“The Vision is public blockchains as a service that can benefit everyone and make a better society with blockchain, and as corny as it sounds that’s actually true. It’s all reflected in what we’re doing — we’re not trying to hype, we’re trying to make all this real”
Mike Toutonghi, August 2019
Microsoft 1992, and an engineer named Mike Toutonghi carries a card key which permits him entry to all the rooms and offices of the Redmond giant including Bill’s. “I could have walked into Bill Gates’ office if I’d wanted to,” although Mike concedes “he may not have been that happy about being interrupted — so that might not be the smartest thing to do for an employee, but they could.”
“Sure, yes I knew and worked with Bill” he answers me almost sounding disinterested, “Microsoft was one of the periods of my career, but not the start. I’ve been a low-level assembly language and C and C++ developer for decades and I’ve written operating systems. When I got there I’d already started my own company and built a multi-tasking operating system, and had also won PC World’s Product of the Year Award for a previous company where I designed a low-level graphics BIOS and other things” explained Mike before describing his numerous roles at Microsoft in answer to my original question.
“At Microsoft the first thing I did was kernel lead for Windows 95, and actually when I started, Windows 95 was pretty much on track to not even have threads, so first thing I did was put threads and synchronization objects into the Windows 95 kernel.”
Following that there was the Microsoft Java problem “where we beat Sun so badly in performance and other things that they sued us, and it wasn’t because we did something wrong! We were a small group of 12 people who were just kicking butt in development”. After the lawsuit Mike was immediately taken off that project and Microsoft started .Net: “If Sun has a problem with us making Java let’s make something better” recollects Mike, and then became Lead and Chief Architect for .Net
After that Mike saw the need for PC’s to be used for “people kind of things” acting upon the successes of TiVo, and he headed up the eHome division which was “consumer-focused entertainment on the PC”
Mike then left Microsoft and started a social network, WebFives, which Microsoft quickly bought in 2007, and Mike returned to the company.
Back at Microsoft once again, Toutonghi was placed in charge of Microsoft’s advertising platform which is where they used “big data analysis to figure out everything about every person and is where I really started to understand the importance of privacy and how fragile it is.” Since that time personal data has become the world’s most valuable commodity, and the manipulation of it the theme of a recent Netflix documentary.
That was the last thing Mike did for Microsoft before being recruited as CTO (Chief Technical Officer)of Parallels Inc. in 2010. Quoting from The Register in a 2011 article entitled Parallels bags Microsoft .NET brainiac to float clouds:
Microsoft technical fellow Mike Toutonghi is joining Parallels after nearly 20 years at Redmond. He was just one of 22 technical fellows at the world’s largest software company.
Toutonghi has spent more than 25 years in tech and is an inventor and co-inventor with more than 19 issued patents and 30 patent applications.
“Was Microsoft like a family?” I asked Toutonghi.
“It actually was, and it was not only like a family, it was this feeling that here’s this company that trusts you with everything. We had this policy that you could walk into any meeting. All the employees of the company felt like they owned the company and were working together as owners and stakeholders. That was the feeling that changed. They didn’t have this hardcore corporate approach you see these days.”
Following that Toutonghi left to set up his “Frankenstein laboratory” to develop:
“electronic 3D printing materials… and then I learned the realities of hardware, heavy equipment that breaks down and so decided really what I needed to do was where I have a lot of strength and the ability to move just about anything, and that’s back in software.”
At this time Mike went into machine learning and AI, and developed a smart folder email system which can read an email in under 200 ms and could “learn all kinds of things about emails it reads, including who wrote them, or who is likely the author, what kind of subject it is, is it friendly, is it hostile, is it hate-speech.” Mike paused briefly before continuing
And then I came to this idea that if I would simply have a source of information that was really truly accurate, then I could help people figure out things by applying AI, and the only way to really get an accurate stream of information, I believed, was from people. And this led me in a circle to this idea of polling, and polls on the chain, and a privacy preserving system that allowed people to have the opportunity to express opinions and different things, and that led me to Komodo as an ecosystem because they had zero knowledge support, which then was the beginnings of the inspiration that led to the Verus Vison Paper.
