encrypted]
• Satellite phones are much worse: the footprint is the size of a continent, often.
• Anything you do on the Internet is essentially public [unless encrypted].
Here is a diagram with some basic terminology:
Alice on public network Bob
plaintext/cleartext
message m
encrypts m to c
transmits c ciphertext c receives c
decrypts c to
recover plaintext m
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 10 / 39
Symmetric crypto
A symmetric cipher (or symmetric cryptosystem) consists of the following parts, all
known to both the communicating parties and the public in general:
• a message space M – the collection of all possible messages be sent
• a keyspace K – the collection of all possible keys
• an encryption algorithm which creates a ciphertext c = ek (m) for any choice of a
key k in K and a message m in M.
• a decryption algorithm which outputs a message dk (c) in M given ciphertext c and
a key k in K, which satisfies dk (ek (m)) = m for any k in K and any m in M – i.e.,
if you feed a message m into the encryption algorithm ek with key k and take the
output and put it into the decryption algorithm dk with the same key k, then you
get m back ... “ek and dk un-do each other” (mathematicians would say they’re
inverse functions).
Alice and Bob can use such a symmetric cipher by agreeing in private upon a key k in K
they will use for both encryption and decryption. For this reason, symmetric
cryptosystems are also called private key cryptosystems.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 11 / 39
Keys [for symmetric cryptosystems]
Because humans are not good self-critics, it is a good idea to publish your encryption and
decryption algorithms, to let others see if they can find any flaws.
If the algorithms are to be made public, the security of a cryptosystem must lie in some
other secret: the key.
private communication
Alice ←→ of shared key k in K ←→ Bob
on public network
message mA in M
compute cA = ek (mA )
transmit cA ciphertext cA receive cA
compute mA = dk (cA )
message mB in M
compute cB = ek (mB )
receive cB ciphertext cB transmit cB
compute mB = dk (cB )
etc....
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 12 / 39
Notes on symmetric cryptosystems
The keyspace K must be large, otherwise Eve can just try all keys and see which works
[which is called a brute-force attack].
Symmetric cryptosystems are fast — you can run a video stream through one without
noticing it on a consumer-grade PC.
The design of symmetric cryptosystems is something of a black art. There is little general
theory on the attack or defense side, and the algorithms tend just to be along the lines of
scramble the bits a lot. See, e.g., the pretty pictures on the Wikipedia page for AES
Some examples:
• The Scytale – ancient Greece
• The Caesar cipher – actually used by Julius Caesar. [addition mod 26...]
• The Vigenère Cipher – thought to be unbreakable for centuries. Easy to break today.
• The one-time pad – completely unbreakable; hard to use in practice (but see Leo
Marks’ Between Silk and Cyanide: A Code Maker’s War 1941-45)
• The Enigma machine – a German military coding device from WWII.
• Modern block ciphers like DES, triple-DES, AES, etc.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 13 / 39
Asymmetric cryptosystems, I
If Alice and Bob want to be able to communicate securely without ever having met to
exchange the symmetric key, they can instead use a different type of cryptosystem:
An asymmetric cipher (or asymmetric cryptosystem) consists of the following parts, all
known to any interested party, licit or il-:
• a message space M
• an encryption keyspace Ke
• a decryption keyspace Kd
• a way of associating encryption keys to decryption keys, by an algorithm E which
takes inputs from Kd and outputs things in Ke
• an encryption algorithm which creates a ciphertext c = eke (m) for any choice of a
key ke in Ke and message m in M.
• a decryption algorithm which generates a message dkd (c) in M given a ciphertext c
and a key kd in Kd , which satisfies dkd (eE(kd ) (m)) = m for any key kd in Kd and m
in M – i.e., dkd and eke un-do each other if ke = E(ke )
To use such a cryptosystem, Bob picks a decryption key kd , without telling it to anyone –
but he makes the corresponding encryption key ke = E(kd ) publicly available (probably
on his website). For this reason, ke is also called his public key and kd his private key,
while the whole system is called a public-key cryptosystem.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 14 / 39
Asymmetric cryptosystems, II
Graphically:
Alice on public network Bob
pick kd in Kd
compute ke = E(kd )
download ke public key ke publish ke
message m in M
compute c = eke (m)
transmit c ciphertext c receive c
compute m = dkd (c)
That this is possible at all is very cool. There are a few ways we do it, now, including
RSA (named after Ron Rivest, Adi Shamir, and Leonard Adelman, who published this
idea in 1977) and elliptic curves (which are more efficient but less commonly used, since
their mathematics is significantly harder to chew than what is behind RSA).
