Prism and the Magic of Smart Contracts
On May 21st, ShapeShift announced on their blog the upcoming launch of a new product called “Prism”. A Prism is supposedly an Ethereum smart contract which allows a user to gain exposure to a collection of cryptocurrencies of their choice using only the Ether token (ETH) native to the Ethereum platform.
Here’s a quick overview of how it works:
- User visits the Prism website and creates an account
- User enters the size of their desired investment in ETH
- User configures a cryptocurrency distribution of their choice (see below)
- User deposits the ETH amount to a smart contract Ethereum address designed by ShapeShift
- ShapeShift deposits an equal ETH amount to the same smart contract
- The deposited ETH remains within that smart contract until a point in time when the user decides to liquidate the investment
- When the user liquidates their Prism, they receive the current value of their investment in ETH back to their own address
The product is marketed as “The World’s First Trustless Asset Portfolio Platform” by ShapeShift. Specifically, their blog post states:
Prism is a platform upon which humans and machines can acquire exposure to portfolios of digital assets without trusting a counterparty.
The funds deposited to the smart contract above can be withdrawn to two different parties; either to you, or to ShapeShift. How the funds in are divided up is entirely dependent on a third party you perhaps did not know about: the oracle.
Oracles exist because smart contracts do not know what the price of assets are. The smart contract is entirely oblivious to the performance of your Prism, so it requires the input from an oracle to learn that information. This means that what happens to the funds that are locked up in the contract between you and ShapeShift is decided by the oracle (which, coincidentally, is also developed by ShapeShift). To alleviate some of the obvious concerns that this raises, ShapeShift has plans to allow third-party oracles in the future.
In the best case scenario, the counterparty of your Prism is ShapeShift plus a third-party oracle. That means you stand to lose your investment only if both ShapeShift and the oracle are hacked. This is concerning, given that ShapeShift was hacked just last year as a part of an inside job.
Having multiple entities as your counterparty is certainly not the same as having no counterparty risk, which ShapeShift suggests. In fact, the security model of a smart contract where the counterparty is comprised by ShapeShift and an oracle is entirely equivalent to a regular 2-out-of-3 multi-signature wallet security setup, which was employed by Bitfinex using BitGo during one of the largest exchange hacks the industry has ever seen (1, 2), which resulted in the loss of over US$60m customer funds. And yes, these funds were all withdrawn from user-specific wallets one by one (i.e. it doesn’t matter if the funds are all in a single wallet or distributed over thousands of smart contracts if the attack vector is the same for each one).
There have been several attempts to restrict oracles ability to tamper with the data fetched from the data sources. The most notable effort is Oraclize, which leverages TLSNotary proofs as well as SafetyNet — a software remote attestation technology developed by Google. These technologies can provide users with certain security guarantees that the oracle is fetching untampered data from the source, but no technology can possibly eliminate the risk that the source itself is corrupted. That means that there is an inescapable trust element involved on which the entire security model relies on, which arguably makes Prism the very opposite of trustless, regardless the use of smart contracts.
Do not let the complexity of smart contracts fool you. Smart contracts are not magical. Usage of smart contracts doesn’t make your product automatically trustless, just as saying blockchain 3 times fast doesn’t make your databases immutable. In this instance, the smart contract setup provides the same security model as if you had left your funds on an exchange that employs the 2-out-of-3 multi-signature scheme Bitfinex used in 2016 (although with the stated goal of eventually allowing you to choose from a wider variety of third-party signers than just BitGo). Instead, in this case, the magical benefits of using smart contracts are the following:
- be confined to the exchange rates offered by ShapeShift
- be subjected to the fees proposed by ShapeShift (0.05 ETH + 2.4% fee at settlement)
- have your maximum profit capped at 1x your ETH deposit (i.e. no exponential gains, +100% max — also, if the ETH price drops 50%, the maximum profit is +0% relative to fiat)
To our knowledge nothing like it has ever existed in a live, production capacity. No bank or traditional financial institution, with their billions in capital and polished claims of consumer protection, has ever brought something like this to market.
That we, a small startup, can build such a thing and release it to the world is a testament to the power of open blockchain technology.
We invite you to sign up for a closed beta invite at prism.exchange.
Disclaimer: Enabling blockchain-based financial derivatives through smart contracts is still a fascinating area — albeit not very new (1, 2)— and working products are always welcome. But that shouldn’t give companies the right to market their products as trustless when they clearly aren’t. However, there is no need to despair as there are some exciting projects with great potential of actually delivering decentralized oracle services through blockchain-based prediction markets such as Paul Sztorc’s Hivemind project (formerly known as Truthcoin), which may in turn enable trustless financial derivatives in the future. There are also real ways through which decentralized asset exchange can occur without any counterparty risk across different blockchains.
Update 2017–07–11: ShapeShift CEO Erik Voorhees has responded to the criticism raised in this post here.