“What achievement are you most proud of?” I asked Mike.
“I’m most proud of what I’m working on now,” came his reply.
Knowing only this much about Mike it will come as no shock to learn that Verus Coin is a unique project doing unique things. For the purpose of review I have taken a cue from the the Verus website and broken the tech down into 4 categories: Mining, Proof of Power, Privacy and Vision
“Why did you write your own mining algorithm instead of using an existing one?” I quizzed
“That’s a good question,” Toutonghi answered. “Right about the time we came out it was my opinion that pretty much every single algorithm was about to fall, and was right before Equihash fell to ASICs. Having an algorithm that hasn’t yet been implemented in FPGAs isn’t ASIC resistance. ASIC resistance is when you actually have an FPGA algorithm and it still can’t beat what you’re trying to do. I made an algorithm that leveraged a modern secure hash algorithm that was an academic hash algorithm and I put that at the core of VerusHash and it was highly leveraged CPU instructions. So that worked for equalizing CPUs and GPUs at first,” he emphasized those two words “but I didn’t really know how good FPGAs would be until they came out.”
Quoting from the Verus Phase I White Paper it is clear Verus does not promise ASIC resistance, but rather a best attempt at keeping a level playing field across different hardware:
On May 3rd, 2018, weeks after a Monero hard fork to enable a new ASIC resistant algorithm and eliminate ASIC mining of Monero, major ASIC manufacturer, Bitmain announced availability of an Equihash ASIC , shattering hopes that Zcash’s Equihash, the last be-lieved bulwark of ASIC resistance might last as a profitable, GPU mineable algorithm. Prior to this announcement, we on the Verus project had been hotly debating what solution might address the risk of centralization through ASICs facing cryptocurrencies today. We decided to consider solving, not just a problem of ASICs alone, but the holistic issue of centralization vs. decentralization.
If, as we and most computer scientists agree, any proof of work algorithm will eventually succumb to extreme hardware acceleration , given enough economic incentive, perhaps fighting against what is basically a consequence of thermodynamic law isn’t the best or most efficient way to address the real issue that Satoshi Nakamoto cared to address, centralization. Furthermore, when an algorithm made intentionally difficult to implement in hardware that is slow on normal CPUs or even GPUs is finally converted to hardware, such an algorithm has the potential to be accelerated so significantly by an extremely small number of capable hardware designers that the centralizing effect of such a newly developed ASIC can counteract any previous decentralization gained from the initial ASIC resistance.
As past low level assembly language developers, we on the Verus project, sharing a strong commitment to fair distribution and decentralization, asked the question, “is there an ASIC equivalent in modern CPUs that will give them an advantage today over GPUs or today’s ASIC designs?” Furthermore, we asked another question, “how can we preserve decentralization and value the work invested through decentralized, non-ASIC mining, even after value has grown so much that the eventual ASICs are made?”
We searched for suitable answers to these questions, and as a result of our research, dis- covery, and development, created VerusHash, an exceedingly CPU-friendly, quantum secure, long input hash function that uses the quantum secure, short input Haraka512 V2 as its core compression algorithm, resulting in the fastest known cryptocurrency hash algorithm available for todays CPUs.
When FPGAs did come out they did so secretly, the VerusHash mining algorithm sold as Algo-1 in an FPGA miner. This miner operated 100x more efficiently than CPU’s (“I didn’t really know how good FPGAs would be until they came out”) and Mike changed the algorithm to VerusHash 2.0 which reduced FPGA efficiency to only 1.5x more than CPUs. Mike did not seem dissatisfied with this, commenting “if you’re going to spend money on an FPGA I don’t see anything wrong with getting some kind of premium”, and added he thought the latest generation of AMD CPUs could be further optimized to close the gap even more.
Proof of Power
Verus uses a Proof of Work/Proof of Stake hybrid consensus algorithm called Proof of Power which is remarkable in several ways.
