‘Mantra sciences’ is just poor fantasy

I don’t know how the author of a piece in the Times of India managed to keep a straight face when introducing a school based on Vedic rituals that would “show the way” to curing diseases like cancer. Even the more honest scientific studies that are regularly accompanied by press releases proclaiming “the paper is a step in the right direction of curing cancer” tend to be unreliable thanks to institutional and systemic pressures to produce sensational research. But hey, something written many thousands of years ago might just have all the answers – at least according to Jaya Dava, the chairperson of the Rajasthan Sanskrit Academy. Excerpt:

Proposed in 2005, the Rajasthan government’s research institute to study the science of ancient Hindu texts, the first-of-its-kind in the country, is all set become operational soon. On Monday, the Research Institute of Mantra Sciences (RIMS) or the Rajasthan Mantra Pratishtan, under the Jagadguru Ramanandacharya Rajasthan Sanskrit University (JRRSU), called for applications from eligible candidates for various posts, including that of teachers. The then education minister, Ghanshyam Tiwari, had first proposed the institute in 2005. While presenting the concept, inspired by ‘Manusmriti’, the ancient Hindu book of law, Tiwari had quoted a verse from the text, ‘Sarvam vedaat prasiddhyati’ (Every solution lies in Vedas), in the state assembly.

So the RIMS is being set up to further the ideals enshrined in the Manusmriti, the document that supposedly also talks about the caste system and how anyone trapped in it has doomed all their descendants to never being able to escape from its dystopian rules. Second: apart from having been mooted by a state’s education minister, the Jagadguru Ramanandacharya Rajasthan Sanskrit University is a state institution utilising public taxes for its operation. Don’t the people get a say in what kind of magic-practising institutions their government is allowed to set up? Hogwarts was at least entertaining and nicely written.

I’m just anguished about the Hindutva brigade’s poor imagination when it comes to epic fantasy. For example, according to Dava, “reciting verses such as ‘Achutaya Namaha’, ‘Anantaya Namaha’ and ‘Govindaya Namaha’ have helped in treating cancer patients.” Helped in what way? If we had a quantifiable measure that other people could try to replicate, we’d be working towards having an internally consistent system of magic – but no.

Also, in a world without cancer, is anybody even thinking about the numerous emergent possibilities? For starters, by 2020, we’re going to have $150 billion left unspent because cancer drugs are going to be useless. And India’s B-grade film industries are going to have to come up with new ways to make forlorn ex-lovers spurt blood and die. And David Bowie and Alan Rickman would still be alive. And chanting hippies would be the new millionaire oncologists. The possibilities are endless. More, according to Rajendra Prasad Mishra, who headed RIMS for a decade from 2006,

“The answer as to how a simple line drawn by Lord Ram prevented the mighty king Ravana from crossing over lies in Vedic science. This ancient wisdom, if discovered, can safeguard India from our enemies by drawing lines across the borders. The chanting of mantras, with the right diction, pronunciation and by harnessing cosmic energy, can help in condensing vapours and bringing rain. This can solve the major problem of water scarcity.”

But conveniently, this wisdom is considered “lost” and has to be “found” at a great cost to a lot of people while the people doing the finding look like they’re doing something when they’re really, really not. Maybe its writers wrote it when they were 20, looked back at it when they were 40, figured it was a lot of tosh and chucked it into the Saraswati. I’ve no issues with magic myself, in fact I love fantasy fiction and constantly dream of disappearing into one, but I sure as hell don’t want to exist in a realm with infinite predictability shoved down everyone’s throats.

Notice also how people are completely okay with trusting someone else who says it’s a good idea to invest a lot of money in a scheme to make sense of which very few people are supposed to possess the intellectual resources, a risk they’re willing to take anyway because it might just them more powerful – while they actively stay away from cryptocurrencies like bitcoins because they suspect it might be a Ponzi scheme? Indeed, the powers that be must be vastly more resourceful in matters of the intellect than I to be able to resolve this cosmic cognitive dissonance.

