Bitcoin Vault (BTCV)

What is Bitcoin Vault (BTCV)?

BTCV was developed to provide an extra level of security based on a 3-Key Security Solution which allows users to reverse certain type of transactions on the blockchain. It features all the convenience of Bitcoin while adding important features allowing user transparency and freedom. Bitcoin Vault is our answer to issues faced by the crypto community over the last decade which mainly are:

  • Unauthorized access to wallets due to either hacks or accessing user private keys
  • Human mistakes with sending crypto assets to the wrong wallet addresses or other kinds of mistakes related to mistyping of transfer amounts or mixing transfer amount with gas amount
  • Errors, bugs and other issues related to cryptocurrency software

BTCV development is focused on security and safety features, user convenience and user experience as we also believe that those are the key challenges that prevent a significant portion of society to become part of global crypto community.

What makes Bitcoin Vault unique?

Bitcoin Vault is the only cryptocurrency on the market that allows users to reverse certain types of transactions. This feature is based on the combination of three private keys (3-Keys Security Solution) and their functions in the ecosystem. Users can create three types of wallets based on the number of private keys they want to use. With the optimal setup, when a user chooses to use a wallet that supports three private keys, he can perform three types of transactions and get the possibility to reverse them.

What is the 3-Key Security Solution?

Most of the cryptocurrencies require users to handle one private key to access wallets and perform transactions.

Bitcoin Vault developed a 3-Key Security Solution which requires users to generate three Elliptic Curve Digital Signature Algorithm (ECDSA) keys – one is stored automatically within the app and the other two need to be managed by the user. The current setup in Bitcoin Vault allows users to cancel initiated transactions and reverse them to an existing or a new wallet address. 

Solution supports three ECDSA key with different roles in the ecosystem:

  • Standard Transaction Key is generated automatically and works in the background. It is required to initiate all transactions, and to recover a wallet in case of a hack or technical issue
  • Cancel Transaction Key allows users to perform Cancel transactions within approximately 24 hours, before 144 blocks are generated
  • Fast Transaction Key gives users the possibility to make Secure Fast transactions and transfer BTCV in a matter of minutes

Bitcoin Vault Ecosystem

Bitcoin Vault’s ecosystem includes three apps that were created in-house solely for the purpose of storing and managing BTCV. Together, they form a powerful tool that guarantees a higher standard in security, transparency and freedom.

Gold Wallet

Gold Wallet is an app for mobile devices designed to store, send and receive BTCV. It allows users to create three types of wallets and perform various types of transactions, including Secure Fast, Secure and Cancel Transactions. Gold Wallet can also be used as an authenticator for the two-factor authentication (2FA) for the Electrum Vault desktop app.

Key Generator

Key Generator is a web-based app that generates individual public and private keys necessary to set up wallets and perform transactions. It uses only local resources, which means the key generation process, as well as the keys themselves, never leave the user’s device. They are not stored anywhere and cannot be accessed online. The keys are stored offline, providing the utmost level of safety.

Electrum Vault

Electrum Vault is a desktop app based on an open-source Electrum Wallet. It has all the features of Gold Wallet, which means it can be used to store, send and receive BTCV, create wallets and perform transactions, including Secure Fast, Secure and Cancel Transaction.

Who are the founders of Bitcoin Vault?

Bitcoin Vault was founded by Eyal Avramovich, an inventor, creator and CEO of Minebest (, one of the world leading operators of crypto mining facilities located in Asia, Europe.

Bitcoin Vault (BTCV) was launched in 2019 as alpha chain. It was developed heavily between December 2019 and November 2020, which saw the release of the key feature enabling reversible transactions on the blockchain.

Common reproaches against banksters are primitive and incorrect

Crypto-Reddit is full of accusations to banks. They say banksters issue currencies secured with nothing, with zero scarcity parameter. True. Yet, this is not the core problem they create (which bitcoin does not solve).

It is easier to produce than to sell. Ask an entrepreneur who has managed to create something.

It wasn’t always so. At some point about 40 years ago consumers in the Rich West have tasted everything [reasonable] they ever wanted. The global financial oligopoly developed a well-educated intention: 

“We should influence both the production side and the consumer side.”

The former was already a traditional tool. Bankers and the connected elite have always managed things by choosing what businesses to support. The latter was an innovation back in the early eighties but today most of the things people buy they buy on credit. Thus, it is not the goods that compete but rather credit terms. The free market is gone, as Mr. Marx has warned. Capitalism gave way to imperialism.

If you remove ubiquitous credit from our lives, people would buy other products and other brands. Entire industries that sell hollow status items, as well as entertainment, would die out.

Both production and “compulsion to consume” got concentrated in the same hands. The vicious circle of manipulation spins faster and faster. Money goes to those businesses that provide more opportunities for manipulating consumption. To the detriment of everything else, half of the world is now designing, photographing, marketing, and blogging 24/7. Another half spends hours a day consuming pointless content. Millions of scientists, engineers, and entrepreneurs ended up serving this fuss.

On paper, people consume more than produce and the debt is growing. It is artificial. There are no human beings on this planet who can take hundreds of trillions of real valuables out of their pockets to “lend” them to us. It was us and only us who produced what we have already eaten and otherwise consumed.

The artificial debt was once profitable to its designers but not any longer. The skewed demand has lost momentum. The mismatch of consumer “needs” with common sense has led to the common loss of adequacy. Our civilization remains very fragile. Chaos and death will engulf any city on the territory of the Golden billion if electricity is off for only a couple of days — this is what we must not forget.

It’s high time now to write off the pseudo-debt. Everybody needs it including pseudo-creditors. No one ever bent their back for that money, it has always been an accounting stunt. But accounting is a strict discipline. Manageability in writing off the debt is still possible. But risk-free manageability is not. Not any longer. The problem is over-ripe.

They will take risks. They will try to deploy the MMT. One indicator is that the adviser to Bernie Sanders is Stephanie Kelton who is an ardent advocate of MMT.

There is an international division of labor. Some counties perform the functions of the assembly shop. Others — the processing of raw materials and so on. The US does accounting and management. This division works without clear international agreements, outside public control. It’s some sort of private party. As the essence of the current monetary trap is clear to most players, this division of labor is no longer sustainable. Global financiers are being slowly (but surely) removed from real power. The most important thing in business is personnel, not money.

The US is no longer a trusted currency issuer which MMT must imply. The possible outcomes are scary.

Via Ad-hoc Economy

You don’t care about “The Price of the Internet”. So ignore the price of Bitcoin.

By Beautyon

… the price of buying Bitcoins at the exchanges doesn’t matter for the consumer. 

If the cost of buying a Bitcoin goes to 1¢ This doesn’t change the amount of money that comes out at the other end of a transfer. As long as you redeem your Bitcoin immediately after the transfer into either goods or currency, the same value comes out at the other end no matter what you paid for the Bitcoin when you started the process.

Think about it this way. Let us suppose that you want to send a long text file to another person. You can either send it as it is, or you can compress it with zip. The size of a document file when it is zipped can be up to 87% smaller than the original. When we transpose this idea to Bitcoin, the compression ratio is the price of Bitcoin at an exchange. If a Bitcoin is $100, and you want to buy something from someone in India for $100 you need to buy 1 Bitcoin to get that $100 to India. If the price of Bitcoin is 1¢ then you need 10,000 Bitcoin to send $100 dollars to India. These would be expressed as compression ratios of 1:1 and 10,000:1 respectively.

The same $100 value is sent to India, whether you use 10,000 or 1 Bitcoin.The price of Bitcoins is irrelevant to the value that is being transmitted, in the same way that zip files do not ‘care’ what is inside them; Bitcoin and zip are dumb protocols that do a job. As long as the value of Bitcoins does not go to zero, it will have the same utility as if the value were very ‘high’.

Bearing all of this in mind, it’s clear that new services to facilitate the rapid, frictionless conversion into and out of Bitcoin are needed to allow it to function in a manner that is true to its nature.

The current business models of exchanges are not addressing Bitcoin’s nature correctly. They are using the Twentieth Century model of stock, commodity and currency exchanges and superimposing this onto Bitcoin. Interfacing with these exchanges is non-trivial, and for the ordinary user a daunting prospect. In some cases, you have to wait up to seven days to receive a transfer of your fiat currency after it has been cashed out of your account from Bitcoins. Whilst this is not a fault of the exchanges, it represents a very real impediment to Bitcoin acting in its nature and providing its complete value.

Imagine this; you receive an email from across the world, and are notified of the fact by being displayed the subject line in your browser. You then applyto your ISP to have this email delivered to you, and you have to wait seven days for it to arrive in your physical mail box.

The very idea is completely absurd, and yet, this is exactly what is happening with Bitcoin, for no technical reason whatsoever.