All asymmetric crypto relies upon a mathematical function which is easy to compute in
one direction but difficult to invert. For RSA, this is essentially multiplication forward
[easy], but factoring backwards [hard]. For other asymmetric algorithms, there are other
of these one-way functions.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 15 / 39
Some details of RSA
Alice on public network Bob
pick large primes p and q
compute n = pq
pick e ∈ N
with gcd(e, φ(n))
download ke public key ke publish ke = (n, e)
compute d = e −1 (mod φ(n))
message m ∈ Z
with 0 ≤ m < n
compute c = e(n,e) (m)
= me (mod n)
transmit c ciphertext c receive c
compute m = d(n,d) (c)
= c d (mod n)
Note that the message space here is M = {m ∈ Z | 0 ≤ m < n}, so actual text must be
broken into chunks [blocks] which can be represented by integers in that range.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 16 / 39
The “person-in-the-middle attack”
A significant issue with asymmetric cryptosystems is the necessity of a Public-key
Infrastructure [PKI], because of the dreaded person-in-the-middle attack:
Alice Eve Bob
generate keys:
public keB , private kdB
intercept keB publish keB
generate keys:
public keE , private kdE
download keE keE , spoof origin
message m in M
compute cA = ekeE (m)
transmit cA cA , intercept
extract the cleartext
m = dk E (cA )
d
change to m0 if desired
compute cE = ekeB (m0 )
spoof origin cE receive cE
read the message
m0 = dk B (cE )
d
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 17 / 39
Digital signatures
Therefore, we need to be sure that the public keys we use really do belong to the people
who we think they do. We do this either by getting the key from someone in person –
but that kind of ruins the whole idea of asymmetric crypto! – or we get a key in some
way that we are sure of its provenance. One way to be sure would be to have a digital
signature on the public key, signed by someone whom we trust. Signatures work like this:
Larry on public network Bob
pick kd in Kd
compute ke = E(kd )
download ke public key ke publish ke
message m in M
compute s = dkd (m)
receive (m, s) signed message (m, s) transmit (m, s)
if eke (s) = m
accept
otherwise,
reject
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 18 / 39
How to think critically about security/privacy/cryptography
Things to think about when learning and critically assessing cryptological gizmos:
• What exact problem was it designed to solve?
◦ What [exactly] are the inputs and outputs.
◦ What [precise] assumptions are made about who knows what, when?
◦ What [precise] assumptions are made about how the adversary will try to break the
system – what is the threat [or attack] model?
◦ What computational power is available to the allies and to the adversaries?
• How confident is the community in the effectiveness of the proposed technique?
◦ Is there a mathematical proof, based on just mathematical truths.
◦ Is there a mathematical proof that breaking the proposed technique would be
equivalent to solving some well-studied problem?
◦ Does the security of the proposed technique rest on some engineering factors – e.g., is
there a way known to break the technique if we could be a certain new kind of
computer?
and, often the most important issue by far:
• How reasonable are the assumptions in a real-world context where we want to use
this new technique?
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 19 / 39
E.g., thinking critically about digital signatures
The problem: Bob has a secret key with corresponding public key that is reliably known
to the whole community as being his. He also has a message he wants to sign.
Bob will transmit to Larry the message along with an extra piece of data, the digital
signature. Larry can use the widely known public key associated to Bob, the message,
and the signature data to determine if only someone who knew Bob’s secret key could
have produced that signature on that message.
In the case of RSA-based digital signatures, there is a mathematical proof that breaking
this signature scheme would amount to figuring out how to factor large numbers quickly,
at which many mathematicians have been unsuccessful for many years.
There is a way to factor large numbers if engineers can build a quantum computer. This
used to be thought of as far in the future, if ever even possible; now we think it might be
25 years or fewer off. So it will be possible to forge RSA signatures in ≤ 25 years.8
In the real world, it is very hard to keep a secret key secret forever. It is also very hard to
associate public keys to a public identity reliably. Therefore a robust PKI is a essential
for digital signatures to work in practice, and it is hard to make one and keep it healthy.