Featured image credit: stuarthampton/pixabay.

The federation of our digital identities

Facebook, Twitter, email, WordPress, Instagram, online banking, the list goes on… Offline, you’re one person maintaining (presumably) one identity. On the web, you have many of them. All of them might point at you, but they’re still distinct packets of data floating through different websites. Within each site, your identity is unified, but between them, you’re different people. For example, I can’t log into Twitter with my Facebook username/password because Facebook owns them. When digital information becomes federated like this, it drives down cross-network accountability because my identity doesn’t move around.

However, there are some popular exceptions to this. Facebook and Twitter don’t exchange my log-in credentials – the keys with which I unlock my identity – because they’re rivals, but many other services and these sites are not. For example, I can log into my YouTube account using my GMail credentials. When I hit ‘Submit’, YouTube banks on the validity of my identity on GMail to log me in. Suddenly, GMail and YouTube both have access to my behavioral information through my username now. In the name of convenience, my online visibility has increased and I’ve become exposed to targeted advertising, likely the least of ills.

The Crypto-Book

John Maheswaran, a doctoral student at Yale University, has a solution. He’s called it ‘Crypto-Book’, describing its application and uses in a pre-print paper he and his colleagues uploaded to arXiv on June 16.

1. The user clicks ‘Sign up using Facebook’ on StackOverflow.


2. StackOverflow redirects the user to Facebook to log in using Facebook credentials, 3. after which the user grants some permissions.


4. Facebook generates a temporary OAuth access token corresponding to the permissions.

5. Facebook redirects the user back to StackOverflow along with the access token.



6. StackOverflow can now access the user’s Facebook resources in line with the granted permissions.

Crypto-Book sits between steps 1 and 6. Instead of letting Facebook and StackOverflow talk to each other, it steps in to take your social network ID from Facebook, uses that to generate a username and password (in this context called a public and private key, respectively), and passes them on to StackOverflow for authentication.

OpenID and OAuth

It communicates with both sites using the OAuth protocol, which came into use in 2010. Five years before this, the OpenID protocol had launched to some success. In either case, the idea was to reduce the multiplicity of digital identities but in the context of sites like Facebook and Twitter that could own your identities themselves, the services the protocols provided enabled users to wield more control over what information they shared, or at least keep track of it.

OpenID let users to register with itself, and then functioned as a decentralized hub. If you wanted to log into WordPress next, you could do so with your OpenID credentials; WordPress only had to recognize the protocol. In that sense, it was like, say, Twitter, but with the sole function of maintaining a registry of identities. Its use has since declined because of a combination of its security shortcomings and other sites’ better authentication schemes. OAuth, on the other hand, has grown more popular. Unlike OpenID, OAuth is an identity access protocol, and gives users a way to grant limited-access permissions to third-party sites without having to enter any credentials (a feature called pseudo-authentication).

So Crypto-Book inserts itself as an anonymizing layer to prevent Facebook and StackOverflow from exchanging tokens with each other. Maheswaran also describes additional techniques to bolster Crypto-Book’s security. For one, a user doesn’t receive his/her key pair from one server but many, and has to combine the different parts to make the whole. For another, the user can use the key-pair to log in to a site using a technique called linkable ring sgnatures, “which prove that the signer owns one of a list of public keys, without revealing which key,” the paper says. “This property is particularly useful in scenarios where trust is associated with a group rather than an individual.”

The cryptocurrency parvenu

Interestingly, the precedent for an equally competent solution was set in 2008 when the cryptocurrency called bitcoins came online. Bitcoins are bits of code generated by complex mathematical calculations, and each is worth about $630 today. Using my public and private keys, I can perform bitcoin transactions, the records of which are encrypted and logged in a publicly maintained registry called the blockchain. Once the blockchain is updated with a transaction, no other information except the value exchanged can be retrieved. In April 2011, this blockchain was forked into a new registry for a cryptocurrency called namecoin. Namecoins and bitcoins are exactly the same but for one crucial difference. While bitcoins make up a decentralized banking system, namecoins make up a decentralized domain name system (DNS), a registry of unique locations on the Internet.