It is clear that there needs to be a re-think of the services that are growing around Bitcoin, along with a re-think of what the true nature of Bitcoin is. Rethinking services is a normal part of entrepreneurialism and we should expect business models to fail and early entrants to fall by the wayside as the ceaseless iterations and pivoting progress.

Bearing all of this in mind, focusing on the price of Bitcoin at exchanges using a business model that is inappropriate for this new software simply is not rational; its like putting a methane breathing canary in a mine full of oxygen breathing humans as a detector. The bird dies even though nothing is wrong with the air; the miners rush to evacuate, leaving the exposed gold seams behind, thinking that they are all about to be wiped out, when all is actually fine.

Bitcoin, and the ideas behind it are here to stay. As the number of people downloading the client and using it increases, like Hotmail, it will eventually reach critical mass and then spread exponentially through the internet. When that happens, the correct business models will spontaneously emerge, as they will become obvious, in the same way that Hotmail, Gmail, Facebook, cellular phones and instant messaging seem like second nature.

In the future. I imagine that very few people will speculate on the value of Bitcoin, because even though that might be possible, and even profitable, there will be more money to be made in providing easy to use Bitcoin services that take full advantages of what Bitcoin is.

One thing is for sure; speed will be of the essence in any future Bitcoin business model. The startups that provide instant satisfaction on both ends of the transaction are the ones that are going to succeed. Even though the volatility of the price of Bitcoin is bound to stabilise, since it has no use in and of itself, getting back to money or goods instantly will be a sought after characteristic of any business built on Bitcoin.

The needs of Bitcoin businesses provide many challenges in terms of performance, security and new thinking. Out of these challenges will come new practices and software that we can only just imagine as they come over the horizon.

Finally, when there is no more fiat, and the chaotic transition zone between fiat and Bitcoin has been abolished, then everything will be priced in Bitcoin, and there will be no volatility, because no one uses anything other than Bitcoin to buy or sell. If you know any chemistry, this will be like a reaction’s reagents reaching equilibrium; you can shake it and stir it all you like; the reaction is over, and you’re left with the inert product. Right now, compared to the amount of fiat in the world, Bitcoin can expand and contract very rapidly over a large range, because it is small in volume. It can expand to what for many is an unimaginably high price, and then shrink down again. As it gets bigger and accumulates more mass (its price expressed in fiat), these fluctuations will become smaller and smaller. Through all of this, Bitcoin remains exactly the same; it is its users that are publishing numbers as a signal to react upon.

Read full article >>

On Negative Probability (for Mechanism Design)

By Alexander Kuzmin, Mycelium CEO

Those who work in the development of token projects need to model the behavior of people. Primarily, they study the potential reaction to incentives. Developers try to answer the question of what would a person do if he or she expects such and such a reward?

Our own experience and discussions with colleagues across the industry suggest that most inventors forget or ignore that probabilities can be negative. What is a negative probability and why is it important to use it?

At first glance, a probability of less than zero is nonsense. What could that mean if any person can either do something or not? Is the minimum probability not zero? No, if we consider non-observable and conditional events.

A negative amount of money does not seem strange to us. It can be interpreted simply as a debt. But the negative number of, say, apples is less clear a concept. We have an even less intuitive sense of what a negative number of events is (for calculating probabilities). But there is no fundamental difference with money.

Let’s assume you start your day with five apples. You are expected to receive eight more apples during the day, and you are going to give away ten apples. As a result, you will end the day with three apples. Since the final result is quite real, no questions arise.

The problem, however, is that you consider only a fraction of all possible scenarios. You need to limit your behavior so that you either have apples at any given moment, or you don’t need to give an apple to anyone at all points in time when you don’t have any apples. That means (at least) that “apple-nominated debt” is prohibited.

But if you are allowed to have such debt, or—speaking more generally—you can include in your scenarios negative event probabilities, then the system’s flexibility increases.

Few people can replace apples with events in their thought experiments. Can you imagine a negative probability of an “event of the execution of a specific contract”? Difficult, right? But if you simply allow negative probabilities in your calculations, then your model does the work for you without your imagination having to comprehend this speculative phenomenon.

Why is it important to use negative probabilities? Convenience. Research on motivations without using negative probabilities is the same as arithmetic without numbers less than zero. Possible but extremely inconvenient.

Below is a list of classic studies including those where negative probability is applied to finance.

  • Dirac, P.A.M. The Physical Interpretation of Quantum Mechanics. Proc. Roy. Soc. London (A 180), pp. 1–39, 1942.
  • Khrennikov, A. Equations with infinite-dimensional pseudo-differential operators. Dokl. Academii Nauk USSR, v.267, 6, p.1313–1318, 1982.
  • Khrennikov, A. p-adic probability and statistics. Dokl. Akad. Nauk, v.322, p.1075–1079, 1992.
  • Khrennikov, A. Andrei Khrennikov on Negative Probabilities, in Derivatives, Models on Models, Editor Espen Haug, John Wiley 2007.
  • Khrennikov, A. Interpretations of Probability. Walter de Gruyter, Berlin/New York, 2009.
  • Kolmogorov, A. Grundbegriffe der Wahrscheinlichkeitrechnung, Ergebnisse der Mathematik (English translation: (1950) Foundations of the Theory of Probability, Chelsea P.C.), 1933.
  • Kolmogorov, A. and Fomin, S. Elements of Function Theory and Functional Analysis, Nauka, Moscow, 1989 (in Russian).
  • Kuratowski, K. and Mostowski, A. Set Theory, North Holland P.C., Amsterdam, 1967.

Via Ad-hoc Economy

Math in Solidity

By Mikhail Vladimirov

Ethereum is a programmable blockchain, whose functionality could be extended by publishing pieces of executable code, known as smart contracts, into the blockchain itself. This distinguishes Ethereum from the first generation of blockchains, where new functionality requires client software to be modified, nodes to be upgraded, and the whole blockchain to be forked.

A smart contract is a piece of executable code published on-chain, that has a unique blockchain address assigned to it. Smart contract controls all the assets belonging to its address and may act on behalf of this address when interacting with other smart contracts. Each smart contract has persistent storage that is used to preserve the smart contract state between invocations.

Solidity is the primary programming language for smart contract development on Ethereum, as well as on several other blockchain platforms that use Ethereum Virtual Machine (EVM).

Programming was always about math, blockchain was always about finance, and finance was about math since ancient times (or maybe math was about finance). Being the primary programming language for Ethereum blockchain, Solidity has to do math well.

In this series, we discuss various aspects of how Solidity does the math, and how developers do math in Solidity. The first topic to discuss is numbers.

Numeric Types in Solidity

In comparison to mainstream programming languages, Solidity has quite many numeric types: namely 5,248. Yes, according to the documentation, there are 32 signed integer, 32 unsigned integer, 2592 signed fixed-point, and 2592 unsigned fixed-point types. JavaScript has only two numeric types. Python 2 used to have four, but in Python 3 type “long” was dropped, so now there are only three. Java has seven and C++ has something about fourteen.

With so many numeric types, Solidity should have proper type for everybody, right? Not so fast. Lets look at these numeric types a bit closer.

We will start with the following question:

Why Do We Need Multiple Numeric Types?

Spoiler: we don’t.

There are no numeric types in pure math. A number may be integer or non-integer, rational or irrational, positive or negative, real or imaginary etc, but these are just properties, the number may or may not have, and single number may have several such properties at once.

Many high-level programming languages have single numeric type. JavaScript had only “number” until “BigInt” was introduced in 2019.

Unless doing hardcore low-level stuff, developers don’t really need multiple numeric types, they just need pure numbers with arbitrary range and precision. However, such numbers are not natively supported by hardware, and are somewhat expensive to emulate in software.

That’s why low-level programming languages and languages aimed at high performance usually have multiple numeric types, such as signed/unsigned, 8/16/32/64/128 bits wide, integer/floating-point etc. These types are natively supported by hardware and are widely used in file formats, network protocols etc, thus low-level code benefits from them.

However, for performance reasons, these types usually inherit all the weird semantics of underlying CPU instructions, such as silent over- and underflow, asymmetric range, binary fractions, byte ordering issues etc. This makes them painful in high-level business logic code. Straightforward usage often appears insecure, and secure usage often becomes cumbersome and unreadable.

So, the next question is:

Why Does Solidity Has So Many Numeric Types?

Spoiler: it doesn’t.

EVM natively supports two data types: 256-bit word and 8-bit byte. Stack elements, storage keys and values, instruction and memory pointers, timestamps, balances, transaction and block hashes, addresses etc are 256-bit words. Memory, byte code, call data, and return data consist of bytes. Most of the the EVM opcodes deal with words, including all math operations. Some of the math operations treat words as signed integers, some as unsigned integers, while other operations just work the same way regardless of whether arguments are signed on unsigned.

So EVM natively supports two numeric types: signed 256-bit integer and unsigned 256-bit integer. These types are known in Solidity as int and uint respectively.