8
Actually, almost all digital signature schemes fall to quantum computers, not just RSA-based ones.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 20 / 39
Cryptosystems: what to remember
Encryption is important: messages on the Internet are as open as postcards.
Symmetric cryptosystems:
• Are fast.
• Have very little structure: “just fiddle with the bits.”
• So our confidence on them is based on smart people trying hard to break them, and
sharing their progress (or lack thereof) with the community.
• Require a previously shared secret key – key management.
Asymmetric cryptosystems:
• Are slow.
• Have a lot of mathy structure.
• So our confidence in them is based on math, although we do know many of them
break with quantum computers.
• Key management is crucial, particularly a Public Key Infrastructure [PKI]
Digital signatures:
• Are based on asymmetric cryptosystems.
• Strongly link specific messages to specific (public, private)-key pairs.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 21 / 39
Cryptographic hash functions
A cryptographic hash function is an algorithm which takes arbitrarily large chunks of data
as input, and produces a hash [sometimes called a digest] of a certain, fixed size – e.g.,
the most widely used cryptographic hash function today is called SHA-256 and it always
produces hashes consisting of 256 bits, no matter how big the input.
A hash function is called pre-image resistant if it is very hard9 given any particular
possible hash value, to find an input data chunk whose digest has that value.
A hash function is called second pre-image resistant if it is very hard, given one input
data chunk, to find a second which hashes to the same digest as that chosen first chunk.
Basically, a hash function is a blender into which you pour data, which blends all its input
thoroughly and produces a small output pellet. The pellet is almost unique to that set of
ingredients, in the sense that it would take many lifetimes of the universe for you to find
another set of input ingredients which would yield the same output pellet.
The problem is described above. Known hashing algorithms are quite complex and have
little mathematical structure. Therefore, it is very hard to attack them... but, also, there
are not any proofs that they do what we hope they will. Old hash functions, for example,
are no longer used because we now know how to break them.
9
meaning that, essentially, one should just have to keep trying random inputs until one gets lucky.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 22 / 39
Hash functions as message digests and for chains
Suppose I send you a big file and we want to be sure it didn’t get corrupted in transit. I
could compute a hash of that data on my end, you could do the same on yours, and I
could read you the digest over the phone – if they agree, we’d be quite certain the files
agree as well.
You can use hash functions to make immutable chains. Suppose we all agree on some
block of starting data, called the genesis block in the blockchain community. Then we
start attaching new blocks to the list of official, on-chain blocks, by some sort of
distributed agreement process, and also putting the hash of the previous block into each
new block on the chain – this is called a hash chain. If, afterwards, we have a dispute
about what the whole chain is, we could each run down the whole chain, checking that
each hash value in the nth block is equal to the hash of the (n − 1)st block. Since it is
hard to find second-preimages for good hash functions, this is impossible to forge, and
thus it is impossible to change the old blocks on an existing chain: hash chains are
immutable!
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 23 / 39
Hash functions to slow computers down
Suppose you want to slow someone down. You could had them a chunk of data and ask
them to find some other piece of data to add to that such that when they hashed the
big, joined data chunk, the output hash would end in at least five (or seven or ten or
whatever, depending upon how much you want to slow them down) 0s.
You couldn’t ask for them to find data which will make the hash value exactly equal
some given value, but instead this task of working to get a certain number of 0s can be
done, only with a lot of computation, by just trying over and over again.
The bitcoin protocol uses this method to slow down – and randomly assign a winner,
whoever found the second piece of data which makes the whole thing have a hash ending
in a certain number of 0s – all of the people working around the globe to verify
transactions made on the bitcoin network. The number of 0s needed to win this
competition can be changed as the total amount of computational power on planet Earth
dedicated to doing this (stupid, useless, but un-short-cut-able) work increases, so that
even with all that power, there will only be winner about once every ten minutes.
The total hashing power on planet Earth right now can do about 201.60 quintillion
SHA-256 hashes per second10 – that’s 2.01 × 1020 hashes per second. Much if this is in
special hardware in hashing farms which used to be in China.
10
see Bitcoin Hashrate Chart
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 24 / 39
Hash functions: what to remember
Hash functions crunch arbitrarily large input data files into a digest (think of it as a
fingerprint) which cannot be predicted and pretty much is unique to that input data
compared to all other datasets the human race is likely to create until the heat death of
the universe.
Also:
• They are fast.