The namecoin blockchain, like its website puts it, can “securely record and transfer arbitrary names,” or keys, an ability that lets programmers use it as an anonymizing layer to communicate between social network identities and third-party sites in the same way Crypto-Book does. For instance, OneName, a service that lets you use a social network identity to label your bitcoin address to simplify transactions, describes itself as

a decentralized identity system (DIS) with a user directory made of entries in a decentralized key-value store (the Namecoin blockchain).

Say I ‘register’ my digital identity with namecoin. The process of registration is logged on the blockchain and I get a public and private key. If Twitter is a relying partner, I should be able to log in to it with my keys and start using it. Only now, Twitter’s server will log me in but not itself own the username with which it can monitor my behavior. And unlike with OpenID or OAuth, neither namecoin or anyone on the web can access my identity because it has been encrypted. At the same time, like with Crypto-Book, namecoin will use OAuth to communicate with the social networking and third-party sites. But at the end of the day, namecoin lets me mobilize only the proof that my identity exists and not my identity itself in order to let me use services anonymously.

If everybody’s wearing a mask, who’s anonymous?

As such, it enables one of the most advanced anonymization services today. What makes it particularly effective is its reliance on the blockchain, which is not maintained by a central authority. Instead, it’s run by multiple namecoin users lending computing resources that process and maintain the blockchain, so there’s a fee associated with staking and sustaining your claim of anonymity. This decentralization is necessary to dislocate power centers and forestall precipitous decisions that could compromise your privacy or shut websites down.

Services like IRC provided the zeroth level of abstraction to achieve anonymity in the presence of institutions like Facebook – by being completely independent and ‘unhooked’. Then, the OpenID protocol aspired, ironically, to some centrality by trying to set up one set of keys to unlock multiple doors. In this sense, the OAuth protocol was disruptive because it didn’t provide anonymity as much as tried to provide an alternative route by limiting the number of identities you had to maintain on the web. Then come the Crypto-Book and blockchain techniques, both aspiring toward anonymity, both reliant on Pyrrhic decentralization in the sense that the power to make decisions was not eliminated as much extensively diluted.

Therefore, the move toward privatization of digital identities has been supported by publicizing the resources that maintain those identities. As a result, perfect anonymity becomes consequent to full participation – which has always been the ideal – and the size of the fee to achieve anonymity today is symptomatic of how far we are from that ideal.

(Thanks to Vignesh Sundaresan for inputs.)

Rethinking cryptocurrency

I’m still unsure about bitcoins’ uncertain future as far as mainstream adoption is concerned, but such issues have been hogging media limelight so much so that people are missing out on why bitcoins are actually awesome. They’re not awesome because they’re worth about $800 apiece (at the time of writing this) or because they threaten to trivialize the existence of banks. These concerns have nothing to do with bitcoins – they’re simply anti-establishment frustrations in post-recession era. Bitcoins, and other cryptocurrencies like it, are awesome because of their technical framework which enables:

  1. Public verification of validity (as opposed to third-party verification)
  2. Zero transaction costs (although this is likely to change)

Thinking about bitcoins as alternatives to dollars only five years into the cryptycurrency’s existence is stupid. Even scoffing at how steep the learning curve is (to learn about how to acquire and moblize bitcoins) is stupid. Instead, what we must be focusing on are the characteristics of the technology that makes the two mentioned techniques possible because they have great reformative potential in a country like India (if adopted correctly, which I suppose is a subjective ideal, but hey). Zero transaction costs enable individual and small enterprises to avoid painful scaling costs, while public verification enables only value to be transferred across a network instead of forcing two parties to share information unrelated ot the transaction itself with a bank, etc. Here’s my OpEd on this idea for The Hindu.