Apart from these two types (and their aliases int256 and uint256) Solidity has 62 integer types int<N>, and uint<N>, where <N> could be any multiple of 8 from 8 to 248, i.e. 8, 16, …, 248. On EVM levels, all these types are backed by the same 256-bit words, but result of every operation is truncated to N bits. They could be useful for specific cases, when particular bit width is needed, but for general calculations these types are just less powerful and less efficient (truncating after every operation is not free) versions of int and uint.

Finally, Solidity has 5184 fixed-point types fixedNxM and ufixedNxM where N is multiple of 8 from 8 to 256 and N is an integer number from 0 to 80 inclusive. These types are supposed to implement decimal fixed-point arithmetic of various range and precision, but as of now (Solidity 0.6.2) the documentation says that:

Fixed point numbers are not fully supported by Solidity yet. They can be declared, but cannot be assigned to or from.

So fixed-point numbers as well as fractions numbers in general are not currently supported.

Then, the next question is:

What If We Need Fraction Numbers or Integers Bigger Than 256 Bit?

Spoiler: you have to emulate them.

One would say, that 256 bit ought to be enough for anybody. However, once most of the numbers in Ethereum are 256 bit wide, even simple sum of two numbers may be as wide as 257 bit, and product of two numbers may be up to 512 bit wide.

Common way to emulate fixed or variable width integers numbers, that are wider, than types natively supported by programming language, is to represent them as fixed or variable length sequences of shorter, natively supported integer numbers. So bit image of wide integer is the concatenation of bit images of shorter integers.

In Solidity, wide integers may be represented as fixed or dynamic arrays whose elements are either bytes or uint vales.

For fractions situation is a bit more complicated, as as there are different flavors of them, each having its own advantages and drawback.

The most basic are simple fractions: just one integer, called “numerator”, divided by another integer, called “denominator”. In Solidity simple fraction could be represented as a pair of two integers, or as a single integer, whose bit image is the concatenation of bit images of numerator and denominator. In the latter case, numerator and denominator has to be of the same width.

Another popular format for fractions is fixed-point numbers. Fixed-point number is basically a simple fraction whose denominator is a predefined constant, usually power of 2 or 10. The former case is known as “binary” fixed-point, while the latter is known as “decimal” fixed-point. As long as denominator is predefined, there is no need to specify is explicitly, so only the numerator need to be specified. In Solidity fixed-point numbers are usually represented as a single integer numerator, while commonly used denominators are 10¹⁸, 10²⁷, 2⁶⁴, and 2¹²⁸.

Yet another well-known format for fraction numbers is floating-point. Basically, floating point number could be described as following: m×B^e, where m (mantissa) and e (exponent) are integers, while B (base) is a predefined integer constant, usually 2 or 10. The former case is known as “binary” floating-point, and the latter case is known as “decimal” floating-point.

IEEE-754 standardizes several common floating-point formats, including five binary formats known as “half”, “single”, “double”, “quadruple”, and “octuple” precision. Each of these formats packs both, mantissa and exponent, into single sequence of 16, 32, 64, 128, or 256 bits respectively. In Solidity, these standard formats could be represented by binary types bytes2bytes4bytes8bytes16, and bytes32. Alternatively, mantissa and exponent could be represented separately as a pair of integers.

And the file question for this section:

Do We Have to Implement All This by Ourselves?

Spoiler: not necessary.

The good news is that there are Solidity libraries for various number formats, such as: fixidity (decimal fixed-point with arbitrary number of decimals), DSMath (decimal fixed-point with 18 or 27 decimals), BANKEX Library (IEEE-754 octuple precision floating-point), ABDK Libraries (binary fixed-point and quadruple precision floating-point) etc.

The bad news is that different libraries use different formats, so it is really hard to combine them. The roots of this problem will be discussed in the next section.

Numeric Literals in Solidity

In the previous section we discussed how numbers are represented at run time. Here we will look at how they are represented at the development time, i.e. in the code itself.

Compared to mainstream languages, Solidity has quite a rich syntax for numeric literals. First of all, good old decimal integers are supported, such as 42. As in other C-like languages, there are hexadecimal integer literals, like 0xDeedBeef. So far so good.

In Solidity, literals may have unit suffix, such as 6 ether, or 3 days. A unit, is basically a factor, the literal is multiplied by. Here ether is 10¹⁸ and days is 86,400 (24 hours × 60 minutes × 60 seconds).

Apart from this, Solidity supports scientific notation for integer literals, such as 2.99792458e8. This is quite unusual, as mainstream languages support scientific notation for fractional literals only.

But probably the most unique feature of the whole Solidity language, is its support for rational literal expressions. Virtually every mature compiler is able to evaluate constant expressions at compile time, so x = 2 + 2 does not generate add opcode, but is rather equivalent to x = 4. Solidity is able to do this as well, but actually, it goes far beyond that.

In mainstream languages, compile-time evaluation of constant expression is just an optimization, so constant expression is evaluated at compile time exactly the same way as it would be evaluated at run time. This makes it possible to replace any part of such expression with named constant or variable holding the same value, and get exactly the same result. However, for Solidity this is not the case.

At run time, division in Solidity rounds result towards zero, and other arithmetic operations wraps on overflow, while at compile time, expressions are evaluated using simple fractions with arbitrary large numerator and denominator. So, at run time, expression ((7 / 11 + 3 / 13) * 22 + 1) * 39 would be evaluated to 39, while at compile time the very same expression is evaluated to 705. The difference is because at run time, 7 / 11 and 3 / 13 are rounded to zero, but at compile time, the whole expression is evaluated in simple fractions without any rounding at all.

Even more interesting, the following expression is is valid in Solidity: 7523 /48124631 * 6397, while this is not valid: 7523 / 48125631 * 6397. The difference is that the former evaluates to integer number, while the latter evaluates to non-integer. Remember, that Solidity do not support fractions at run time, so all literals have to be integer.

While fractional numbers and big integers may be represented in Solidity at run time, as described in the previous sections, there is no convenient way to represent them in the code. This makes any code, that performs operations with such numbers, rather cryptic.

As long as Solidity does not have a standard fixed-point nor floating-point format, every library uses its own, which makes libraries incompatible with each other.


Every time I see +*, or ** doing audit of another Solidity smart contract, I start writing the following comment: “overflow is possible here”. I need a few seconds to write these four words, and during these seconds I observe nearby lines trying to find a reason, why overflow is not possible, or why overflow should be allowed in this particular case. If the reason is found, I delete the comment, but most often the comment remains in the final audit report.

Things aren’t meant to be this way. Arithmetic operators supposed to allow writing compact and easy to read formulas such as a**2 + 2*a*b + b**2. However, this expression would almost definitely raise a bunch of security concerns, and the real code is more likely to look like this:

add (add (pow (a, 2), mul (mul (2, a), b)), pow (b, 2))

Here addmul, and pow are functions implementing “safe” versions of +*, and ** respectively.

Concise and convenient syntax is discouraged, plain arithmetic operators are marginally used (and not more than one at a time), cumbersome and unreadable functional syntax is everywhere. In this article we analyse the problem, that made things so weird, whose infamous name is: overflow.

We Took a Wrong Turn Somewhere

One would say, that overflow was always there, and all programming languages suffer from it. But is this really true? Did you ever see something like SafeMath library implemented for C++, Python, or JavaScript? Do you really think, that every + or * is a security breach, until the opposite is proven? Most probably, your answer for both questions is “no”. So,

Why Overflow in Solidity Is So Much Painful?

Spoiler: nowhere to run, nowhere to hide.

Numbers do not overflow in pure math. One may add two arbitrary large numbers and get precise result. Numbers do not overflow in high-level programming languages such as JavaScript and Python. In some cases the result could fall into infinity, but at least adding two positive numbers may never produce negative result. In C++ and Java integer numbers do overflow, but floating-point numbers don’t.

In those languages, where integer types do overflow, plain integers are used primarily for indexes, counters, and buffer sizes, i.e. for values limited by the size of data being processed. For values, that potentially may exceed range of plain integers, there are floating-point, big integer, and big decimal data types, either built-in or implemented via libraries.

Basically, when the result of an arithmetic operation does not fit into the type of the arguments, there are a few options what compiler may do: i) use wider result type; ii) return truncated result and use side channel to notify the program about overflow; iii) throw an exception; and iv) just silently return truncated result.

The first option is implemented in Python 2 when handling int type overflows. The second option is what carry/overflow flags in CPUs are for. The third option is implemented for Solidity by SafeMath library. The fourth option is what Solidity implements by itself.

The fourth option is probably the worst one, as it makes arithmetic operations error-prone, and at the same time makes overflow detection quite expensive, especially for multiplication case. One needs to perform additional division after every multiplication to be on the safe side.