“PoP includes a modification to the PoW “most-work” rule, used to select the best chain among forks that replaces a comparison with the amount of work represented by each chain with a composite measure, known as “Chain Power”, which is the total validation power of the network comprised of both cumulative chain work as well as cumulative chain stake”
“I modified the entire (Bitcoin) core consensus mechanism” explains Mike “Proof of work means what is the most work on a chain. We don’t ask that question, we ask what is the most power on a chain.What that means is if even with a 50/50 algorithm, when you decide what chain you’re going to accept, a lot of those algorithms still just use which one has the most work. Yes, you can validate blocks with proof of stake , but you can take over a chain with proof of work. What we do is we keep track of both the amount of stake that has been used statistically, just like work statistically, to validate the chain up to a certain point.”
Mike is not aware of anybody else doing it this way, and the result is a network which requires “a combination of attack vectors to be successful in order to mount a 51% attack on the network.” Verus is further protected by Komodo’s DPoW which Mike sees as a “belt and suspenders” play.
Proof of Power mitigates the threat of centralized hardware in PoW by allowing PoS participants to add statistically to the work of the chain, and the PoW miners ensure nobody can attack Verus by buying up the currency.
What is Custom Consensus?
Often compared with Ethereum smart contracts, Komodo’s Custom Consensus (CC) protocol on which Verus has expanded, represent a keystone in the Verus architecture. What are they?
“Custom Consensus protocols (they’re internally called Crypto Conditions), and really what they are is the ability to write new functions and opcodes into the bitcoin script.”
Nothing at Stake
Nothing at Stake is a theoretical attack (also explained in this short video) on proof of stake coins in which a validator node votes for both blocks on a forked chain in order to double spend. In proof-of-work, validating blocks on multiple chains multiplies cost, but in proof-of-stake there is no additional expense incurred for validating on multiple chains, hence the attack vector.
The theoretical problem has confounded Ethereum devs who plan on moving to proof of stake, and was solved by Mike in Verus. In the simplest terms, and more fully explained in this article, Mike leveraged the power of his enhanced version of Komodo’s Custom Consensus (which add powerful scripting to the bitcoin protocol) to add his anti-cheat system into Verus at blockchain level, in which proof-of-stake cheaters will forfeit their rewards to good actors in the network who can prove the bad actor was staking in two places at the same time, and use that proof to claim their reward, thereby removing the incentive to cheat in the first place .
“Nobody has a solution for Nothing at Stake on their mainnet that I know about, and we have that rolled out on mainnet today” said Mike, a soupçon of pride in his voice. “When we brought it up you get all of the blockchains that haven’t solved it, which is like everyone else, basically saying “it doesn’t matter, you didn’t need to solve that problem.’” Mike pauses for a moment and the line goes quiet for what seems like ages. “So this is what happens”, he went on “and the fact is it’s a theoretical problem. It’s just that I prefer to have a secure blockchain even if there’s a problem people aren’t exploiting right now. I’d rather have it solved and we knew how we could solve it.”
Weak subjectivity is another problem which exists in proof of stake, and for similar reasons. Namely that there is “no objective chain with most proven computational work to find the correct ledger.”
Quoting from the article linked above:
Verus has solved the problem of Nothing at Stake while removing Weak Subjectivity. This innovative improvement coming to the Verus blockchain is removing any incentive to attempt cheating, making it a losing proposition. This, combined with a new “Chain Power” rule which will replace “Chain Work”, presents the PoW+PoS blockchain as a far superior consensus model over PoW.
Mike presses harder and confides “We solved the Fake Stake attack similarly to how other blockchains solved it, but we solved it early, early, early on. But in the next release we’re going to strengthen out stake proofs so that by the time you even get a header of a block you can 100% validate if it was a valid staked block or not, and that is something that nobody is able to do right now that I’m aware of.”
Verus is a fork of Komodo, which is a fork of Zcash, which is a fork of Bitcoin. Komodo added the power of Custom Consensus (smart contracts) to Bitcoin scripting and Mike has developed these further and used them to “modify the core consensus rules” of the Bitcoin protocol itself. I cant help feeling it’s like he’s adding threads to the Win95 kernel all over again.
