The 4 people responsible for keeping Bitcoin going 🏭🧑🏭🔨

There’s been much talk about Bitcoin upgrades this week. Two, in particular, are doing the rounds among Web3 types: the Stratum v2 upgrade focused on changing how mining pools choose what transactions to verify, and BIP 324, designed to encrypt traffic between nodes.

SNOOZE. 

But before you click away and spend the next hour scrolling aimlessly through reels (just me? ok) have you ever thought about who keeps Bitcoin going? Who maintains the code, updates it, and ensures it keeps going? Well, I did this week. 

The currency, which has in its short history become a trillion-dollar project, and was designed to be a decentralized, community-driven project is actually maintained by just four people. Yes. Four people. A family saloon’s worth of humans maintains the code that keeps the lights on. But who are they? I decided to find out. 

Tiny Coding Club 👶

The first thing to say about the Bitcoin Core team is that they’re not really a team. Rather, it’s a cabal of individuals scattered across the world that congregate inside Bitcoin’s repository on Github, the Microsoft-owned website. Oh, and they meet up one or twice a year. 

The second interesting point is the coders are not paid in the traditional sense. While miners collect rewards from the network, there is no such luxury for Core maintainers. Instead, crypto companies and wealthy investors pay to sponsor Bitcoin Core maintainers and other key developers, through grants. Some of those companies included FTX and BlockFi, which have recently gone bust. More on that later. 

While Core maintainers have come and gone, a recent spate of resignations has left just four people responsible for maintaining the code. These people are: 

• Hennadii Stepanov, a Ukrainian citizen living in London. 
• Michael Ford handles the build system, and best guesses suggest he lives in Australia.  
• Gloria Zhao, a University of California, Berkeley, grad, writes and reviews code governing bitcoin’s transaction-validation process.
• Andrew Chow, a University of Maryland graduate, oversees programming related to digital wallets that allow investors to store their bitcoin. 
• Marco Falke, a European citizen who moves around a lot and focuses on testing is funded by Okcoin USA Inc., a crypto exchange founded in China. But he stepped down in February this year.  

A sixth member, Wladimir van der Laan, became the lead maintainer in 2014 but stepped away citing burnout and health issues. As a result, the maintenance, bug bashing, and performance of the Bitcoin network sits with this group of engineers. 

Since Bitcoin’s launch in 2009, 17 people have had access to change the code, according to a tally.

While you might be thinking, “What is there to maintain, surely the program runs itself?” I thought that until I heard about the inflation bug that nearly killed Bitcoin in 2018. 

In September 2018, a long-time Bitcoin developer spotted a bug that would, if found, allow hackers to spend Bitcoin more than once. Essentially you could copy and paste crypto. Core maintainers had to quickly build a patch, and release a new version of the software before someone found out. 

The flaw wasn’t disclosed until the bug was patched, to prevent panic in the markets. While such flaws aren’t common, the code requires constant maintenance. 

Wait, so why can’t these 4 people just run away with all the Bitcoin? 💸 

The Core maintainer's power is limited by the network itself. Bitcoin users running full nodes must opt-in to the code changes that Bitcoin Core maintainers approve, adding a layer of checks and balances to the protocol. 

There are also lots of other engineers that submit proposals and push commits to the codebase. Best guess there are around 300 active developers working on Bitcoin. But they are reviewed and ultimately approved by the four mentioned above. You can even watch this happen on Twitch. 

In the case of the 2018 inflation bug, the maintainers had to wait until more than 50% of the network updated its core software. This raises an interesting question: how good is the Bitcoin community at maintaining upgrades? Turns out it isn't great.

That’s because only a fraction of nodes ‘listen’ out for upgrades. These full nodes have open port connections that can be probed. However, not all full-nodes are listening nodes; some, hidden behind firewalls or configured to not actively listen for new connections, don’t have easily discoverable open port connections. Which is why China still has lots of miners operating despite the practice being banned in the country. 

Another issue is that not all nodes run the latest version of the Bitcoin Core software. Of the reachable nodes, only 36% run the latest version, making further upgrades and security improvements harder, as upgrades typically work in a linear fashion: i.e. you have to have all upgrades, you can’t skip previous ones.

But let’s go back to the four maintainers for a bit 🤔

As discussed earlier, the maintainers rely on grants from outside companies to pay for their hard work. Three of the maintainers rely on a grant from Brink, a nonprofit that takes donations and turns them into grants.  

But thanks to a market downturn, grant sizes have been shrinking, and maintainers are earning less than they were. At the same time, they have increasingly become targets for malicious actors.

Last year, Bitcoin Core Developer Luke Dashjr reported someone was trying to hack into his servers and managed to steal all his Bitcoin, worth $3.6 million. Later Dashjr’s name was used to sell code as an NFT. He has also spoken of how Core devs have been offered “considerable donations” for their cooperation.  

State-sponsored actors (read: China) are believed to have tried to infiltrate software releases approved by the core team. 

This raises an interesting point. In internet security circles, there’s a term people love to use when talking about hacking and breaking into things. The “attack vector” is the method someone would use to break into something. 

As the number of Bitcoin maintainers has dwindled, so the amount of money, time or effort, to exert influence over a group becomes easier. Indeed, recent research shows that 60% of all Bitcoin-related internet traffic flows through just three Internet Service Providers. That led to a flourishing of attacks on Bitcoin. According to recent figures, each month, at least 100 Bitcoin nodes are the victims of hijacks.

Now, this isn’t a fixed thing. Bitcoin does get upgraded, it’s what kickstarted this whole article. So it’s not defenseless. What it does raise is an interesting point about what we all entrust to keep something as massive as Bitcoin running. 

NOW you can go back to endlessly scrolling.