• They have very little structure: “just fiddle with the bits.”
• So our confidence on them is based on smart people trying hard to break them, and
sharing their progress (or lack thereof) with the community.
• The community is pretty confident at the moment about SHA-256 (although md5
died a while ago and SHA-1 is considered too shaky to be trustworthy).
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 25 / 39
Distributed consensus
Suppose you have a block of transactions – maybe people submitting records of buying or
selling goods by transferring some artificial cryptocurrency among users – you want to
submit to a global, public ledger. It is important that everyone agrees upon what are the
valid blocks, because otherwise a bad actor could spend some cryptocurrency on one
transaction in one block, and the same cryptocurrency in another transaction with
someone else: this is the double-spend problem.
The easiest way for this to work is if there is a central party who collects all proposed
blocks and simply decides which ones will go on the chain, perhaps by
first-come-first-served, perhaps by playing favorites (or so people fear). Such a central
decision-maker is called a trusted third party [TTP] by cryptologists. Distributed
consensus is very easy, fast, and efficient with a TTP.
Without a TTP, as bitcoin tries to go, much more work is required. The bitcoin approach
is to make everyone do the “hash to get a certain number of 0s” game, and then publish
their winning extra bit of junk data. Whoever wins can prove it, with that data, and gets
to submit their preferred block to the global public ledger.
Sometimes, two people will win at the same time in different places, and the chain will
split. But if half of the network works on growing one chain and half works on the other,
pretty quickly it will be very likely that one will be quite a bit longer than the other, and
everyone will go over to the longer valid chain at that point.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 26 / 39
Wrapping up the blockchain bow
The term blockchain is used to describe a hash chain whose globally recognized
individual blocks are agreed upon by a distributed consensus protocol.
Generally, those who can submit blocks come from a very open group – potentially
anyone 11 – and follow some internal rules such as for maintaining a cryptocurrency ledger
or running an on-chain Turing-complete programming language [Ethereum, a company
based in the Crypto Valley, calls these on-chain programs smart contracts in an
essentially meaningless bit of excellent marketing].
Another differentiator between different blockchains is how the individuals in the group of
participants identify themselves. Generally, the choice is with some identity strictly
coupled (hopefully) to a real-world individual or entity or one where individuals act
through pseudonymous (hopefully12 ) IDs. Both require some kind of reliable PKI,
however!
Different blockchains use different consensus protocols: bitcoin’s proof of work has a
horrible carbon cost, is slow, etc. Another protocol is based on proof of stake, which is
less energy-intensive but amounts to formalizing a strategy of the rich always get richer.
11
Some people restrict this group and then talk about permissioned blockchains, but I think that is pretty much the same as freeze-dried water.
12
This has turned out to be much harder that it seemed it would be, e.g., in bitcoin’s case.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 27 / 39
Thinking critically about blockchains
Whatever particular version of a blockchain, the solution it provides [in the spirit of our
Thinking Critically About Security... strategy above] involves these key features:
• A chain of linked, sequential public records.
• This [hash] chain is immutable.
• Individuals participate in the blockchain through either pseudonymous or
intentionally real world-linked IDs supported by a robust PKI.
• The progress of the blockchain is realized by a distributed consensus protocol which
avoids putting its trust in any particular [third] party.
In short, blockchains are characterized as
• public
• immutable
• relying on a robust PKI
• eschew TTPs.
The constituent cryptographic pieces that realize these characteristics may or may not be
generally thought of as reliable, but the ways these blocks are combined is not much
subject to debate.
Whether the above characteristics are reasonable assumptions in any particular real-world
context is much more questionable....
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 28 / 39
Blockchains ... of limited use?
The integrity of the bitcoin ledger is based on a huge amount of (useless) work, needed
because cryptocurrency fanatics don’t trust the government: it’s all about the TTP.
Now what about other use-cases?
Educational institutions should “put student credentials on the blockchain:” it’s
public, immutable, and not subject to any single party’s control.
But this is nonsense. There is a natural TTP for a credential: the issuing institution!
OK, we need a functioning PKI, but so does a blockchain-based credential system (the
credential would have to be signed, in its form “on the chain,” as well).
Walmart will “put its supply chain on the blockchain.”
But this is nonsense. There is a natural TTP for a Walmart’s supply chain: Walmart
trusts Walmart!