However staking in Verus can only be done with transparent as opposed to shielded coins (remember it’s a fork of Komodo which is a fork of Zcash), and given that Verus is privacy focused I asked Mike whether or not all these coins staking transparently were bad for the network’s privacy.
Verus was the first coin to implement Zcash’s Sapling upgrade. In fact Mike’s implementation included many features not in the Zcash release.
“We did add the ability for Sapling and the Sapling transaction builder (internal code to create transactions easily) to spend from public keys, which are used by Komodo CCs and notaries, vs. public key hash addresses, which are not used on Komodo chains for notaries or CC functions. We also made it possible to use the Sapling transaction builder to easily add op_returns, and integrate well with normal and enhanced crypto-conditions. Most of this is of interest only to programmers who would hit these issues when trying to make Komodo style and Sapling style chains work together. After doing it, the end result is that it just works in every way you’d expect and provides some nice features that are internal to the daemon, which the normal Sapling would not in a Komodo-derived codebase.”
It’s a fine example of the richness of the Komodo Ecosystem and demonstrates how not everything flows downstream of Komodo, but how some projects send treasures back up. Komodo and many other coins in the ecosystem use Mike’s Sapling implementation, and Mike is long since appointed as Komodo Technical Adviser.
So how do those transparent coins needed for staking impact the privacy of the system? Mike had this to say:
“First of all on privacy: A chain that enables both private and transparent transactions has every tool it needs to have perfect privacy as long as the clients don’t mix addresses without consideration”
“There are so many things that are not leaked out of private transactions. This goes back to my big data analysis: the only way people are able to figure out who you are is by analyzing all the connections between all the addresses, and the reason there are all these connections is because most of the wallets and GUI wallets don’t actually care about change addresses being a leak, or this kind of transaction leaking information, and so the clients that use these don’t do anything about it. And so it’s an easy solution to say we’re not going to have any transparent transactions. By doing that its like saying nobody can violate your privacy because we don’t allow YOU to make mistakes.”
“The point is now most of the clients and the way change works — there’s this whole crypto system which is transparent — if your client made new addresses to protect your identity and used z addresses when it was appropriate, you don’t have to have ALL private transactions to be private, do you know what I’m saying?”
“The real issue is that privacy (and I worked on privacy in Java and .Net) is a holistic problem.”
“You can defeat a system with privacy by using it in a way that makes the actions that are private easier to guess. If you really want to have full privacy, we have the technology for it in zk-SNARKs. At the same time, just as with ZCash, you either need to think about your private vs. transparent address usage, or a wallet client could even help you get the privacy level you prefer. Verus and Zcash both also support transparent, traceable transactions as well as zk-SNARK transactions, so you can create traceable transactions by careless mixing of your transparent transactions with your private ones, hitting some common pitfalls. Wallet clients could be designed with a focus on all normal pitfalls/errors, while still using a chain with support for more dApp type of functions, or if your #1 goal is privacy, and you will trade some function and staking ability for simpler privacy, a chain that has fewer ways to create traceable transactions, like PirateChain can arguably say they are “more” private, because although you could still create traceable transactions by using non-standard fees or other types of meta-data, the default with normal wallet clients is that you have fewer potential ways to expose information.”
All blockchains created in Verus’ PBaaS (public blockchain as a service) are Sapling enabled by default and so Mike’s magnus opus (mywords not his) first imagined as “a privacy preserving system that allowed people to have the opportunity to express opinions” nears completion.
Vision — PBaaS and Beyond
“The Vision is public blockchains as a service that can benefit everyone and make a better society with blockchain, and as corny as it sounds that’s actually true. It’s all reflected in what we’re doing — we’re not trying to hype, we’re trying to make all this real”
Currently running on testnet is Verus PBaaS, which allows the easy creation of Sapling enabled blockchains with user definable parameters and settings, which are Merge Mined with Verus. Up to 15 chains can be merge-mined simultaneously.
“Isn’t a smart contract enough to satisfy most use-cases?” I asked Mike
“A smart contract is not a blockchain, I’m sorry it’s just NOT a blockchain. If you want to do a supply chain for your industry and you want a bunch of different businesses to use it, and you want delivery people to have records marked in, and you want potential customers to be able to follow their orders, then you don’t want to clog up Ethereum and pay Ethereum fees to do that, you just want your own blockchain. Every single PBaaS blockchain is its own blockchain.”