So, Solidity neither has safe types, one could run to, nor it has safe operations, one could hide behind. Having nowhere to run and nowhere to hide, developers have to meet overflows face to face and fight them all throughout the code.

Then, the next question is:

Why Doesn’t Solidity Have Safe Types Nor Operations?

Spoiler: because EVM don’t have them.

Smart contracts have to be secure. Bugs and vulnerabilities in them cost millions of dollars, as we’ve already learned the hard way. Being the primary language for smart contracts development, Solidity takes security very seriously. If has many features supposed to prevent developers from shooting themselves in the feet. We mean features like payable keyword, type cast limitations etc. Such features are added with every major release, often breaking backward compatibility, but the community tolerates this for the sake of better security.

However, basic arithmetic operations are so unsafe that almost nobody use them directly nowadays, and the situation doesn’t improve. The only operation that became a bit safer is division: division by zero used to return zero, but now it throws an exception, but even division didn’t become fully safe, as it still may overflow. Yes, in Solidity int type division overflows when -2¹²⁷ is being divided by -1, as correct answer (2¹²⁷) does not fit into int. All other operations, namely +-*, and ** are still prone to over- or underflow and thus are intrinsically unsafe.

Arithmetic operations in Solidity replicate the behavior of corresponding EVM opcodes, and making these operations safe at compiler level would increase gas consumption by several times. Plain ADD opcode costs 3 gas. The cheapest opcode sequence for implementing safe add the author of the article managed to find is:

DUP2(3) DUP2(3) NOT(3) LT(3) <overflow>(3) JUMPI(10) ADD(3)

Here <overflow> is the address to jump on overflow. Numbers in brackets are gas costs of the operations, and these numbers give us 28 gas in total. Almost 10 times more, than plain ADD. Too much, right? It depends on what you compare with. Say, calling add function from SafeMath library would cost about 88 gas.

So, safe arithmetic at library or compiler level costs much, but

Why Doesn’t EVM Have Safe Arithmetic Opcodes?

Spoiler: for no good reason.

One would say that arithmetic semantic in EVM replicates that of CPU for performance reasons. Yes, some modern CPUs have opcodes for 256-bit arithmetic, however mainstream EVM implementations don’t seem to use these opcodes. Geth uses big.Int type from the standard library of Go programming language. This type implements arbitrary wide big integers backed by arrays of native words. Parity uses its own library implementing fixed-width big integers on top of native 64-bit words.

For both implementations, additional cost of arithmetic overflow detection would virtually be zero. Thus, once EVM would have versions of arithmetic opcodes, that revert on overflow, their gas cost could be made the same as for existing unsafe versions, or just marginally higher.

Even more useful would be opcodes that do not overflow at all, but return the whole result instead. Such opcodes would permit efficient implementation of arbitrary wide big integers at compiler or library level.

We don’t know why EVM doesn’t have the opcodes described above. Maybe just because other mainstream virtual machines don’t have them?

So far we were telling about real overflow: a situation when calculation result is too big to fit into the result data type. Now it is time to discover the other side of the problem:

Phantom Overflows

How one would calculate 3% of x in Solidity? In mainstream languages one just writes 0.03*x, but Solidity doesn’t support fractions. What about x*3/100? Well, this will work in most cases, but what if x is so large, that x*3 will overflow? From the previous section we know what to do, right? Just use mul from SafeMath and be in the safe side: mul (x, 3) / 100… Not so fast.

The latter version is somewhat more secure, as it reverts where the former version returns incorrect result. This is good, but… Why on earth calculating 3% of something may ever overflow? 3% of something is guaranteed to be less that original value: in both, nominal and absolute terms. So, as long as x fits into 256-bit word, then 3% of x should also fit, shouldn’t it?

Well, I call this “phantom overflow”: a situation when final calculation result would fit into the result data type, but some intermediate operation overflows.

Phantom overflows are much harder to detect and address than real overflows. One solution is to use wider integer type or even floating-point type for intermediate values. Another is to refactor the expression in order to make phantom overflow impossible. Let’s try to do the latter with our expression.

Arithmetic laws tell us that the following formulas should produce the same result:

(x * 3) / 100
(3 * x) / 100
(x / 100) * 3
(3 / 100) * x

However, integer division in Solidity is not the same as division in pure math, as in Solidity it rounds the result toward zero. The first two variants are basically equivalent, and both suffer from phantom overflow. The third variant does not have phantom overflow problem, but is somewhat less precise, especially for small x. The fourth variant is more interesting, as it surprisingly leads to a compilation error:

browser/Junk.sol:5:18: TypeError: Operator * not compatible with types rational_const 3 / 10 and uint256browser/Junk.sol:5:18: TypeError: Operator * not compatible with types rational_const 3 / 10 and uint256

We already described this behavior in our previous article. To make the fourth expression compile we need to change it like this:

(uint (3) / 100) * x

However this does not help much, as the result of corrected expression is always zero, because 3 / 100 rounded towards zero is zero.

Via the third variant we managed to to solve phantom overflow problem at the cost of precision. Actually, precision loss is significant only for small x, while for large x it is negligible. Remember, that for the original expression, phantom overflow problem arises for large x only, so it seems that we may combine both variants like this:

x > SOME_LARGE_NUMBER ? x / 100 * 3 : x * 3 / 100

Here SOME_LARGE_NUMBER could be calculated as (2²⁵⁶-1)/3 and rounding this value down. Now for small x we use original formula, while for large x we use modified formula that do no permit phantom overflow. Looks like we solved phantom overflow problem without significant loss of precision now. Great work, right?

In this particular case, probably yes. But what if we need to calculate not 3%, but rather 3.1415926535%? The formula would be:

x / 1000000000000 * 31415926535 :
x * 31415926535 / 1000000000000

Our SOME_LARGE_NUMBER will become (2²⁵⁶-1)/31415926535. Not so large then. And what about 3.141592653589793238462643383279%? Being good for simple cases, this approach does not seem to scale well.

Via Coinmonks

Seasonality in Bitcoin: Examining Almost A Decade of Price Data

With almost ten years of price data for bitcoin now available, this article will investigate if there are any seasonal effects for BTC-USD.

In traditional markets, seasonal trends are often found in financial time series data such as GDP (e.g., recessions and expansions), the price of a commodity because of changes in the weather (e.g., summer versus winter) or calendar events for a company’s stock price (e.g., earnings season).

BTC-USD price history (log transformed). Source: CoinMetrics.

Bitcoin’s price history — illustrated above — is limited. But since there is now almost ten years of data, we can begin to uncover any seasonal trends.

There are several hypotheses about seasonal trends in BTC-USD — such as the influence of tax season, increased trading/blockchain activity during winter months (shadowing internet usage), and the effect of public holidays such as the Chinese New Year and Christmas (i.e., the “Santa Claus rally”).

The calendar heatmap below display the rolling 30-day return on investment for bitcoin (BTC) since mid-August 2010. Positive returns were transformed to 1 and we code negative returns as 0 to provide more clarity:

  • green square on the calendar means that on that day, the 30-day return on investment was positive.
  • red square on the calendar means that on that day, the 30-day return on investment was negative.
Source: CoinMetrics, bitcoin 30-day ROI data for 18/08/2010 to 31/01/2020.

For the 113 months we have full price data for, there have been 28 months where the 30-day return for bitcoin was positive every single day. For example, the 30-day return for BTC was positive every single day in April, May and June during 2019. There’s also a strong momentum effect. Ten of these months that were fully green were followed by another straight month of positive returns.

There’s less tendency for the 30-day return to remain in the red for an entire calendar month, with ten examples so far. Again, there’s a similar momentum effect, with three of these months followed by another month of straight red. The last time this happened was September-October 2014.

Another glance at the calendar heatmap also shows that in July and November, if bitcoin’s 30-day return is positive or negative during the first day of these months, it usually stays that way. There are six instances in both July and November where the 30-day return was negative (or positive) for the entire month.

Looking at public holidays such as Chinese New Year and Christmas, we see that the 30-day return around the start of Chinese New Year has been negative in recent years (2016–2019) while the 30-day return was positive in 2020 and between 2011–2015. There’s not much evidence for a “Santa Claus rally” with bitcoin, since just five of the past ten years display a positive ROI in the run up the Christmas.

The 30-day returns are usually negative around tax deadlines in many countries such as the US and the UK (late March-early April). During this period, investors may engage in as tax loss harvesting — selling digital currency to incur losses and reduce their tax burden. Another explanation could be the sale of digital assets by investors to pay their capital gains tax or other tax liabilities. Out of nine years, the 30-day return has been negative during this period seven times.


Are there any seasonal trends in the price volatility of bitcoin?

Bitcoin’s price history is cut into two parts to account for the falling volatility over time. The calendar heatmap below shows the raw volatility data for the years 2010-2014 and 2015-2019 separately.

Green/yellow days where the price action was high volatile while orange/red show moderate/low volatility days.

