• How to 51% Attack Bitcoin

    The core security model of Bitcoin is that it is very expensive to generate blocks of transactions. This means it is very expensive to attack Bitcoin by creating fraudulent transactions. Bitcoin miners can afford to invest a lot of money in hardware and electricity, because they are algorithmically rewarded when they do generate a new block.

    Over time, the mining rewards decrease. Next year, in May 2020, the mining rewards will be cut in half. Eventually, there will be no more Bitcoin given as a block subsidy to miners, and the only payment to miners will be transaction fees. This naturally leads to some questions. Will Bitcoin still be secure when the mining rewards are cut in half next year? Will Bitcoin always remain secure, even after all the mining rewards run out?

    Eli Dourado wrote a good analysis of this issue recently. He concludes, “At some point, the block subsidy will not be enough to guarantee security.” But I think we can be more specific. The way to analyze the security of Bitcoin is to look more closely at how a bad guy would attack it. So let’s do that. Our goal is to develop specific metrics for measuring the security of Bitcoin or other cryptocurrencies.

    How much does it cost to attack Bitcoin?

    The most straightforward way to attack Bitcoin is the 51% attack. Anyone can roll back all Bitcoin transactions that were confirmed over a recent time period. You just need more hash power than Bitcoin miners spent over that period. You can use that hash power to generate an alternate blockchain, and the Bitcoin algorithm guarantees that miners will respect your new blockchain over the “original” one. It’s called a “51% attack” because you need to have more than half of the hash power over some time period to perform it.

    How expensive is this? A decent approximation is that the cost of generating an alternate blockchain is equal to the revenue made by miners. From blockchain.com we can get a chart of daily mining revenue over the past year:

    Since miners are profitable, and this is how much money miners are making, this should be an upper bound on the cost of hashpower. It’s pretty volatile, somewhere between $5 million and $25 million per day. I find it easier to think in terms of hours, so somewhere from $200,000 to a million dollars an hour. (In practice, you cannot simply buy a million dollars worth of hashpower over a single hour. But the illiquidity of this market can’t really be relied on for security.)

    So, a reasonable estimate for October 2019 is that it costs about a million dollars to roll back one hour of Bitcoin transactions.

    How profitable is it to attack Bitcoin?

    A million dollars sounds like a lot, but in the context of a financial system that processes billions of dollars, is it really a lot? The way to analyze security is to compare the cost of an attack with the profit of an attack. If profit is greater than cost, an attack is possible, so the system is insecure.

    The way that a 51% attack makes money is by allowing the attackers to do a double spend. You spend your Bitcoin on something, then you use the 51% attack to roll back the blockchain, so you have your money again. You then spend that money on something else. So, you doubled your money.

    “Spend” makes it sound like you are interacting with a merchant, like you are spending your Bitcoin on buying a pizza. In practice, criminals are not trying to spend a million dollars to get two million dollars worth of pizza. Rather than spending Bitcoin to get some consumer good, it makes more sense for an attacker to exchange their Bitcoin for some other sort of asset. The most logical asset is a different form of cryptocurrency. Let’s say Ethereum.

    So the timeline for an attack could look like this:

    1. Start off with $X worth of Bitcoin in wallet A
    2. Move the Bitcoin from wallet A to wallet B
    3. Exchange all the Bitcoin in wallet B for $X of Ethereum
    4. 51% attack Bitcoin. Roll back the A -> B transaction. In the new chain, move the Bitcoin from wallet A to wallet C.
    5. The attacker now owns both $X of Ethereum and $X of Bitcoin in wallet C

    The primary victim of a 51% attack is the exchange. The exchange delivered the Ethereum, but the transaction sending them Bitcoin is no longer valid.

    The critical steps in analyzing profitability are steps 3 and 4. How long does it take to exchange the Bitcoin for Ethereum? How much can be exchanged by an untrusted attacker? If an untrusted attacker can exchange $2 million of Bitcoin for $2 million of Ethereum in an hour, and then spend $1 million to revert that transaction, the attack is profitable.

    Some people have proposed security heuristics, like that mining revenue should be some percentage of the total transaction volume, or the total market cap. When we look at the mechanics of an attack, though, total transaction volume and total market cap aren’t relevant. The key question is how fast an attacker can exchange $X of Bitcoin for another asset. For this attack to be profitable, X has to be higher than the cost of the rollback, which is roughly equal to mining revenue over the rollback time.

