skip to content

Top Stories of the Week - 11/4

Weekly Top Stories 110422

In the newsletter today we talk about Elon Musk’s moves at Twitter, drama in the lightning network community, and Coinbase’s addition of MEV rewards to its staking service. Subscribe here and receive Galaxy's weekly top stories, and more, directly to your inbox.

Musk’s Twitter Machinations

After completing the buyout of Twitter last week, Elon was quick to roll out changes to realizing his new vision for the social media platform. His first move was taking out the top leadership executives (CEO Parag Agrawal, CFO Ned Segal, and Legal Affairs & Policy Chief Vijaya Gadde), dissolving the firm's board, and assuming the role of sole director of Twitter.

Next, Elon said that Twitter would introduce a new revenue model for its verification service. Twitter users could pay $8/month for the Blue service to receive the sought-after blue checkmark verification badge. The new verification system would help Twitter reduce spam on the platform and cut down on bots, which has been one of Elon's stated intentions as part of the acquisition discussions. Elon called out Twitter's current verification practice or, in his words, the "lords & peasants system for who has or doesn't have a blue checkmark." In addition to providing members with fewer ads and the ability to post long video/audio, the Blue service would also provide Twitter with a revenue stream to reward content creators. Elon did note that public figures would have a secondary tag below their profile names as is already the case for politicians.

As rumors have been swirling since April of Elon integrating DOGE with Twitter for payments, the world largest crypto exchange by trading volume had launched the Binance Bluebird Index--an equal-weighted index containing the tokens DOGE, BNB, and MASK. While Dogecoin and Binance Coin are well-known tokens in the top 10 by market cap, MASK was relatively unknown prior to the launch of the Bluebird Index with a market cap of ~$50m. According to project's official website, the Mask Network "brings privacy and benefits from Web3 to social media like Facebook & Twitter - with an open-sourced browser extension" providing users with services and features including encrypted messages, ITOs (initial Twitter offerings) to launch new projects, NFT avatar verification services, social marketplaces to buy and sell NFTs directly from social media platforms, and decentralized file storage powered by Arweave. The price of MASK pumped more than 5x over the past week with its market cap topping $250m and breaking into the top 150 tokens as of writing.

Our Take

Under its new leadership, Twitter appears poised to enter the web3 movement and bring its daily active user base of 238m with it (less a portion that are bots, anon or burner accounts, and those that are protesting the platform because they do not agree with Elon's intentions to bring back some previously banned users). 

As already publicly verified users complain about the dilution of their blue checkmark status symbols and as historically non-paying Twitter users protest having to pay $8/mo to access premium features, they are underappreciating the new opportunities afforded by the new Blue verification system. Twitter was reported to be working on a "wallet prototype that supports crypto deposit and withdrawal." Having a population of verified users is necessary for integrating payments directly onto Twitter's platform. Existing money transmitter laws require payment intermediaries to perform KYC checks on its users. Twitter has already enabled some of its users to accept tips through integrations with third-party payment applications including Cash App and Venmo or separately just by including one's crypto address for P2P payments. Hypothetically, if Twitter implements the KYC checks on its new verified userbase and if Twitter obtains the necessary money transmitter and banking licenses, then Twitter can theoretically become a super app that offers financial services, commerce, identity, and other tools in addition to being a social media platform - similar to China's WeChat and AliPay. The social aspect is key to scaling rapidly and Twitter is in a position to potentially deliver crypto services to the masses. 

Of course, there are important benefits to keeping anonymous accounts and keeping ownership of one's own data, and Elon and Twitter have yet to officially confirm the direct integration of Dogecoin or any other token for payments. That said, the writing is on the wall for Twitter becoming a payments app given Elon's career history (former key developer of PayPal), his financial partners (CZ, the CEO Binance, provided a $500m equity investment to purchase Twitter), and his advisors (David Sacks, former CEO of Zenefits and former COO of PayPal). Binance's new Bluebird Index - a play on Twitter's logo - and, particularly the addition of MASK, is indicative of CZ's intention to support Twitter's foray into the web3 space. Regardless if Twitter ends up working directly with CZ and Binance, it's clear that Elon's plans for Twitter go far beyond just democratizing free speech. -CY