Bitcoin was more volatility during the spring or summer months during 2010–2014, with periods of high volatility during November 2010, June 2011, April-May 2013. We also saw a period of volatility during December 2013-January 2014.

Source: CoinMetrics, volatility of 30-day returns for bitcoin between 18/08/2010 to 31/12/2019.

For the years 2015–2019, the first few months of the year have been volatile as compared to the rest of the year (with 2017 and 2019 being exceptions).

Looking at both calendar heatmaps together, it’s clear that BTC-USD usually experiences heightened volatility in summer (June, July, August) and winter (December, January, February).

Let’s look at the seasonal trends in bitcoin differently by plotting the distribution of monthly returns.

The Distribution of Monthly Returns

How do bitcoin returns vary by month?

The distribution of monthly returns are plotted in the chart below and exclude outliers.

Returns by month — outliers excluded. Source: CoinMetrics, daily bitcoin price data for 18/07/2010 to 31/01/2020.

When excluding outliers, the median returns by month are negative for January, March, August, and September. Historically, the largest returns are seen in April and June, with median gains near 20 percent.

The summer and winter months have been much more profitable for bitcoin investors. The chart also shows the volatility of monthly returns, with the ranges of the boxplots being much larger during the summer and winter months.

The violin chart below shows the true distribution of the data with outliers included. The density of each plot represents the frequency of observations and the mean return is shown as a diamond. Reading a violin chart is the same as reading a density plot: thicker parts of the chart represent more observations in that range.

Monthly returns — outliers included. Source: CoinMetrics, daily bitcoin price data for 18/07/2010 to 31/01/2020.

In January 2020, Bitcoin’s performance was +30%. The distribution for January above shows that the current performance is higher than average, but is not unprecedented — with bitcoin gaining 53% and 75% in January 2013 and January 2011, respectively.

A few observations from the violin chart above:

  • The average monthly returns are all positive — except for September.
  • The lower bound of April’s plot is just below zero, while most of the distribution is in positive territory. Since 2011, you’d have only lost money twice (in 2014 and 2015) if you bought bitcoin at the start of April and sold at the end of April. Even in 2014 and 2015, the losses were -4.39% and -6.29% respectively.
  • Comparing the violin chart with the boxplot for March, one outlier makes March’s average return positive. When excluding outliers, March has the second lowest median return, suggesting we’re more likely to see negative price growth in bitcoin during this month.
  • April, May, October and November have the largest average monthly returns. These months also show the highest variability in returns.
  • The variation in returns is smallest for July and September.

The Distribution of Returns by Weekday

Is there any link between bitcoin’s price changes and the day of the week?

Wednesdays are usually the most volatile and busiest day in Forex markets, as the data release cycle is in full swing. However, cryptocurrencies are traded 24/7, 365 days a year, so it would be interesting to see if there are any patterns in returns on the weekend.

The true distributions of returns by the day of the week are shown by the violin plot below. The diamonds represent the mean returns.

Source: CoinMetrics, daily bitcoin price data for 18/07/2010 to 31/01/2020.

The distributions of daily returns are similar for each weekday, with the peak at (or close to) zero percent. The range of price changes are similar for Mondays, Wednesdays, and Fridays, as shown by the length of each violin plot.

The biggest returns have been on Saturdays, but the biggest drops have occurred on Thursdays. These two days of the week also display the highest variation in returns.

Saturday appears to have two peaks, unlike all other days, suggesting that while most of the time returns are clustered around 0, returns also tend to cluster (although to a lesser extent) around a positive value of about 4 percent.

Intraday Returns, Volatility and Trends for BTC-USD

Are there any hourly patterns? Is there an effect on the price of bitcoin corresponding with the opening of the global financial centres, such as London, New York or Tokyo?

Price Change by Hour/Day of the Week on Bitstamp for BTC-USD

The heatmap below uses hourly price data from Bitstamp, spanning 06:00 on 12/11/2017 to 02:00 on 22/01/2020 (with 19,221 observations). All times are in UTC.

The colour of the squares represent the intensity of hourly price changes:

  • Dark purple squares show the hours where the trend in the price of bitcoin has usually been negative.
  • Orange/yellow squares show the hourly sessions where the bitcoin price action has usually been bullish.
  • Light purple squares show that the price has remained relatively stable.
Source: cryptodatadownload, (Bitstamp 1h), data is for 12/11/2017 (06:00) to 22/01/2020 (02:00).

One of the first time periods that stands out is 06:00–07:00 on Sundays — where the average gain in BTC-USD is close to 10 percent. The 22:00–23:00 trading session on Sundays is also positive for BTC-USD, along with the 16:00–17:00 hourly session on Thursday.

The dark purple square on Friday morning shows that the European market open (07:00–08:00) corresponds with a tendency of the bitcoin price to fall around five percent on average — at least according to the past 25 months of data from Bitstamp. Large negative price movements usually occur between 06:00–07:00 on Sundays and towards the end of the London trading session on Mondays (16:00–17:00).

Volatility by Hour/Day of the Week on Bitstamp for BTC-USD

The heatmap above shows the hourly change in prices on average, but doesn’t take into account the highs or lows. The same infographic is shown below for the hourly volatility of BTC-USD on Bitstamp (which is calculated as [(high-low)/open].

Dark purple squares show the hours where volatility is relatively low while the orange/yellow squares show where volatility is relatively high.

Source: cryptodatadownload, (Bitstamp 1h), data is for 12/11/2017 (06:00) to 22/01/2020 (02:00).

For the available data, we see that volatility is higher on Sundays (especially in the morning), on Mondays and during the 06:00–07:00 hourly session on Fridays, as compared to the rest of the week.

Candle Body Ratio by Hour/Day of the Week on Bitstamp for BTC-USD

To identify when the price of bitcoin has a higher likelihood of trending, we can also look at the Candle Body Ratio by hour and day of the week. To understand the Candle Body Ratio, let’s look at two extremes (where the ratio is equal to 1 and close to 0).

The formula for the Candle Body Ratio.

If the Candle Body Ratio equals 1, then the change between the opening and closing price is equal to the difference between the high and the low. In candlestick analysis, this is known as a Marubozu.

A Candle Body Ratio close to 0 indicates indecision and these readings are associated with Doji patterns. Two examples are shown in the chart below.

Illustrating the Candle Body Ratio.

The Candle Body Ratio is used to identify which trading sessions are more likely to display trending candles and the hours where BTC-USD is more prone to trendless conditions.

The heatmap below shows the Candle Body Ratio by hour and by weekday on the Bitstamp exchange. The yellow/orange squares show that the Candle Body Ratio is close to 1, while the dark purple/indigo squares show where the candle body ratio is close to zero.

Source: cryptodatadownload, (Bitstamp 1h), data is for 12/11/2017 (06:00) to 22/01/2020 (02:00).

Stronger trends (i.e., yellow squares) on Bitstamp are seen:

  • Prior to the European open on Fridays (06:00–07:00),
  • On Tuesday evenings (18:00–19:00),
  • Near the close of the European markets on Mondays, (14:00–16:00) and prior to the open of Asian markets (22:00–23:00).

Choppier price action (i.e., dark purple squares) is seen:

  • Around the open of the markets in New York on Tuesdays (12:00- 13:00).
  • The early hours of Fridays (01:00–03:00).

The heatmaps shown above vary for different exchanges. For instance, when looking at the data for Coinbase and Kraken, the returns are very close to zero for pretty much all trading hours and the Candle Body Ratio heatmaps look slightly different, as these exchanges have more data points on cryptodatadownload.

But the heatmaps above are only useful to spot traders on the Bitstamp exchange. Derivatives platforms like Interdax use an index where the price of bitcoin comprises price quotes from several spot exchanges.

To uncover trends more useful to derivatives traders, we’ve produced the same infographics for the entire history of BitMEX’s BTC-USD pair (spanning 01/01/2017 to 30/01/2020), using both hourly and 4-hour data.

Since volume in the derivatives market have overtaken the spot market and is where the main price discovery is happening now, we should be able to draw stronger conclusions from the following heatmaps.

Price Change by Hour/Day of the Week for BTC-USD on BitMEX

The heatmap for BitMEX shows a different picture with fewer variations in returns by hour, which is expected since the number of observations are larger (above 27,000).

Source: CryptoDatum, (bitmex1h), data is for 01/01/2017 (00:00) to 31/01/2020 (00:00).

The largest, positive price movements are clustered around 10:00–11:00 on Friday, and Tuesday evenings (between 22:00–23:00 and 23:00–00:00).

The two darkest purple squares are found during the 11:00–12:00 hourly session on Wednesday and the 23:00–00:00 trading session on Saturday.

Volatility by Hour/Day of the Week for BTC-USD on BitMEX

The hourly heatmap for the price volatility of BTC-USD on BitMEX is shown below.