    For security against 51% attacks, the amount an attacker can exchange must be lower than mining revenue during the duration of the exchange.

    In particular, Bitcoin’s security depends inversely on how fast it can be exchanged.

    How fast can you exchange Bitcoin for another asset?

    Binance is probably the largest exchange right now. Let’s use them as an example exchange - most exchanges have similar policies, but smaller volumes.

    Binance recently updated their policy to consider transactions finalized within two blocks for Bitcoin, which is about 20 minutes, and 12 blocks for Ethereum, which is roughly three minutes. So the deposit and withdrawal phases of the exchange would take maybe half an hour.

    The more time-consuming part might be the actual exchange of Bitcoin for Ethereum. Openmarketcap can show us the daily trading volume on Binance:

    Per hour, that’s about $20 million of BTC / USDT changing hands, and $4 million of ETH / USDT. You wouldn’t be able to exchange $10 million of BTC to ETH in that hour without totally disrupting the market. If you were exchanging $100,000, that would just be a drop in the bucket. It’s hard to say without analyzing the order books more closely how much extra volume the exchange could support, but let’s estimate that a single trader could take up 10% of the total volume.

    With this estimate, exchanging into ETH isn’t going to work. But you could exchange $4 million of BTC to USDT in two hours.

    I expected when writing this post that I would conclude that Bitcoin is currently fundamentally secure. It doesn’t really seem that way, though!

    The timeline for this hypothetical attack looks like this:

    1. Start off with $4 million of Bitcoin in wallet A
    2. Move the Bitcoin from wallet A to wallet B
    3. Deposit Bitcoin from wallet B into Binance
    4. Exchange it for USDT (takes about 2 hours)
    5. Withdraw the USDT
    6. 51% attack Bitcoin, rolling back the chain 2.5 hours, moving the contents of wallet A to wallet C.
    7. The attacker now has $4 million of Bitcoin in wallet C and $4 million of USDT

    The attacker in this scenario spent $6.5 million to get $8 million. Binance is out $4 million, and $2.5 million got burned on redundant mining.

    Why isn’t this attack happening right now?

    There are three big assumptions that underly this analysis. The biggest assumption is that it is possible to acquire a large amount hash power for a short period of time. In practice, there is nobody who can sell you a million dollars worth of hash power over a single hour.

    Can we rely on a market for hash power continuing to not exist? Maybe. This is essentially relying on large miners being unwilling to rent out their mining capacity. It doesn’t seem like the ideal foundation for security.

    Altcoins are more at risk in this respect, because it is easier to acquire the amount of hash power needed to attack an altcoin.

    The second big assumption is that the exchange will permit an untrustworthy attacker to quickly exchange a large amount of currency. If an exchange can prevent their customers from committing fraud in traditional ways, like knowing who they are and trusting normal law enforcement to prevent fraud, then the risk of a 51% attack is mitigated. Exchanges also might not let you deposit a large sum and immediately trade it. To avoid this, attackers might have to split these trades among multiple accounts or multiple exchanges.

    Smaller exchanges that evade KYC regulation are probably more at risk here. Smaller exchanges might not have the volume to support an attack on Bitcoin, though, so this also means that altcoins are more at risk than Bitcoin is.

    The final big assumption is that the value of cryptocurrency would not be affected by the attack. Perhaps a successful attack on Bitcoin would make the world world stop believing in Bitcoin and make all cryptocurrencies worthless. This isn’t something I would want to rely on, but it does mean, again, that altcoins are more at risk. If the 10th most popular cryptocurrency was attacked, it might have no impact on the price of Bitcoin.

    All of these practical issues imply that altcoins are much easier to 51% attack than Bitcoin.

    Altcoins are the canaries in the coal mine.

    So which altcoins are in the most danger? This analysis only applies for proof-of-work coins, so whatever your opinion is on non-proof-of-work cryptocurrencies like XRP or EOS, this isn’t going to be a criticism of them.