“All of the chains get auto-notarized with a fully decentralized protocol, that allows them to auto-notarize across the whole ecosystem without the use of elected notaries”
Mike still wants to integrate Komodo’s notarization to improve cross-chain performance with KMD “because you can replace the decentralized trustless auto-notarization with an elected trusted set of notaries that can make things happen faster without all the proofs necessarily. It doesn’t require the Komodo notaries to enable every PBaaS chain to be a new opportunity for miners and stakers across the Verus network to make more money.”
The Reserve Currency — Liquidity
“The Reserve Currency is something that’s totally different, it’s NOT atomic swaps. It’s not just a simple thing; these aren’t just features on a blockchain; this will literally be something beyond what bitcoin is capable of doing. When this is released there is not another chain or a system that can do anything like this.”
Mike seems as if he might soon become breathless as he excitedly tries to convey to me the significance of what Verus is about to release.
“Right now if you start a blockchain on the PBaaS testnet the blockchain is like other blockchains in many senses: it has its own currency; you could do atomic swaps; you could get notarized on the Komodo blockchain; it’s a full fledged Zcash capable zero knowledge proof Sapling only blockchain. You can go create one tomorrow and it really takes you like 5 minutes and you don’t need to go to Amazon or Microsoft and get servers to do it, you just create your blockchain and the world wide network is the service that brings it up because of all the merge mining and the fact that whenever you do that you’re offering an opportunity for miners and stakers on the Verus network to actually make something from that process”
“Reserve currencies are an option. When you start a chain you have the opportunity to take money in Verus; to sell the beginning supply of that chain so the parameters when you start a chain in the new upgrade will allow you to do the same type of thing as a kick-starter.”
Mike then provided an example of PhysicalCryptoCoins.com taking orders for physical Verus silver coins using PBaaS with the reserve option to secure funding. The example includes a parameter that if less than 100 cryptocoin tokens are bought (each token representing a physical coin to be sold) by a certain blockheight (time) then the Cryptocoin token chain does not even start and all the investors have their funds returned automatically. “Nobody has something like this, this is totally new — you cannot do this on any existing system right now”. Mike’s enthusiasm is palpable and infectious as he continues his explanation. He presses on feverishly as though fearful he will not be able to get all the words out in time, or that I might not grasp the gravity of his work.
“The reserves go into a reserve address that is controlled by the blockchain and the native currency on that blockchain becomes a fractional reserve currency of Verus, and the easiest way to really get into the technical details is to read the Bancor whitepaper because it’s basically that model except it’s built-in to the core blockchain protocol in a way that eliminates centralized fees and is gonna change crypto. The reason is this — buys and sells within the Verus network can be achieved with just protocol-based conversions. Every single coin that is made this way can be automatically purchased and automatically sold in any volume without having anyone to buy (if you’re selling) and without having anyone to sell (if you’re buying) by using these formulas that are built into the blockchain. The entire currency IS the order book, there’s no thin order book or lack of liquidity — it cannot happen. You don’t need a buyer when you’re selling because you’re selling to the entire supply of currency, and if you sell it lowers the price and if you buy it raises the price, so it follows 100% market dynamics. You can do it in any volume. You are liquid across every other coin in the Verus ecosystem WITHOUT an exchange. You don’t need an exchange and there’s no atomic swaps because you don’t even need to worry about that side of things anymore.”
Verus uses an “enhanced” Komodo’s Custom Consensus protocol in order to achieve this. “We have a much enhanced custom consensus protocol over what is in Komodo today. I used our enhanced custom consensus to build this capability but in order to do that our CC is very different now in the sense that it leverages the underlying capabilities of KMD’s CC but Ive added on top of that the ability for every single transaction that uses CC to have multiple destinations, and the ability to have information in each independent output of the transaction that doesn’t have to go in the shared OP_Return.”