Source: CryptoDatum, (bitmex1h), data is for 01/01/2017 (00:00) to 31/01/2020 (00:00).

The price of bitcoin is more volatile during the 15:00–16:00 session on Thursday.

Another session that is usually volatile according to the historical data is 22:00–23:00 on Tuesday.

Candle Body Ratio by Hour/Day of the Week for BTC-USD on BitMEX

Source: CryptoDatum, (bitmex1h), data is for 01/01/2017 (00:00) to 31/01/2020 (00:00).

The heatmap of the Candle Body Ratio shows that the price of bitcoin displays stronger trends during certain hours. For instance, yellow squares represent trading sessions where there is a higher likelihood that BTC-USD displays a strong trend.

The dark purple squares show us when the candle body size is low compared to the difference between the session’s high and low. For example, on Wednesday morning between 00:00 and 02:00, we usually see choppy price action in BTC-USD.

Looking at the 01:00–02:00 hourly session across different days, we see that BTC-USD’s price action tends to be choppy in the first half of the week (Monday to Wednesday), while during the second half of the week strong trends occur more frequently in this hour.

The 11:00–12:00 trading session is usually directionless no matter what day of the week it is (although to a lesser extent on Thursday), as indicated by the purple squares during that time period.

We can also identify consecutive hourly trading sessions that display high Candle Body Ratios. However, looking above, we see that there’s no more than two consecutive hourly sessions with strong trending candles (i.e., the Candle Body Ratio is above 0.60).

There are usually two consecutive hourly sessions with strong-trending candles on:

  1. Sunday mornings (01:00–03:00),
  2. Tuesday nights (22:00–00:00),
  3. Wednesday afternoons (14:00–16:00), and
  4. Friday mornings (00:00–02:00).

According to the hourly price data, these four time periods are the best times to scalp or enter short-term trades in BTC-USD. Strong-trending candles, where the wicks are small in relation to the candle’s body, are usually observed during these times.

The same metrics are shown below for the 4-hour price data from BitMEX.

Price Change by 4-Hour Trading Session/Weekday for BTC-USD on BitMEX

Source: CryptoDatum, (bitmex4h), data is for 01/01/2017 (00:00) to 31/01/2020 (00:00).

Tuesdays (16:00–20:00) usually see the largest positive price changes on average according to the past three years of data from BitMEX.

On average, the biggest percentage drops happen during on Saturday nights (20:00–00:00).

Volatility by 4-Hour Trading Session/Weekday for BTC-USD on BitMEX

Source: CryptoDatum, (bitmex4h), data is for 01/01/2017 (00:00) to 31/01/2020 (00:00).

Volatility is usually highest in the 12:00–16:00 session on Thursday and the 16:00–20:00 session on Tuesdays.

Candle Body Ratio by 4-Hour Trading Session/Weekday for BTC-USD on BitMEX

Source: CryptoDatum, (bitmex4h), data is for 01/01/2017 (00:00) to 31/01/2020 (00:00).

Typically, we see stronger trending candles during the latter half of the day between 12:00 and 00:00, with Thursday being an exception. Most of the yellow and orange squares are found after 12:00, suggesting stronger trends develop in the American trading session.

We generally find the strongest trending movements during the early hours of Thursday morning (00:00–04:00) and Tuesday evening (16:00–20:00).

The dark purple squares show BTC-USD is normally trendless during these hours, e.g., on Wednesdays (08:00–12:00) and Sundays (00:00–04:00).

The heatmap above suggests if you are a trend following trader, you should be active in the hours that display yellow/orange squares and be more cautious entering positions during time periods represented by dark purple squares. The conclusions drawn here assume that historical price action will be similar to that in the future.


Winter months have been far more profitable for bitcoin traders (especially October and November), with higher median returns and greater volatility. April and May also have high returns on average, while September is usually negative. It’s also interesting to note that the returns for April have been positive seven out of nine years, and in the other years the loss in April wasn’t that large (around -5%/-6%).

Daily returns mostly cluster around zero, although there is a small tendency for returns to cluster around small, positive values on Saturdays. Historically, Saturdays have had the highest upside but Thursdays have had the largest drops. These two days of the week also display the largest variation in returns.

Using the 1-hour and 4-hour data for BitMEX’s perpetual swap, we’ve shown during which hours/4-hour periods are associated with positive/negative growth, high volatility and strong-trending candlesticks for BTC-USD. From the data that is available, some of the findings are:

  • Monday mornings (11:00–12:00) are associated with choppy price action.
  • Candles with low Candle Body Ratios occursmore frequently in the early hours of each weekday (00:00–04:00), except for Thursday.
  • Two consecutive 4-hour trading sessions on Tuesday (16:00–20:00 and 20:00-00:00) are associated with high Candle Body Ratio readings — suggesting stronger trends develop during these hours.
  • The price of bitcoin is more volatile, exhibits greater than usual growth and displays a high Candle Body Ratio reading on Tuesday (22:00–23:00).
  • The early hours of Thursday (00:00–04:00) are associated with strong trending behaviour.
  • Stronger trends on the 4-hour timeframe are more common in the second half of the day (12:00–00:00) for most weekdays (with Thusday and Sunday being exceptions).

Keep in mind that these trends may not always repeat themselves. These insights are just a starting point for looking at seasonality in the price of bitcoin. A deeper dive is coming soon.

All graphics are produced with R Studio. The data and R scripts will be published on GitHub in the coming days.

Disclaimer: This blog post is for informational purposes only and should not be taken as financial advice.

By Interdax

Efficient Market Hypothesis and Bitcoin Stock-to-Flow Model

By PlanB


Bitcoin Stock-to-Flow (S2F) model was published in March 2019 [1]. The model has been well received by bitcoiners and investors. Many analysts have verified the cointegrated S2F model and confirmed bitcoin price predictions [2][3][4].

The S2F model also received critique. The best steel man argument against the model comes from the Efficient Market Hypothesis (EMH). The argument states that the model is based on publicly available information (S2F, bitcoin’s supply trajectory) and therefore the analysis and conclusion must be already priced in.

In this article I share my point of view on S2F model and EMH. I analyze arbitrage opportunities, risk & return model and derivatives markets.

Stock to Flow Model

S2F model was published as a bitcoin valuation model, inspired by Nick Szabo’s concept of unforgeable scarcity and Saifedean Ammous’ analysis of S2F [1][5][6]. S2F is a measure of scarcity. The power law relation between S2F and bitcoin price over time captures the underlying regularity of bitcoin’s complex dynamic system of network effects as described by Trace Mayer [7].

S2F model is a power law function fitted on Oct 2009 —Feb 2019 monthly data: BTC price =0.4*S2F ^3 (where S2F=1/inflation rate). A later model on 2009–2019 yearly data yields higher predictions: BTC price =0.18*S2F ^3.3

Nick Phraudsta was the first to verify (or better “not falsify”) the S2F model, and he added cointegration analysis, indicating that the correlation is likely not spurious [2]. Marcel Burger verified both S2F model and cointegration, with several addition statistical tests[3]. Manuel Andersch was the first institutional investor (BayernLB) to verify S2F model and cointegration [4].

Efficient Market Hypothesis

EMH is a well known theory in financial economics. EMH is based on ideas of Friedrich Hayek (1974 Nobel prize) and others. According to Hayek markets are information processing systems, delivering the best possible price discovery [8].

EMH is formally described by Eugene Fama (1973 Nobel prize) and comes in three flavors [9]:

  1. Weak EMH: historical price data is already priced in and cannot be used to make profits. Technical Analysis (TA) and Time Series Analysis (TSA) does not work.
  2. Semi-strong EMH: public news from media outlets like MSNBC, Bloomberg, WSJ and research companies is already priced in and cannot be used to make profits. Fundamental Analysis (FA) does not work.
  3. Strong EMH: even inside information can not be used to make a profit, because all information is already priced in.

Most investors and economists agree that modern financial markets are reasonably efficient (i.e. they accept weak and semi-strong EMH), however they reject strong EMH.

Following EMH, S2F model should be priced in, because it is based on publicly available data (S2F).

Risk & Return

To be honest, I have never used EMH directly in my 20+ years experience as an institutional investor managing a multi-billion Euro balance sheet. In practice we assume EMH, and use a risk & return model.

Assuming EMH

Some people argue that bitcoin markets are not efficient, but I do not agree. In the old days you could buy bitcoin at one exchange in USD and sell it shortly afterwards at another exchange in EUR or JPY and convert it back to USD at a profit, arbitrage was possible. Those days are gone, as the table below shows (13 Jan 2020, 20:00 GMT prices):

BTCUSD = 8100
BTCEUR = 7300
BTCUSD/BTCEUR = 8100/7300 = 1.11
EURUSD = 1.11

BTCJPY = 885.000
BTCJPY/BTCUSD = 885.000/8100 = 109
USDJPY = 109

Perhaps there is still some money to be made with big computers, fast communication lines and high-frequency trading (HFT) algorithms, but there are no easy arbitrage opportunities.