    Our rule for security is that a cryptocurrency becomes insecure when an attacker can trade more than mining revenue. We don’t know exactly how much a single attacker can exchange, but a reasonable assumption is that it is a certain fraction of the total exchange volume. This suggests that we can define a “danger factor” for cryptocurrencies. Call it D:

    D = exchange volume / mining revenue

    Or equivalently:

    mining revenue = 1/D * exchange volume

    Our previous security rule was that if an attacker can exchange more than mining revenue, the cryptocurrency is insecure. With this definition of D, we can rephrase that as:

    If an attacker can exchange 1/D of total exchange volume, the cryptocurrency is vulnerable to a 51% attack.

    A large value of D indicates that a currency has a high vulnerability to a 51% attack. D doesn’t have the same meaning for Bitcoin, since exchanging out of Bitcoin is limited by the volume of the altcoin, rather than the volume of Bitcoin itself. But for altcoins, D seems like a good proxy of risk.

    The nice thing about D is that we can determine it from public information. I gathered some data for this table for ten of the larger proof-of-work altcoins. Mining revenue I got from bitinfocharts, although you have to click around a lot to get it. Exchange volume I got from openmarketcap. The data is just for today, October 7 2019.

    Cryptocurrency         Daily Exchange Volume         Mining Revenue         D
    Ethereum $234,357,917 $2,502,075 93.6
    Bitcoin Cash $45,483,383 $412,722 110.2
    Litecoin $52,306,855 $400,713 130.5
    Bitcoin SV $2,426,079 $143,455 16.9
    Monero $7,260,841 $91,483 79.3
    Dash $2,639,938 $121,673 21.6
    Ethereum Classic $7,188,482 $121,921 59.0
    Dogecoin $451,196 $35,536 12.7
    Zcash $4,571,311 $266,702 17.1
    Bitcoin Gold $251,734 $14,783 17.0

    This is just a snapshot of a single day of activity, so treat it as an estimate rather than a firm basis for decisionmaking, but based on this metric, Litecoin is the most vulnerable to a 51% attack, followed by Bitcoin Cash.

    Ethereum is the next most vulnerable, so it is fortunate they are working on proof-of-stake. The cost of attacking the network should be significantly larger than the cost of attacking a proof-of-work network, relative to mining revenue.

    For Bitcoin, the exchange is limited by the asset on the other end, rather than bitcoin itself. I would estimate its danger factor as D = 30, looking at the BTC/USDT exchange volume rather than the entire BTC exchange volume.


    The risk of 51% attacks is real. Even today, for the security of Bitcoin we are trusting miners to not collude with each other, and trusting exchanges to catch fraudulent transactions.

    However, the risk is worse for altcoins. Litecoin, Bitcoin Cash, Ethereum, Monero, and Ethereum Classic are especially at risk.

    I believe that we will need to upgrade the algorithms behind popular cryptocurrencies to prevent 51% attacks. Ethereum moving to proof-of-stake is a good example. It might make sense to change Bitcoin’s consensus algorithm at some point, but there’s a lot at stake, so it makes sense to move conservatively. Let’s see what happens with the proof-of-work altcoins. If they do get attacked, perhaps it will make sense to alter the Bitcoin algorithm.

  • The Power Of Thinking Irrationally

    I am intrigued by the idea that there may be more powerful ways to think, and by thinking about thinking itself we can upgrade our thought processes. But I am also intrigued by things that go against the conventional wisdom. So I was very curious recently to see Tyler Cowen’s criticism of the rationality community:

    I would approve of them much more if they called themselves the irrationality community. Because it is just another kind of religion. A different set of ethoses. And there’s nothing wrong with that, but the notion that this is, like, the true, objective vantage point I find highly objectionable.

    The idea of an irrationality community fascinates me. Who could possibly support irrationality? Is irrationality good for something? Could there be irrationality enthusiasts, eagerly swapping techniques for the most effective sort of irrationality?

    What exactly is irrationality? From Wikipedia:

    Irrationality is cognition, thinking, talking or acting without inclusion of rationality. It is more specifically described as an action or opinion given through inadequate use of reason, or through emotional distress or cognitive deficiency. The term is used, usually pejoratively, to describe thinking and actions that are, or appear to be, less useful, or more illogical than other more rational alternatives.

    Actions that are backed by inadequate reasoning. Perhaps even actions taken without evidence, based purely on emotion. It sounds bad at first, but actually I think it is very valuable to act this way sometimes.