Mike describes how a user will be able to seamlessly convert any fractional reserve token or coin in the Verus ecosystem with one single send transaction from the Verus wallet. On top of that a user can send a Verus reserve to any other chain in the ecosystem, to facilitate trading. He also describes fractional reserve currencies in greater detail in this Medium post.
“This is way beyond enhanced CC’s,” Mike concludes. “There’s a few things about this that make it academically hard to beat. For example, if you have 1000 conversions to and 1000 conversions from a certain coin, and they ALL get mined in to a certain block, every single transaction gets exactly the same conversion price with zero spread. So there’s no such thing as jumping in front of another order, and all exchanges and conversion are now transactional on a single block. The reserve currency does this automatically.”
The line goes quiet. I start trying to grasp what has just happened.
The Next Step
“It’s all in the Vision paper,” declares Mike, “We’re gonna work on confidential, verifiable and transparent polls and elections on the Verus ecosystem using PBaaS chain. But I tell you what, there are some companies that want to bring cryptocurrencies to the masses using PBaaS reserve technology, and they’ve got capabilities way beyond me in the financial and consumer side.”
Mike wasn’t in a position to reveal the names of these companies, but it wont be long till any existing non-disclosure agreements expire.
Mike himself proposed another more “obvious” use-case of a loyalty currency and cited a real-world example of La Pasta, a pasta producer in California who Mike coincidentally met at a farmer’s market, and the creation of La Pasta coin on Verus, which could offer customers a 10% discount if they pay with La Pasta coin. Mike told me he introduced himself as Lead Dev of Verus, and the proprietor (much to my amusement) requested a new feature in the Verus Mobile wallet which the Verus community’s lead wallet developer, Michael Toutonghi Jr., has since provided.
“Komodo had a better starting point to enable the kinds of things that we could do to enable PBaaS for the world,” explained Mike.
Do you think of Komodo as a family?
“Komodo really is a family, and the fact is Komodo and Komodo notaries I believe are going to have a lot of opportunity to earn as well in the Verus PBaaS ecosystem”
“We’re in this together. When people think about crypto right now it’s easy to way overestimate how far along it is. We are so much at the early stage of what crypto is going to become.
This is like the very, very, very beginning of the Internet, and people are saying “Oh, Bitcoin won” — and it’s like Sorry but right now Bitcoin could turn out to be MySpace. We don’t know, and Komodo is really headed in the right direction.”
Since Mike is an exclusive member of Microsoft’s Technical Fellows, was a senior executive, and since he quite literally helped lay the foundations for the company Microsoft is today, some of my inquiry was about closed-source versus open-source. Mike shared with me stories which were revealing.
Before Sun sued Microsoft for developing their (better and interoperable) Java release, Microsoft and Mike were praised by James Gosling at one of Sun’s JavaOne conference for their contributions to the development of Java. Mike recalls “We were totally open book with them.” And while VP of Microsoft’s eHome division Mike negotiated the first royalty-free license Philips Royal Semiconductor had ever agreed to, a deal which would ultimately profit both tech giants and win Mike praises from former colleagues years later.
Most telling was Toutonghi’s final anecdote.
“There was a guy who spoke at one of our executive retreats, Jim Collins, who wrote the books Good to Great. At the time (1999) I had actually written a document called Microsoft 2000 which laid out my vision for Microsoft’s future, and which included a form of digital cash described in it with hashes and signatures, but it wasn’t a blockchain.”
“Jim Collins was asking the question “What is the most audacious goal for a company?” One of the biggest that Jim could think of was to redefine how money works for humans.”
Mike paused and then, as if waking from a daydream, he softly spoke the words, “I think about that on a regular basis.”
A three hour conversation with Mike ends, and even though we discussed many other subjects ranging from Vitalik, the Agama hack, his son Michael F, JL777, Ransomware and Satya Nadella (just to name a few), I feel this Verus Review has found a fitting end.
You will be sure to read much more about Verus in the coming weeks and months, and I hope this review serves well as an entertaining introduction to the amazing tech and the vision.
Thanks to Michael J Toutonghi for sharing the vision.
Thanks to Michael F Toutonghi for sharing the infographics.