What People Are Shouting About this week 🗣️

• Bitcoin slumps below $29,000 after seller dumps the market - One trader managed to drag Bitcoin’s price down from the $30,000 highs it had been experiencing all the way down to $28,000. One order sold $467 million worth of Bitcoin, leading to a 5% slump in 15 minutes. That then rattled the futures market, where $25 million in bets on the price going up collapse. Nice to know one trader has that much power, doesn’t it?  
• Taylor Swift turned down a $100 million FTX sponsorship because she was concerned it was a security - The celebrities named in the litany of lawsuits surrounding FTX are facing a $5 billion in damages. Among them are Shaq, Tom Brady and Larry David. Do you know who isn’t among them? Taylor Swift. That’s because, according to Adam Moskowitz, a lawyer attached to the lawsuit, she wanted to know if FTX was selling unregistered securities. Because a satisfying answer didn’t come back, she sidestepped the deal. Taylor Swift 1 - Sam Bankman Fried - 0. 
• People are pissed at Gary Gensler, and some are trying to remove him from office - Gary Gensler is not liked, at least among crypto circles. That’s because he’s been tightening the noose around exchanges, and more recently cryptocurrencies themselves, for not conforming to securities regulation. In a Senate hearing this week, he faced criticism for not doing enough to clarify the SEC’s position on the crypto market. So much so, some Republican lawmakers are trying to get him kicked out of office by introducing a new bill. 
• Bhutan is being accused of stealing money from BlockFi and Celsius - the secretive nation of Bhutan, a country that still doesn’t have traffic lights, was secretly dabbling in crypto, according to recent crypto filings. Lawyers combing through the wreckage of BlockFi and Celsius found the country’s investment fund had been borrowing millions from the companies and seemingly making off without paying them back. 
• Coinbase makes moves to leave the US - Coinbase, the American exchange, hasn't been happy. That’s because it keeps having its wrists slapped by the SEC, who have taken a no-nonsense approach to crypto as of late. CEO Brian Armstrong has been in the UK this week telling Rishi Sunak what a great job he is doing on crypto regulation and is apparently planning to shift the company’s HQ there. Separately they have gained a license to operate in Bermuda and have started building out more non-US operations in the meantime. 

The at first glance incredibly boring, but in reality, incredibly insightful and interesting thing you should read this week 🤓

A bot has been making a killing in the DeFi this week. The creator, jaredfromsubway.eth, a reference to the disgraced former CEO of the sandwich chain made $1.67 million in two days by carrying out a sandwich attack. This is when the trader places an order for a token on a DeFi app. But before the order is complete, a bot snaps up the token, driving up the price, and then immediately selling it for a profit. 

To do that, the Jared bot spent $950,000 on Eth, or 7% of the total gas on the network. It’s being doing the same thing for months, racking up $7 million in fees, and more in profits. 

But in DeFi, this is completely legal, as exchanges by design aren’t allowed to get involved in arbitration matters. Here’s to the foot long. 

Chart of the week 📊

The number of mergers and acquisitions among digital-asset firms set a quarterly record in the first three months of the year, according to Architect Partners, an M&A advisory firm that has tracked such activity since 2016. There were 54 transactions in the period, almost 10% more than a year earlier, Architect revealed in a report.

Strange but true 😱

• Trump released a new NFT collection, crashing the floor price of his old collection - Trump is back with an abysmal collection of pictures of himself, taking a massive dump on symbols of American history by incorporating them into pictures of his beige mug. But that’s forced a dump of his last collection, going as low as 0.08ETH. It’s bouncing around a lot this week, but activity is up 117% as people are unloading them to cash in on the renewed attention. Can’t win ‘em all Donald.  
• Someone found a video of Caroline Ellison as a kid in a library - It’s all fairly harmless stuff. It’s kids talking about their favourite scary books. The former head of Alameda Research bagged the role of the narrator and presenter in the video, declaring her favorite scary book was Hitchhiker's Guide to the Galaxy. Mercifully, comments have been turned off. 
• Bitcoin mines are drowning out the sweet sounds of Niagara Falls - Two US Bitcoin mining firms have set up shop around Niagara Falls to take advantage of the cheap hydroelectric power the falls provide. But it means the mines are now drowning out the sound of the watery tones emitted by the Falls, so much so residents are losing sleep over it. One of the companies responsible for the whirring said they’ve “erected a plastic barrier” to combat it. Phew. 
• A hacker whole stole $3.4 billion worth of Bitcoin has been jailed, for one year - James Zhong who robbed the Silk Road internet marketplace in 2012 for 50,000 Bitcoin - or $3.4 billion worth of crypto - got his just desserts this week. The Southern District of New York believes Zhong should spend a grand total of one year and one day in jail for his crime, despite going to extreme lengths to conceal his ill gotten gains from law enforcement. Who said crime doesn't pay?  
• Facebook’s bet on the metaverse has lead to a “dumpster fire” inside the company - Poor Mr. Zuckerberg. While he’s been away on paternity leave, his company’s stock has slid 43% from where it was 19 months ago, and is laying off 30% of its workforce. It’s been described as a “dumpster fire” inside the company. Which of course, has led to memes popping up all over the place. My fave? One unlucky employee built a bot that would automatically calculate the loss in the value of Meta stock held by employees as they headed out the door. 
• The production company behind The Wolf of Wall Street is flogging NFTs - Yep, the film from 2013 that spawned an internet’s worth of memes, has earned its creators zilch. So Red Granite are, using NFT tech to claw back some of the joy they have given to the world. So for a measly $100 you can own collectible NFTs linked to scenes from the film. Or you can just Google them.  

That's your lot for this week!

Please like and subscribe, and do something nice for each other ok?

I love you all. 💋💋