    I don’t think rationality is bad per se. It’s more like, there are several modes of thinking. Sometimes it’s better to think in “rational mode”, and sometimes it’s better to think in “irrational mode”. Depending on the situation, you might want to switch from irrational to rational, like an MMA fighter switching from boxing to jiu-jitsu. (It’s similar to Thinking Fast And Slow, but I don’t necessarily think the irrational mode needs to be faster.)

    So I mentioned that I thought rationality was overrated to someone, and they remarked that they were surprised, because I am a “mathy” person, that I would be the sort of person to dismiss rationality. But I think math is a great example where you want this sort of dual, sometimes-rational-sometimes-irrational thinking. Sometimes you work very rationally on a math problem - you see x + 2 = 5, you want to solve for x, you recall an algorithm for this, you execute the steps one by one, the end. But for a tricky math problem, you might actually spend most of the time without reasons for what you do. You can just stew around in more of an “irrational brainstorming” mode, where you don’t have reasons or evidence, you just have loose fuzzy emotional heuristicky thinking, until you seize on what you think is a solution. And then you can toggle into “rational mode” to check the solution for validity, but still you spent the vast majority of your time in “irrational mode”.

    Let me go through an example. Here’s a math puzzle that someone just randomly asked to me while we were walking around once. It’s a question: can you pick five lattice points and connect each pair with line segments so that no other lattice points are on those line segments?

    If you don’t know what a lattice point is, it’s just the points (x, y) where x and y are both integers. So the lattice points look like this:

    And a solution to the problem would look like this…

    …except that the line segment marked with an X contains another lattice point. So in fact this isn’t a solution, and if you keep poking around by trial and error you will find it quite difficult to find a solution.

    (If you want to solve this problem without me really getting spoilery, do it now without reading any further.)

    This sort of problem doesn’t require any advanced math, but it doesn’t map to any sort of math problem you drilled on in high school. Some people will just read this problem description, and then, nothing pops into their head. Or they trial and error a few times, fail, and then don’t know what else to do. They will just stare blankly at the problem and not know what to think about next.

    When this happens to you, rational thinking is worthless. If you don’t have any evidence to start out with, you can’t start making rational conclusions. So when you find yourself totally stuck, thinking no thoughts at all, that is your mental cue to switch into irrational mode. You’re too far away to grapple - use boxing instead of jiu-jitsu.

    To think irrationally about this problem, just don’t worry about logical connections making sense. Feel out for any emotions about the problem that you have and assume they are axioms. Think of other things that this reminds you of. If A implies B, and you know B is true, imagine for a second that that implies A. Let yourself use some logical fallacies. Just see if those lead you somewhere interesting.

    At this point, I would come to irrational conclusions like:

    • I tried to do it several times and could not. Therefore it is impossible.

    • Since the graph connecting 5 points is nonplanar, and these lattice points are in the plane, it also cannot be embedded into lattice points.

    • The number 5 is very ugly so it causes the math to fail.

    • Lattice points are made up of squares, and the square’s favorite number is 4, so 4 can work but not 5.

    • You can jam four things in there but there just isn’t enough room to jam five things in there.

    These conclusions are not based on evidence, they are not based on logical arguments, they are not really logically correct, they are tainted with all sorts of emotions and biases, and at least one is just totally wrong. But they are useful because they are maybe correct, more likely than 0% chance correct, and they give you sparks to continue. And they are not just useful inside one person’s head - if you have multiple math-problem-solvers brainstorming, it’s useful to share these half-thoughts with each other. You have to trust your collaborators to be fairly intelligent. But when you are in a group you trust, it can really help you to accept some irrational conclusions. And that principle goes beyond solving math problems.

    Anyway, some of these irrational conclusions can be the seed of a rational proof. Perhaps the “not enough room to jam it in there” reminds you of the pigeonhole principle and the answer comes to you in a flash. Or perhaps the five-versus-four and squares-are-beautiful aspects lead you to think about a very simple way to solve it for four points, and ponder deeply why this particular solution can’t be extended to five points:

    Why can’t this be extended to five points? This example is simple enough that you can try extensions in your head and label each new point by which of these four original points it conflicts with. You will get lattice points labeled like:

    A B A B A B
    C D C D C D
    A B A B A B
    C D C D C D
    A B A B A B

    You can’t have more than one A in your five points, and actually that is true even if you didn’t start with the simple square, if you think about it.