Lightning Network Drama

Bitcoin’s layer-2 payment platform, the Lightning Network, experiencedan exploit that could have put users’ funds at risk. The bug only affected Lightning nodes that were running on LND, the most popular Lightning Network client that’s developed by Lightning Labs. After the attack, users running Lightning nodes on LND experienced their nodes falling out of sync. The severity of the funds on Lightning being at risk forced Lightning Labs to release an emergency upgrade to their Lightning Client that included a patch for the bug. Additionally, Lightning Network nodes on LND that do not proceed with the emergency update will be exposed to malicious channel closings once channel timelocks expire in two weeks. Hence, if the out of sync LND nodes do not upgrade within the next two weeks, then the counterparty can close the channel without approval and seamlessly steal funds.

This is the second bug exploit to happen on LND in the past three weeks. Prior to the bug exploit this week, the same actor, who goes by the name of Burak, created a 998 of 999 multisig transaction that crashed much of Lightning Network by causing nodes to fall out of sync, which led to LND nodes not being able to parse new blocks, leading much of the Lightning Network to miss a block during its block production process. The recent vulnerabilities witnessed on the Lightning Network exemplifies that the highly sought-after layer-2 payment network for Bitcoin is still in its infancy stage.

Our Take

The most recent attack that exposed a critical bug on LND’s client is noteworthy considering that this bug was found by @ajtowns two weeks ago and presented to the Lightning Labs team. The recent attack appears to suggest Lightning Labs’ is not taking responsible disclosures seriously. The fact that @ajtowns disclosed the bug and Lightning Labs failed to take action for two weeks further displays the negative impacts associated with dismissing ethical disclosures. 

A notable development from this situation is the claim made by Lightning Labs founder, Elizabeth Stark, that “It appears the attacker is sponsored by @blockstream.” Stark’s comment, which she later deleted, insinuates that the motives behind the recent attack were fueled by Blockstream trying to gain a competitive edge from exposing their biggest competitor. The only supportive evidence to this claim is presented in the transaction that initiated the attack, which states “you'll run cln. and you'll be happy.” Cln is Blockstream’s Lightning Network client that runs on Bitcoin core instead of Btcd that is used by Lightning Labs. The different design choices presented with the implementations used by Blockstream and Lightning labs highlights the idea that despite Btcd and Bitcoin core being implementations of the same protocol (Bitcoin), they are still subject to tradeoffs. Further, because Btcd is written in the programming language Go and Bitcoin core is written in C++, different bugs can be introduced for two implementations of the same protocol. Historically, Btcd has been the top choice for Lightning Network developers, however, the recent bugs associated with Lightning clients that use Btcd implementations put a spotlight on the potential vulnerabilities associated with Btcd.

From this point forward, Lightning Labs should present the risks associated with nodes becoming out of sync and comprehensively address their reliance on Btcd. Without the broader Lightning Network community being aware of such risks, users are blindly trusting their funds with their Lightning client. Additionally, to combat against future bugs that cause nodes to fall out of sync, safety measures such as channel backings, which allow users to always have a copy of the most recent state, should be explored in order to provide adequate protection for Lightning users. The Lightning Network holds a great amount of significance for Bitcoin as it currently is the most promising solution to scale Bitcoin and increase throughput. Although the recent events discussed have put a small dent in Lightning’s reputation, development of Lightning will continue to improve as the network’s flaws are hashed out over time. -GP


2nd Largest Ethereum Staking Pool Activates MEV-Boost

Coinbase Cloud, the staking arm of cryptocurrency exchange Coinbase, announced that all customers staking ETH could now opt-in to receive additional rewards through MEV-Boost. MEV-Boost is a new software developed in partnership between Ethereum core developers and Flashbots. Flashbots is a research and development organization dedicated to mitigating the negative externalities of maximal extractable value (MEV) on Ethereum. For a detailed overview of what MEV is, how it is created, and its parallels to traditional finance, read this Galaxy Research report. MEV-Boost enables validators to earn additional block rewards from MEV by connecting validators to off-chain marketplaces known as relays. Relays oversee the auctioning of pre-built blocks from third-party builders to validators. Validators have the option to build their own blocks based on their local view of the Ethereum mempool. However, validators who choose to run MEV-Boost in conjunction with basic client software for operating a full node are reported to earn double in block rewards.