Marijuana producers in Colorado will put their production records on a blockchain
so that the state marijuana oversight organization will be able to check that it has all
been produced according to state law.
But this is nonsense. There is a natural TTP here as well: that state supervisory agency!
Also, just having a cryptographically verified blockchain doesn’t mean that the data
entered in its blocks corresponds correctly with the real world: this is a misreading of the
idea of “trust” here.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 29 / 39
Cryptocurrencies
Cryptocurrencies at blockchains which allow actors to perform transactions which add or
subtract to their accounts.
“Actors” are defined as (public, private)-key pairs [!!!].
Those accounts are like bank accounts, they just have a number in them.
The transactions will deduct a number from an input account (or accounts) and credit it
to an output account (or accounts), often owned by different actors.
Since the numbers being added and subtracted are all just numbers, the units of this
“currency” are all fungible, one of the defining properties of an actual currency.
The consensus protocol makes sure the global community agrees upon the current values
of all accounts.
Doing the work to run the consensus protocol is called “mining,” and usually the actor
who succeeds in validating a block of transactions gets a reward of some amount of the
cryptocurrency.
The full hash chain, which records all transactions that have achieved consensus, is often
enormous: the Bitcoin blockchain is 395.79GB as of 11:35pm MT on 16 March 202213 .
13
see Bitcoin Blockchain Size
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 30 / 39
Finally, NFTs
NFTs put either entire digital objects into some blockchain, or, much, much more often,
just a reference such as a URL or an identifier on the IPFS (which is an Internet-wide
distributed storage mechanism that is something like a grown-up version of bit torrent).
The protocol does not treat these objects as numbers in an account like for a
cryptocurrency, so there is nothing at all like splitting up an object and depositing it in
some other accounts. In this sense, the objects are non-fungible.
Blockchains for NFTs have a special operation (in addition to something like mining for
cryptocurrency blockchains) called minting an NFT. This involves creating a block on
the chain which has the digital object in it, with some actor as the “owner.” Other actors
can then do transactions which transfer “ownership” of that data block to another actor
when compensated by real- or cryptocurrency. (Remember: here, “actor”=”key pair.”)
Additionally, the “owner” of a minted NFT can issue a transaction to the corresponding
blockchain, using the power that actor [key pair!]has to issue valid digital signatures,
transferring the ownership to another actor. This is often done in exchange for the
transfer of cryptocurrency (maybe even on the same blockchain), or simply a check for
real currency.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 31 / 39
Example NFTs
15
sold for $3,000 (accidentally)
14
on 11 December 2021
on OpenSea
sold for $69,346,250
on 11 March 2021
by Christie’s Auction House
14
Beeple, The First 500 Days; used by fair use
15
Bored Ape; used by fair use
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 32 / 39
Copyright and licensing issues for NFTs
As far as I understand things (but IAmNotALawyer!), minting an NFT is almost exactly
like putting some URL on a website I own along with a bit of text that says “I like the
artwork [or whatever] is at the end of this link.”
There should be no copyright consequences for that, it is not a copy!
Licensing that NFT would be very odd: does that short web page with URL and
statement even have enough creativity even to have a copyright? Rights for that page
should be (unless there are some platform Terms of Service or otherwise other contracts
signed) completely independent of rights over the object at the end of the link.
Of course, the platform that runs that blockchain [but wait a second, the whole point of
blockchains is that they are decentralized! ... but in practice, most NFTs are on
particular platforms] may have Terms of Service, or an auction house which helps inflate
the price of a NFTs may have contracts which buyers and sellers have to sign, that
require some intellectual property rights over the material at the end of the URL, and/or
which transfer those rights upon sale of the NFT.
Absent such legal instruments external to the NFT platform (which externalities really
give up on Lessig’s famous “code as law” approach to technology), the NFT per se seems
to be merely a way of publicly registering one’s patronage of an artist or artistic work16 .
16
If this is true, then there really should be no re-sale market in NFTs: “owning” the NFT is all about public support of the artist, so a third party
buying it from the original patron would not support the artist, nor would it gain the purchaser anything.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 33 / 39
The blockchain’s new clothes
I love the technology in blockchains. It is very beautiful computer science. I love teaching
this computer science.
But I don’t think Emperor Blockchain, in any of his forms (cryptocurrencies, “academic
credentials on the chain,” NFTs, etc.) has any clothes on.