    (I’m not quite sure how much my blog audience would like me to spell out the math here, but perhaps I’ll leave it at this.)

    I suspect that most people who are trying hard to get better at math, or at similar skills like programming problem-solving, are actually not struggling with the “rational” part, of rigorously proving something works. They are struggling with the “irrational” part, of how do they make progress when they are unable to make rational conclusions. So don’t feel like it’s dirty or inappropriate. Thinking irrationally can be another useful tool in your toolbox. Embrace it, and let me know what irrational techniques work for you.

  • Silicon Valley's Manifest Destiny

    Silicon Valley is famous for having things with nonsensical names. It’s not just the startups, it’s also the place names. For example, “Mountain View”. Here’s a view from a field right next to Google’s main campus. It seems… pretty flat. How do you arrive in this place, look around, and think, I know, I’ll call this “Mountain View”?

    So for a long time I assumed “Silicon Valley” didn’t mean anything. It doesn’t feel like a valley, it feels like a flat area that’s next to a bay. This is the sort of trivia that I ignore for a decade, and then one day in a fit of random curiosity look it up on Wikipedia, and lo and behold it is actually named after a valley:

    Silicon Valley is a nickname for the southern portion of the San Francisco Bay Area, in the northern part of the U.S. state of California. The “valley” in its name refers to the Santa Clara Valley in Santa Clara County, which includes the city of San Jose and surrounding cities and towns, where the region has been traditionally centered.

    This naturally leads to the question of what counts as the Santa Clara Valley. Wikipedia again:

    The valley is bounded by the Santa Cruz Mountains on the southwest, which separate Santa Clara Valley from the Pacific Ocean, and by the Diablo Range on the northeast.

    Here’s a diagram:


    The Santa Cruz Mountains, on the left, are the same mountains you can’t quite view from Mountain View.

    Originally the “valley” referred to the area San Jose and southwards. Its industry-specific nickname was the “Valley of Heart’s Delight”, because until the 60’s it was the largest fruit production region in the world. Then that all got displaced by tech companies, which makes the name “Apple” seem a bit less friendly and a bit more passive-aggressive.

    Nowadays the area considered Silicon Valley has expanded to include the stretch from Palo Alto to San Francisco. But in a sense it’s still a valley between the Santa Cruz Mountains and the Diablo Range. It’s just a really big valley so you can’t necessarily see its valley-ness while you are in it.

    So Silicon Valley is sprawling. Where will it stop? My theory is that Silicon Valley will inevitably expand to fill all of the space between these mountain ranges, like a modern version of Manifest Destiny. Imagine Oakland, San Leandro, Fremont, and Gilroy all steadily invaded by an army of techies.

    Why Silicon Valley’s Manifest Destiny Is to Fill Up The Physical Valley

    1. Rent. This is the obvious one, everywhere from San Francisco to San Jose is getting more and more expensive.

    2. Nominative determinism. The word “valley” is part the phrase “Silicon Valley”. Therefore, mystical grammatical fate will drive them together. There is a certain magic to saying, yes we’re located in Silicon Valley. I think you can say that with good faith if your company is located in San Leandro or Gilroy. If someone complains, point to this picture of the mountain ranges.

    3. Software is eating the world. There are still lots of non-tech-dominated industries. If we keep eating those industries a la Uber and Airbnb, and Silicon Valley keeps having most of the eaters, we will have more and more massive companies in Silicon Valley and need more space to put them.

    4. Self-driving cars. It takes two hours to commute from Gilroy to Menlo Park. If self-driving cars make a two-hour commute something that isn’t too bad, all of a sudden Gilroy is a much nicer place to live.

    I think this last reason is underrated. Imagine a world where your car is a great place to work. Sure you can have a two-hour commute. Just hop in your car at 8, get to work at 10, leave work at 4, get home at 6, and hey that’s a 10-hour work day because your car is just a one-person office on wheels. You can put your in-person meetings from 10 to 4 so you don’t have that “remote office” feeling of not actually sitting next to your coworkers. So why bother living closer than two hours to the office?