Coinbase controls 14% of total ETH staked on Ethereum. It is the second largest staking pool behind liquid staking protocol Lido, which commands just over 30% of total ETH staked. As of October 17, 2022, it was reported that 85% of Lido node operators were running MEV-Boost software and connecting to seven different relays. Notably, only 50% of blocks produced by Lido were from the Flashbots relay. This despite the fact the Flashbots relay dominates over 80% of MEV-Boost block production in general. Coinbase has affirmed that like their competitor Lido not all validators under their control will run MEV-Boost. It is unclear at this time what percentage of Coinbase validators will refrain from running MEV-Boost.

In addition, Coinbase like Lido will connect to multiple different relays. Lido enforces a “must include list” which dictates a list of relays that all validators running MEV-Boost software must connect to and a separate list of optional relays that validator node operators have the choice to include or exclude. It is unclear which of the 8 active relays on Ethereum Coinbase validators will be connecting to through MEV-Boost but regardless, it is unlikely that users will have a say when it comes to which relays Coinbase validators rely on to earn MEV. Like all major staking providers, Coinbase Cloud can operate multiple validators on a single node and the stake for a single validator could be deposited by multiple users which makes customizing MEV-Boost configurations to the preferences of every customer logistically very difficult, if not impossible.

Our Take

Since Coinbase Cloud’s announcement of their MEV-Boost activation on November 1, the share of total blocks produced through MEV-Boost has increased 14 percentage points. It appears half of the block production by new validators running MEV-Boost has come from censoring relays such as the Flashbots MEV Relay and BloXroute’s Regulated Relay while the other half has been produced by non-censoring relays such as BloXroute’s Max Profit Relay and Manifold Relay. Despite the decrease in the share of non-MEV Boost blocks as a result of Coinbase’s activation of MEV-Boost, it is a healthy and positive sign that 50% of new MEV-Boost block production is produced through non-censoring relays. The primary concern around MEV-Boost since the Merge has been the degradation of Ethereum’s censorship resistant qualities as a result of relay centralization. While the Flashbots relay continues to dominate as the most popular in the space, a closer look at the numbers behind the most recent spike in MEV-Boost adoption suggests the early beginnings of meaningful diversification and decentralization in Ethereum’s MEV infrastructure. 

As mentioned in a prior newsletter, the early adoption of MEV-Boost was coupled tightly with the adoption of the Flashbots MEV-Relay. It has been 50 days since the activation of the Merge and the launch of MEV-Boost. With close to 90% of all Ethereum validators now using MEV-Boost to earn additional block rewards, a decoupling of MEV-Boost from the Flashbots MEV-Relay is starting to take place. This is evidenced by the rise in the share of block production from alternative relays not operated by Flashbots. It is also evidenced by the creation of new performant relays in recent weeks such as relayooor.wtf Relay. In addition, the decoupling is hastened by the intentional diversification of validator to relay connections spearheaded by the likes of major staking pools such as Lido and Coinbase. It is still early beginnings and the share of non-censoring block production is still a far cry away from what it ideally should be from the perspective of many Ethereum developers which is 100%. However, given continued trends of relay diversification by staking pools, open-sourcing and knowledge sharing of MEV-Boost-related tooling by Flashbots, and continued research and development into protocol-level solutions for reinforcing censorship resistance by Ethereum core developers, there is a strong potential for Ethereum’s censorship resistant qualities to improve and become even more robust than before the Merge.  -CK


In Other News

  • Crypto exchange Deribit hacked for $28M in Bitcoin, Ethereum, USDC

  • Doge hype back after Elon’s twitter acquisition and Shiba Inu post

  • a16z wants to join Ooki DAO defense against CFTC

  • GameStop‘s NFT marketplace goes live on ImmutableX

  • STEPN launches MOOAR, the first NFT marketplace to adopt a membership model

  • Circle and Paxos are granted operating licenses in Singapore

  • JP Morgan executes first DeFi trade on public blockchain