We can safely assume that the $150B bitcoin market with $10B daily transactions is reasonably efficient.

Risk & Return Model

Assuming EMH does not mean that you can not make money. You just have to take risk. EMH and non arbitrage lead us to risk & return models.

Harry Markowitz (1990 Nobel prize) introduced an early risk & return model with his famous Portfolio Theory (PT)[10]. William Sharpe (1990 Nobel prize) published his well known Capital Asset Pricing Model (CAPM)[11]. According to Markowitz and Sharpe all returns can be explained by risk.

This is a simplified risk & return model (without correlation or exotic math):

It is crucially important to understand this chart, so let’s dive into it.

The x-axis of this chart is risk (maximum annual loss) and the y-axis is return (average annual return).

The chart shows three classic assets: bonds, gold and stocks. Bonds have the lowest risk 8% and the lowest return 6%. Gold has higher risk 33% and higher return 7.5%. Stocks have the highest risk 40% and the highest return 8%.

Key insight is that returns can be explained by risk alone, consistent with EMH. If you encounter an asset above the line, a first reaction could be that it is a great investment opportunity. A better reaction (from an EMH and non arbitrage point of view) would be that it is too good to be true. We are probably missing risks (or have miscalculated risk) and should try to bring the asset back on the line. Quantifying risk (volatility) is difficult, and indeed the expertise of quants of financial institutions. If an investor calculates that risks are lower than the market prices in, and if he exactly knows why the asset is above the line, then and only then should he decide to invest.

Bitcoin is literally “off the chart”: 200% return, 80% risk. Because I can not plot it on the chart, I resized it to a 1% bitcoin plus 99% cash investment. This bitcoin investment is far above the line: 8% return, 1% risk (note that you can’t loose more than 1%, even if bitcoin drops 99%, because you only invest 1%). So my first reaction is: the market sees risks that are not in the data. Here is a list of some possible risks:

  • Risk that bitcoin dies
  • Risk of governments making bitcoin illegal and prosecuting developers
  • Risk of fatal software bugs
  • Risk of exchange hacks
  • Risk of 51% attacks by centralized miners
  • Risk of miner death spiral after halving
  • Risk of hard forks

From an EMH and risk & return perspective, all these risks should be in the price data. But these risks are not in the data. According to EMH and the risk & return formula in the chart, 1% risk should give 5.5% + 6.2% * 1% = 5.6% return. And the data shows that 1% bitcoin + 99% cash had 8% return last 11 years.

It seems that these risks have been overestimated by the market, and that bitcoin really was a great investment opportunity, in line with S2F model.

Derivatives markets

Let’s look at what derivatives markets are telling us about the future.

Option markets show no spike at or after next halving:


Same story for futures market: slightly higher prices in the future, but no spike at or after the halving, indicating nothing special will happen at the halving:


This is interesting because S2F model predicts much higher prices after the halving. How should we interpret this?
I think the simple answer is that the market currently overestimates future risk, like it overestimated risk last 11 years. The efficient bitcoin market not only discounts the fundamental value of scarcity (S2F model), but also all these risks:

  • 42% of investors see bitcoin futures as the biggest risk (whales and governments manipulating the price of bitcoin with ‘paper bitcoin’, spoofing and wash trades).
  • 16% still fears miner capitulation after the halving.
  • 15% fear selling pressure from scams.
  • I know from discussions with institutional investors that their biggest fear is government making bitcoin illegal.
  • Another risk frequently mentioned by institutional investors is “the next bitcoin”, a new (government/central bank backed) coin replacing bitcoin.

Note that without all these risks bitcoin’s value would be much higher, possibly in line with S2F model.

As time progresses, some of these risks will not materialize and disappear from the list. Take miner capitulation for example. I do not think miner capitulation is a big risk, but 15% of investors thinks it is. If hashrate does not decrease after the next halving, the risk of miner capitulation disappears and bitcoin price will rise because the risk is gone.


Bitcoin S2F model was introduced in March 2019 and verified by many others.

EMH implies that S2F and the model predictions should be already priced in by the market, because S2F model uses publicly available S2F data.

Current bitcoin markets are indeed reasonably efficient because easy arbitrage opportunities are not possible.

Historical risk & return data of bonds, gold, stocks and bitcoin, shows that bitcoin markets overestimated risk. Bitcoin return was not in line with risk, but very much in line with S2F model. Bitcoin options and futures markets do not expect rising prices at or after next halving. It is possible that markets still overestimate future risks.

My conclusion is that bitcoin markets are indeed reasonably efficient and price in S2F model, but also overestimate risk. Therefore, I prefer using S2F model over a classic risk & return model to predict future bitcoin price.

So I assume EMH and would definitely pick up that bitcoin!


[1] PlanB@100trillionUSDModeling Bitcoin’s Value with Scarcity, Mar 2019

[2] Nick Phraudstra, Falsifying Stock-to-Flow As a Model of Bitcoin Value, Aug 2019

[3] Marcel Burger, Reviewing “Modelling Bitcoin’s Value with Scarcity”, Sep 2019

[4] Mannuel Andersch (BayernLB), Is Bitcoin outshining gold?, Sep 2019

[5] Nick Szabo, Bit Gold, 2008

[6] Saifedean Ammous, The Bitcoin Standard: The Decentralized Alternative to Central Banking, 2018

[7] Trace Mayer, The Seven Network Effects of Bitcoin, 2015

[8] Friedrich Hayek, The Use of Knowledge in Society,1945

[9] Eugene Fama, Efficient Capital Markets: A Review of Theory and Empirical Work, 1970

[10] Harry Markowitz,Portfolio Selection, 1952

[11] William Sharpe, Capital Asset Prices: A Theory of Market Equilibrium under Conditions of Risk, 1964

Chip-to-chip quantum teleportation and multi-photon entanglement in silicon


Integrated optics provides a versatile platform for quantum information processing and transceiving with photons1,2,3,4,5,6,7,8. The implementation of quantum protocols requires the capability to generate multiple high-quality single photons and process photons with multiple high-fidelity operators9,10,11. However, previous experimental demonstrations were faced by major challenges in realizing sufficiently high-quality multi-photon sources and multi-qubit operators in a single integrated system4,5,6,7,8, and fully chip-based implementations of multi-qubit quantum tasks remain a significant challenge1,2,3. Here, we report the demonstration of chip-to-chip quantum teleportation and genuine multipartite entanglement, the core functionalities in quantum technologies, on silicon-photonic circuitry. Four single photons with high purity and indistinguishablity are produced in an array of microresonator sources, without requiring any spectral filtering. Up to four qubits are processed in a reprogrammable linear-optic quantum circuit that facilitates Bell projection and fusion operation. The generation, processing, transceiving and measurement of multi-photon multi-qubit states are all achieved in micrometre-scale silicon chips, fabricated by the complementary metal–oxide–semiconductor process. Our work lays the groundwork for large-scale integrated photonic quantum technologies for communications and computations.

Helicopter Money Is Here

What is Helicopter Money?

A daring new approach to solving the economic slump is gaining popularity in official circles. Helicopter money refers to money figuratively “dropped from the sky”, or freshly created cash used to fund infrastructure projects or put directly into the hands of citizens. Rather than being thrown from the sky, helicopter money might mean every citizen being credited with, say, $500 from the central bank straight into their current account.

Why should You Care?

The Fed’s charter prohibits it from directly purchasing bonds or bills issued by the US Treasury: that process is also known as monetization and various Fed chairs have repeatedly testified under oath to Congress that the Fed does not do it. Of course, the alternative is what is known as “Helicopter Money”, when the central bank directly purchases bonds issued by the Treasury and forms the backbone of the MMT monetary cult.

But what if there is at a several day interval between Treasury issuance and subsequent purchase? Well, that’s perfectly legal, and it’s something the Fed has done not only during QE1, QE2 and QE3, but is continuing to do now as part of its “QE4/NOT QE.” 

Here’s how.

On December 16, the US Treasury sold $36 billion in T-Bills with a 182-day term, maturing on June 18, 2020, with CUSIP SV2. And, as shown in the Treasury Direct snapshot below, of the total $34.3 billion in competitive purchases, Dealers acquired $23.7 billion.

What happened next?

For the answer we go to the Fed’s POMO page, which shows which specific T-Bill CUSIPs were purchased by its markets desk on any given POMO day when Dealers sell up to $7.5 billion in Bills to the Fed.

Exhibit 1: on December 19, just three days after the above T-Bill was issued and on the very day the issue settled (Dec 19), Dealers flipped the same Bills they bought from the Treasury back to the Fed for an unknown markup. Specifically, of the $7.5BN in total POMO, the SV2 CUSIP which had been issued earlier that week, represented the biggest bond “put” to the Fed, amounting to $3.9 billion, more than half of the total POMO on that day, and by far the most of any CUSIP sold to the NY Fed’s markets desk on that day.