    Recently I have read a number of interesting analyses theorizing what the good investment opportunities are, if self-driving cars work out. Perhaps a simple answer here is “Gilroy real estate”.

  • Why You Can't Say

    Recently on a tip from Ivan Kirigin I reread this now-ancient Paul Graham article, What You Can’t Say. Like the idea of Straussian reading, the essay is looking for secret truths which are currently inappropriate to share publicly.

    It’s tantalizing to think we believe things that people in the future will find ridiculous. What would someone coming back to visit us in a time machine have to be careful not to say? That’s what I want to study here. But I want to do more than just shock everyone with the heresy du jour. I want to find general recipes for discovering what you can’t say, in any era.

    At first I was going to dig in, follow the instructions in this essay, perhaps try to get meta and turn them on the essay itself, and find some secret truths. But there was just too much to bite off at once and I ended up gnawing on a tangent.

    Specifically, the part that really sparked some thought for me was this hypothesis on the source of taboos:

    To launch a taboo, a group has to be poised halfway between weakness and power. A confident group doesn’t need taboos to protect it. It’s not considered improper to make disparaging remarks about Americans, or the English. And yet a group has to be powerful enough to enforce a taboo.

    I suspect the biggest source of moral taboos will turn out to be power struggles in which one side only barely has the upper hand. That’s where you’ll find a group powerful enough to enforce taboos, but weak enough to need them.

    I’m not totally convinced that most moral taboos come from power struggles. My personal suspicion is that the best explanation of the source of moral taboos comes from the theory of social constructionism:

    Human beings rationalize their experience by creating models of the social world and share and reify these models through language.

    Basically, some truths you believe because they are inherently logical. If at least one of Alice, Bob and Eve has a wrench in their pocket, but Alice and Bob have no pockets, then Eve has the wrench. Some truths you believe because there is empirical evidence. The Earth is round because I saw it on the SpaceX video. But some truths you believe just because other people believe them.

    Instinctively you might think, oh ho that is one of the 147 types of bad arguments. But in practice there are a zillion things you believe not because of logic, but because other people told you to.

    • You shouldn’t eat mud
    • Red lights mean stop
    • Human life is a precious thing

    Lots of useful and totally true facts about the world are socially constructed.

    This can lead to a taboo situation, though. A small group believes X. A much larger group believes Not X. Since both of these truths are socially constructed, there’s no baseline reality. There’s no way to have an intelligent debate. So the larger group turns into an angry internet mob and shouts down the smaller group.

    I believe the topic of startup advice is particularly vulnerable to this phenomenon. You cannot deduce the principles of running a startup from first principles. One effective mechanism is to learn what worked for successful startup founders - to seek out their socially constructed truth. But that’s a pretty small group. In particular, the set of all people in tech industry is a much larger group. Sometimes these groups have opposing socially constructed truths.

    Here’s an example: whiteboard interviews. Are whiteboard interviews a good strategy for interviewing people, or a bad strategy for interviewing people?

    Go read mainstream tech news or social media and you will conclude that whiteboard interviews are terrible. From the first few search results for “whiteboard interviews”:

    The mainstream conclusion is clearly that whiteboard interviews are a bad idea. But on the other hand:


    The most successful companies all use whiteboard interviews. It’s not just the top big companies, it’s the top late stage startups, top early stage startups, the top tier at every point. Nevertheless, the median tech internet is opposed. What’s happening here?

    I think the fundamental discord comes from the nature of interviewing. For example, Google accepts under 1% of job applicants. And yet Google has 70,000 employees. If my simplistic math holds up, they have rejected over 7 million people.

    Personally, when I go apply for a job, I think of it like an axiom that I deserve that job. When I get rejected I usually conclude the company is either morons or evil or perhaps if the interviewers were very kind I will be charitable and just conclude that it’s a flawed process. So yeah, I can see how there would be 7 million people out there convinced that Google interviews are a flawed process. They know they are correct because their friends mostly agree with them. But I don’t think Larry is kicking himself wishing they had never adopted the whiteboard interview.

    What is really a shame, though, is that once I had a conversation with a startup CTO that went like this:

    Me: So how’s recruiting?

    CTO: Going great, not having any trouble finding software engineers.

    Me: Wow, I don’t hear that often.

