"Whew, wondered where we'd put those 200,000 BTC!"

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Mar 23 18:47:16 PDT 2014 

Kelly John Rose <iam at kjro.se> writes:

>Having worked on some complex banking and accounting systems before, I know
>there is a lot more to the equation than simple coding up some crappy ruby
>code and putting fixes in place whenever it doesn't quite do what you want.
>
>Financial cryptography is expensive to do mostly because there is a strong
>need to not only implement good code, but also make sure the engineering is
>done correctly the first time and that it has the expensive physical security
>to back it up.

Absolutely.  Some time ago I had a long chat with someone who worked on large-
scale financial processing systems.  Among other things his organisation tends
to act as a stress test for any hardware or software they use since they push
it beyond what anyone else ever manages (and no, it's not HFT, just standard
banking clearing).  Their prime directive is that financial value can never be
created or destroyed, so you can never have a situation in which a failure
anywhere will result in one blob of financial value being recorded in two
locations, or no locations.  Saying that you'll address this by rolling back
transactions won't fly both because no standard database can handle the load
they work at, and because the financial world isn't going to stop and wait
while you perform a rollback.

To give some examples of what this entails, they only use the outer sets of
tracks on their disk arrays to maximise data throughput/minimise head
movement, if they were to use the entire platter the system couldn't keep up.
Cacheing doesn't help, they did try it with the most exotic cacheing
technology that EMC could provide them and found that after X hours throughput
dropped to a fraction of what it had been.  Although EMC had simulated this
situation they never expected that anyone would be able to do it in real life.

They also managed to figure out the computing power of a USG agency using a
certain type of architecture because, when they wanted to buy the entire
production run of a particular just-introduced CPU for several months they
found that an unnamed US customer had already bought six months worth of
production ahead of them.

I think this is about as far from hacking together "some crappy ruby code" as
you can get while still remaining on the same planet.

Peter.

More information about the cypherpunks mailing list