Bitcoins and the landscape of internet commerce

In a previous post, I’d laid out the technical details of what goes into mining and transacting with bitcoins (BTC). My original idea was to talk about why they are an important invention, but also felt that the technology mattered enough to merit a post of its own.

BTCs are not a fiat currency. That means they’re a kind of money that has not acquired its value from a government, a government-backed organization or a law. Instead, BTCs acquire their value by assuring security, anonymity and translatability, and are most suited for performing transactions that could do without incompetent interference from banks and public bodies. In short, BTCs are not government-backed.

They’re ‘produced’ by users who have a piece of open source code using which they perform multiple encryptions to ‘mine’ a coin. The rest of the network then checks the validity of the coin using similar encryptions. There’s a mediating regulatory system that’s purely algorithmic, and it automatically and continuously adjusts the difficulty of mining a coin until all 21 million have been mined.

The technical intricacies behind the currency have built up to provide the virtual currency with some critical features that have, in the recent months, made BTCs both a currency and a commodity.

Bitcoins are different because they’re made differently

The commodity value rests in its currency value (and some speculative value), which isn’t just a number but a number and some implications. The number, of course, is somewhere around $124 for 1 BTC today (June 2, 2013). The implications are that you don’t have to reveal your identity if you’re an owner of BTCs. This is partly because the currency has no central issuing authority that’s regulating its flow, therefore no body that wants to know how the coins are being used and by whom.

Think World of Warcraft and in-game money: You play the game, you make some, you hoard and safeguard it. Now, imagine if you could use this money in the real world. That’s what BTCs are.

As a collateral, you also get to transfer coins anonymously. You do this between what are called wallets, each of which contains ‘addresses’ to locations on the web; each address contains some bitcoins.

The technical architecture is such that once coins are sent, they stay sent; there’s no way to reverse the transaction other than by initiating a new one. There are also far fewer security concerns than those tagging along with offline currencies, such as forgery and material damage. BTCs simply exist as a string of numbers and characters on the internet. Their veracity is established by the mining network.

They are also invisible to banks and taxmen. Why are they invisible to banks? Because the implied authority of BTCs arises from its ‘democratically’ secured birth and distribution, and doesn’t need an institution like the bank to verify its validity, nor, as a result, will it be subject to a processing fee (the ‘democracy’ is ironic because there’s no one to take the blame when something about the coins goes wrong). Why are they invisible to taxmen? Because they are not issued by a government.

Thus, on the upside, there is no authority that can debase the currency, mishandle it out of greed or just plain incompetence, nor lend it out in waves with no thought spared for the reserves. As Warren Buffet wrote in 2012: “Governments determine the ultimate value of money, and systemic forces will sometimes cause them to gravitate to policies that produce inflation. From time to time such policies spin out of control.”

The threat of deflation

On the downside, because of the anonymity and irreversibility of transactions, and if your system is left vulnerable to a hack while you take a nap, your BTCs can be stolen from your wallet forever, with no way to find out who took them. However, this is only a minor glitch in the bitcoins system; an even larger one is the threat of deflation.

At the moment, there are some 11 million BTCs already mined, with the remaining 10 million to be mined by 2025. Even by about 2020-2022, the supply of BTCs as regulated by the network will become so low as to be, for all practical purposes, considered constant. By then, price discovery would’ve matured, and speculations diminished, so that each coin will then have an almost fixed, instead of constantly increasing, price-tag. This process will also be aided by scale.

Unfortunately, if, by then, millions use BTCs, the absence of anyone to issue new units would lead to spiking demand and, thus, value, resulting in an enormous deflation of commodities. And in a deflationary environment, economies don’t grow; this is where a primitive crypto-currency differs from government-issued notations of currency (this is also what happened in 1636). So, a widespread adoption of BTCs is not a good thing, but it’s a good place to start thinking what about currencies needs to be fixed.