But wait, there’s more.

Exhibit 2: during the next POMO conducted the very next day, or December 20, and just four days after the issuance of T-Bill SV2, which as a reminder saw $23.7 billion in Dealer purchase, those same Dealers flipped more of the same Bills they “bought” from the Treasury back to the Fed. Why? To once again pocket the unspecific markup the Fed generously provided to them just because they are Dealers. Of the $7.5BN in total POMO held on Dec 20, the SV2 CUSIP once again represented the single biggest bond “put” to the Fed, amounting to $1.6 billion, the most of any CUSIP sold to the NY Fed’s markets desk on that day.

So what is going on? Well, for all those saying the US may soon unleash helicopter money, and/or MMT, we have some ‘news’: helicopter money is already here, and the Fed is now actively monetizing debt the Treasury sold just days earlier using Dealers as a conduit… a “conduit” which is generously rewarded by the Fed’s market desk with its marked up purchase price.

In other words, the Fed is already conducting Helicopter Money (and MMT) in all but name. As shown above, the Fed monetized T-Bills that were issued just three days earlier – and just because it is circumventing the one hurdle that prevents it from directly purchasing securities sold outright by the Treasury, the Fed is providing the Dealers that made this legal debt circle-jerk possible with millions in profits, even as the outcome is identical if merely offset by a few days. 

Perhaps during Fed Chair Powell’s next Congressional hearings, someone actually has the guts to ask the only question that matters: why is the Fed now monetizing US debt, and pretending it isn’t doing so just because it grants Dealers a 3-day “holding” period, for which it then rewards them generously?

Via ZeroHedge

How To Buy Bitcoin in Africa

By Elisha (GHCryptoGuy)

In this article, we provide a list of the most prominent places to sell and buy bitcoin in Africa. These exchanges offer their services in several African states, which separates them from other exchanges that provide their services locally.

The top 5 exchanges to buy Bitcoin in Africa include Luno, Paxful, Remitano, LocalBitcoins, and Belfrics. In some cases, bitcoin ATMs are available for the same purpose.

If you are new to the bitcoin or cryptocurrency ecosystem, you should read our Bitcoin explained article and go through our list of things you need to have before you proceed with purchasing bitcoin.

For users who want to read our review of the best exchange options, you can skip this list and go to our review of the best exchange options below.

What Do I Need to Buy Bitcoin?

Bitcoin wallet: A bitcoin wallet is an application software that allows you to store bitcoin. You will need a bitcoin wallet before you buy bitcoin since it is best practice for you to transfer your bitcoin from an exchange to your wallet.

You only have absolute control of your bitcoin if you have it on your wallet. To select a wallet, check out our review of the best bitcoin wallets. Further, the most secure wallets are hardware devices dedicated to storing bitcoin; you could get a Ledger Nano X or Trezor to store your coins.

Personal documents: Most jurisdictions require that exchanges collect personal data of individuals who want to purchase bitcoin. This means that to buy bitcoin in Africa, you will need a national identification card.

This will be required to complete the Know-Your-Customer (KYC) and Anti-Money Laundry (AML) procedures of various exchanges.

Bank Account, debit/credit card, or Mobile Money: You will also need to deposit funds to purchase bitcoin. Most African bitcoin exchanges accept bank account transfer or payments through mobile money and debit/credit cards.

You are required to have at least one of these accounts before you purchase bitcoin,

Bitcoin Exchange: Several bitcoin exchanges allow you to buy bitcoin in Africa. The best bitcoin exchange may differ depending on your location, payment method, and technical know-how. The rest of the article provides a list of the best trading platforms for buying bitcoin.

Here is a quick review of the top 6 ways to buy bitcoin in Africa:


Luno is a popular trading platform that is currently available in 4 African countries, including South Africa, Nigeria, Uganda, and Zambia. Luno runs a cryptocurrency exchange, brokage platform, and wallet making it easier for new users to buy bitcoin in Africa.


The exchange platform is South African owned with offices in 5 countries, including South Africa and Nigeria. Luno also made the list of the top 20 bitcoin exchanges curated by CryptoCompare.

You can buy bitcoin on Luno through bank transfer, cash deposits, and credit/debit cards. Beyond bitcoin, you can also purchase ethereum (ETH) and bitcoin cash (BCH) on Luno. 

How to buy bitcoin on Luno:

  1. Sign up at
  2. Verify your identity with your phone number, national ID, and proof of residence.
  3. Deposit funds via bank transfer or credit/debit card.
  4. Buy your bitcoin quickly via the brokage platform or place an order on the exchange.
  5. You will receive your bitcoin after your order gets filled.

For an in-depth look at the Luno platform, check out our Luno exchange review.


Paxful is a peer-to-peer bitcoin exchange which is very popular on the African continent. As of October 2019, Paxful is now 3 million wallets strong, with over 50,000 trades every day globally. 

The platform’s exponential growth has been as a result of massive patronage from the continent. Paxful recorded over a 64 percent increase in trade volume from Africa in 2019.


You can buy bitcoin on Paxful in all African countries except Burundi, Libya, Somalia, South Sudan, and Sudan. Paxful offers over 300 payment methods for you to buy bitcoin.

This includes traditional bank transfer and credit card deposits. Further, you can buy bitcoin in Africa on the Paxful platform through iTunes gift card, Amazon gift card, PayPal funds, ApplePay, Western Union, MoneyGram, Perfect Money, etc.

How to buy bitcoin on Paxful:

  1. Visit and create an account on
  2. Confirm your email and phone number. Verify your identity by providing your national ID.
  3. Buy bitcoin. Enter your preferred amount, payment method, and currency. Search through the results produced and complete the trade.
  4. Once completed, you will receive your bitcoin in your Paxful wallet.
  5. Optional: Add two-factor authentication to secure your wallet.


Remitano is another peer-to-peer cryptocurrency marketplace. The platform allows you to buy bitcoin in Africa by finding people around you who want to sell. 

The platform is owned by Babylon Solutions Limited incorporated in Seychelles. Remitano is available in Ghana, Nigeria, Kenya, South Africa, Namibia, Zimbabwe, Cote de Voire, Uganda, and Tanzania.


You can buy bitcoin through bank transfer and mobile money (e.g., MTN Mobile Money in Ghana, Mpesa in Kenya). 

Moreover, Remitano’s latest user interface update makes it one of the easiest ways to buy bitcoin in Africa. The user experience is intuitive and smooth.

How to buy bitcoin on Remitano:

  1. Register on
  2. Verify your account with your phone number and email. Provide your national ID to complete KYC requirements.
  3. Search for various orders for selling bitcoin and select one that suits your preferred currency, payment method, and amount.
  4. You will receive your bitcoin after the trade is complete.


LocalBitcoins is a leader in peer-to-peer bitcoin trades. The platform claims to be available in all African countries, making it the platform with the most coverage on this list.

You can buy bitcoin on the platform using over 50 payment methods, including bank transfers, mobile money, and other online payment platforms, depending on your jurisdiction.


LocalBitcoins ranks sellers based on transactional history, and users are advised to go for sellers with high reputational scores. This ensures that you are trading with only trusted traders to minimize risks.

How to buy bitcoin on LocalBitcoins:

  1. Create an account at
  2. Confirm your email address and verify your phone number.
  3. Enter the amount of bitcoin you want to buy in your traditional currency and select your preferred payment option.
  4. You will receive your bitcoin after you complete the trade.


Belfrics is regulated by the Labuan Financial Services Authority, Malaysia. The platform allows you to buy bitcoin in 12 countries, including Nigeria, Kenya, and Tanzania. 


It is a multi-feature trading platform for digital assets & cryptocurrencies, including bitcoin (BTC), ethereum (ETH), ripple (XRP), litecoin (LTC), bitcoin cash (BCH) and belrium (BEL).

You can load your Belfrics account with local currency via bank transfer. Belfrics will charge you a 0.50 percent fee per every transaction. 

How to buy bitcoin on Belfrics:

  1. Register an account at 
  2. Provide your national ID to complete your KYC requirements. 
  3. Deposit funds via bank transfer.
  4. Place your order on the exchange.
  5. Once your order gets filled, you will receive your bitcoin.

Bitcoin ATMs

Bitcoin ATMs work just like standard ATMs. They allow you to buy bitcoin in Africa quickly and anonymously. Bitcoin ATMs usually don’t require ID verification, which provides an option for individuals who may not be able to provide their personal information.


There are several Bitcoin ATMs on the continent. Check out our list of bitcoin ATMs in Africa to find one near you.

If you are looking for a more localized version of this article, check out our guide on ways to buy bitcoin in GhanaNigeria, and Uganda.

Via BlockNews Africa