I think approximately 100% of proposed blockchain applications make absolutely no sense.
I have been told by some blockchain enthusiasts that blockchains have magical properties
which I know for a fact they absolutely do not have. I don’t know if these people are
good or bad actors (the downfall of prominent blockchain enthusiast Alex Tapscott
proves that there are at least some bad actors), or have simply been misinformed.
It’s possible that this is case of regulatory capture by metaphor : computer scientists use
“trust” and many related words when talking about these topics – “trusted third party,”
“proof [of work, etc.],” “verifiable signature,” ... – but those are just metaphors! It is a
mistake to take them too literally, as seems to be done nearly universally in the
blockchain world.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 34 / 39
And yet this insanity continues: cryptocurrencies
17
17
from the page All Cryptocurrencies on CoinMarketCap; snapshot taken 11:39pm MT 16 March 2022; used by fair use.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 35 / 39
And yet this insanity continues: NFTs
18
18
from the page Highest Price NFT Stats on CoinMarketCap; snapshot taken 11:45pm MT 16 March 2022; used by fair use.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 36 / 39
It’s tulips all the way down
From the Wikipedia page Tulip mania:
“Tulip mania (Dutch: tulpenmanie) was a period during the Dutch
Golden Age when contract prices for some bulbs of the recently in-
troduced and fashionable tulip reached extraordinarily high levels,
with the major acceleration starting in 1634 and then dramatically
collapsing in February 1637. It is generally considered to have
been the first recorded speculative bubble or asset bubble in his-
tory. In many ways, the tulip mania was more of a then-unknown
socio-economic phenomenon than a significant economic crisis. It
had no critical influence on the prosperity of the Dutch Republic,
which was one of the world’s leading economic and financial pow-
ers in the 17th century, with the highest per capita income in the 20
world from about 1600 to about 1720. The term ”tulip mania”
is now often used metaphorically to refer to any large economic
bubble when asset prices deviate from intrinsic values.”19
19
From Tulip mania by Wikipedia contributors, CC BY-SA 3.0 Unported
20
An image of the tulip known as “the Viceroy” (viseroij), from Verzameling Van Een Meenigte Tulipaanen – the 1637 tulip book of P. Cos; in the
public domain because of publication date. The Viceroy bulb was offered for sale for between 3,000 and 4,200 guilders (florins) depending on weight
(gewooge). A skilled craftsworker at the time earned about 300 guilders a year.
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 37 / 39
Resources
I NFT Gains Mostly Go to Small Group of Investors: Study [Bloomberg]
I Mapping the NFT revolution: market trends, trade networks, and visual features —
Scientific Reports [From Nature]
I Non-fungible tokens (NFTs) [Slides from a presentation to the European
Observatory on Infringements of IP Rights
I Right-Clicker-Mentality [great short commentary by Cory Doctorow]
I Stephen Diehl’s Blog [a very insightful techie]
I Attack of the 50 Foot Blockchain [“Blockchain and cryptocurrency news and
analysis by David Gerard”]
I There’s No Good Reason to Trust Blockchain Technology [Wired article by Bruce
Schneier]
I Berkeley CS161 Cryptocurrency Lecture and Blockchains and Cryptocurrencies:
Burn It With Fire [videos of a class and a talk, resp., by Nicholas Weaver]
I Line Goes Up – The Problem With NFTs [wonderful (long!) video by Dan Olson]
I Web3 is going just great [excellent website covering the dumpster fire]
I Blockchain Pixie Dust [website by JP]
I Twitter feeds @davidgerard @smdiehl @ncweaver @web3isgreat
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 38 / 39
Discussion and contact info
Discussion!!
Contact info:
Email: jonathan@poritz.net ; Tweety-bird: @poritzj .
Get these slides at poritz.net/j/share/NFTs4CSUP.pdf and all files for remixing21 at
poritz.net/j/share/NFTs4CSUP/ .
If you don’t want to write down that full URL, just remember
poritz.net/jonathan/share
or poritz.net/j/share
or poritz.net/jonathan [then click Always SHARE]
or poritz.net/j [then click Always SHARE]
or scan −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−→
[then click Always SHARE]
21
subject to CC-BY-SA 4.0
https://poritz.net/j/share/NFTs4CSUP “NFTs - A nifty tool for grifters?” (17 March 2022) Hasan School of Business, CSUPueblo 39 / 39