An ideal currency, for example, might be able to transcend borders and appeal to things other than nationality to be held valuable, like BTCs can be converted into a host of other currencies, and even be used to denote value in different countries simultaneously.

For instance, a service titled Mt. Gox operates out of the US that lets you convert dollars into BTCs. However, ever since the FBI decided to crack down on the system because it was a violation of federal law for individuals to create private currency systems, Mt. Gox has necessitated photographic identities of its users since May 30, which defeats the central purpose. Of course, Gox’s faulty policies that made it harder to obtain coins were also to blame. The moral’s that they’re attracting the wrong kind of attention and that makes them even less attractive an asset.

Lighting the way ahead

At the end of the day, BTCs offer a lot of promise about refining future payments. Extensions to it likeZerocoin assist in the preservation of anonymity even if it has been violated by government interference. In the future, BTCs might even tear down paywalls and boost trade. Even fight spam (by making you pay a thousandth of a BTC to a receiver every time you sent out a mail. If you sent out a billion, you’d have paid up – all without the hassle of using a credit card)!

At the moment, though, bitcoins are assailed by important flaws as well as heady speculation that’s driving their mining, but they’re showing the way ahead well enough.

This post first appeared, as written by me, on The Copernican science blog on June 2, 2013.

Trying to understand bitcoins

In a 2008 paper, a Japanese programmer, Satoshi Nakamoto, introduced an alternate form of currency that he called bitcoins. His justifications were the problems plaguing contemporary digital commerce. In Nakamoto’s words:

Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for nonreversible services.

With the possibility of reversal, the need for trust spreads.

Merchants must be wary of their customers, hassling them for more information than they would otherwise need. A certain percentage of fraud is accepted as unavoidable. These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party.

Nakamoto’s solution was a purely digital currency – the bitcoin – that would let transacting parties remain anonymous, keep transactions very secure, and eliminate redundant fees. Unlike conventional currencies such as the rupee or the dollar, it would also be impervious to government interference. And it would accomplish all this by “being material” only on the world wide web.

Contrary to popular opinion, bitcoins don’t already exist, waiting to be found, etc. Bitcoins are created when a particular kind of transaction happens – not between two people, but between two people and a system that can be thought of as a bitcoin client. It exists on the world wide web, too.

When you login through your client and start looking for a bitcoin, you’re given a bit of information – like your location on the web, a time, a date, an index number, etc. – called a mandatory string. You then proceed to encrypt the string using an algorithm called the SHA-256. Doing this would require a computer or processor called the miner.

A legacy in the string

On the miner, an encryption algorithm performs mathematical and logical operations on it that distorts all information that would’ve been visible at first glance. For instance, if the mandatory string reads like thecopernican.28052013.1921681011, post-encryption with SHA-256 it would read 2aa003e47246e54f439873516cb1b2d61af8def752fe883c22886c39ce430563.

In the case of bitcoins, the mandatory string consists of a collection of all the mandatory strings that have been used by users before it. So, encrypting it would mean you’re encrypting the attempts of all those who have come before you, maintaining a sort of legacy called the blockchain.

After this first step, when you manage to encrypt the mandatory string in a specific way – such as such that the first four digits are zero, say – as determined by the system, you’ve hit your jackpot… almost.

This jackpot is a block of 50 bitcoins, and you can’t immediately own it. Because you’ve performed an encryption that could just as well have been staged, you’ve to wait for confirmation. That is, another user who’s out there looking for bitcoins must have encrypted another bit of mandatory string the exact same way. The odds are against you, but you’ve to wait for it to happen or you won’t get your bitcoins.

Once another user lands up on your block, then your block is confirmed and it’s split between you – the miner – and the confirmers, with you getting the lion’s share.

Proof of work, and its denial

This establishes proof of work in getting to the coins, and implies a consensus among miners that your discovery was legitimate. And you don’t even need to reveal your identity for the grant of legitimacy. But of course, the number of confirmations necessary to consummate a “dig” varies – from six to some appropriate number.

If, somehow, you possess more than 50 per cent of the bitcoin-mining community’s encrypting power, then you can perform the mining as well as the confirmation. That is, you will be able to establish your own blockchain as you are the consensus, and generate blocks faster than the rest of the network. Over time, your legacy will be longer than the original, making it the dominant chain for the system.

Similarly, if you have transferred your bitcoins to another person, you will also be able to reverse the transaction. As stated in a paper by Meni Rosenfeld: “… if the sender [of coins] would be able, after receiving [a] product, to broadcast a conflicting transaction sending the same coin back to himself,” the concept of bitcoins will be undermined.

Greed is accounted for

Even after you’ve landed your first block, you’re going to keep looking for more blocks. And because there are only 21 million bitcoins that the system has been programmed to allow, finding each block must increase the difficulty of finding subsequent blocks.

Why must it? Because if all the 21 million were equally difficult to find, then they’d all have been found by now. The currency would neither have had time to accrue a community of its users nor the time needed to attain a stable value that can be useful when transacting. Another way to look at it is because bitcoins have no central issuing authority, like RBI for the rupee, regulating the value of the currency after letting it become monopolised would be difficult.

The coin doesn’t have an intrinsic value but provides value to transactions. The only other form of currency – the one issued by governments – represents value that can be ascertained by government-approved institutions like banks. This shows itself as a processing fee when you’re wiring money between two accounts, for instance.

A bitcoin’s veracity, however, is proven just like the its mining: by user confirmation.

What goes around comes around

If A wants to transfer bitcoins to B, the process is:

  1. A informs B.
  2. B creates a block that comes with a cryptographic key pair: a private key that is retained by B and apublic key that everyone knows.
  3. A tells the bitcoin client, software that mediates the transaction, that he’d like to transfer 10 bitcoins to B’s block.
  4. The client transfers 10 bitcoins to the new block.
  5. The block can be accessed only with the private key, which now rests with B, and the public key, which other miners use to verify the transaction.

Since there is no intervening ‘authority’ like a bank that ratifies the transaction but other miners themselves, the processing fee is eliminated. Moreover, because of the minimal resources necessary to start and finish a transaction, there is no minimum size of transaction for it to be economically feasible. And last: a transaction is always (remarkably!) secure.

God in the machine

While the bitcoin client can be used on any computer, special hardware is necessary for a machine to repeatedly encrypt – a.k.a. hash – a given string until it arrives at a block. Every time an unsatisfactory hash is generated that’s rejected by the system, a random number is affixed to the mandatory string and then hashed again for a different result. Each such result is called a nonce.

Because only a uniquely defined nonce – such as starting with a few zeroes, etc. – is acceptable, the mining rig must be able to hash at least millions of times each second in order to yield any considerable results. Commercially available rigs hash much faster than this, though.

The Avalon ASIC miner costs $9,750 for an at-least-60 billion hashes per second (GH/s) unit; the BFL Jalapeno 50-GH/s miner comes at $2,499. Note, however, that Avalon accepts only bitcoins as payment these days, and BFL haven’t shipped their product for quite some time now.

The electronic architecture behind such miners is either the application-specific integrated circuit (ASIC) or the advanced field programmable gate array (FPGA), both of which are made to run the SHA-256 algorithm. ASICs are integrated circiuts customised for a particular application. FPGAs are ASICs that are customisable even after manufacturing.

Because of the tremendous interest in bitcoins, and crypto-currencies in general, its economic impact is best measured not just by its present value – a whopping $130 per bitcoin – but also the mining-rig industry, their power consumption, ‘bitcoin bubbles‘, and the rise of other crypto-currencies that take an even more sophisticated approach to mitigating the pains of internet commerce.

This post first appeared, as written by me, in The Copernican science blog on May 31, 2013.