    CTO: Yeah, once we raised we needed 8 people and we hired them in a month.

    Me: Double wow. How did your tiny team even do enough interviews to hire 8 people in a month?

    CTO: Oh, we only had to interview 9 people.

    Me: Uh oh. How did you interview them?

    CTO: Well as everyone knows, whiteboard interviews are terrible, so we just kind of chatted about their past experience.

    Me: Oh no.

    CTO: I have a really good feeling about this.

    So, be careful about taking the median startup advice. You might end up with the median outcome.

  • Higher! Higher!

    I read a decent amount of fiction and I also read a decent amount of nonfiction. But nowadays I really read a lot of kids’ books.

    At first reading to children seems like, well you get some kids’ books and you just go read them a book, that’s all there is to it. The medical establishment strongly recommends it and it seems like reading to children might also be one of the key ways that parents pass on their advantages to their children, so read books to your kids. That stuff makes it seem like reading to kids is a “yes or no” thing. If you read to your kids then you are a good parent and if you do not you are a bad parent. So at first I just thought, “Okay I’ll do it!”

    But after a while I started thinking, what am I trying to achieve with this reading experience? What should I be focusing on? What should I be trying to get the kid to do? And especially, what sort of book is a good one to read to kids?

    Rather than lay out some abstract principles, I am going to claim that the single best book for the 0 years old to 2 years old range is Higher! Higher!.


    At this point you might be thinking, is this guy seriously writing a book review that is orders of magnitude longer than the book itself? The answer is yes.

    But let me explain why this book is a good one. I have different tactics to suggest for the different parts, and I will quote literally all the words in the book as we go along.

    Rising Action

    As an adult, you might find the first nine pages somewhat repetitive.

    1. The cover shows a girl, probably named Tia, on a swing, saying:

      Higher! Higher!

    2. The title page shows the girl’s father pushing the girl, and it repeats the title of the book:

      Higher! Higher!

    3. On the first “real page” of the book, the father is pushing the girl already a dangerously high amount, with the swing-ropes already above horizontal, and yet the girl requests:

      Higher! Higher!

    4. The girl is now swinging higher. She is approximately the same height as a giraffe, and saying:

      Higher! Higher!

    5. The girl is now swinging higher. She is approximately the same height as a building. A balloon, dog, cat, mountains, and a game of checkers are visible. She requests:

      Higher! Higher!

    6. The girl is now swinging higher. She is approximately the same height as the previously-visible mountain. There is a distant airplane. She is saying:

      Higher! Higher!

    7. The girl is now swinging higher. She is hanging out with two airplanes, and continues to request:

      Higher! Higher!

    8. The girl is now swinging higher. She is in space, maybe low earth orbit. There’s a rocket in the distance, and she says:

      Higher! Higher!

    9. The girl is now swinging higher. She is right next to the rocket, which naturally has a monkey inside. The girl demands:

      Higher! Higher!

    Okay, so you probably detect a pattern here. The first eighteen words are all the word “Higher”. This might drive you nuts at first. But I think it is a good thing.

    The point of reading books to a kid is not really to get them used to the process of listening to a book being read. It’s to get them excited about reading books themselves. And I do not think there is an easier book for a small child to read than this book. If you can only remember one word in your whole brain, as long as it’s the word “Higher”, you’re going to be able to follow along with a significant chunk of this book. Even read entire pages. Which is pretty exciting if you’ve never done that before, in your life.

    Another piece of good design is the page-to-page continuity. For adults it is taken for granted that when you turn the page of the book, the next page is supposed to represent the same story, but just a little bit more in the future. For little kids, that isn’t necessarily obvious. But when you see a distant airplane, the girl requests “Higher”, and then the airplane is close up, that mapping becomes a bit more clear. As the reader you can either engage with this, talking a bit about the stuff in the picture before you turn the page, or skip through it, depending on your mood.

    A final aspect of this first phase of the book that I really like is that the main character is a girl, and the plot includes many “traditionally boy” things, like airplanes, traveling to outer space, and a rocket.


    Now comes the part to really stress your toddler’s reading skills. Different words. The climax is spread over three pages.

    1. The girl finally swings as high as she can swing, and sees… an alien kid who is also on a swing.

      Girl: Hi! Alien: Hi!

    2. The girl and alien exchange a high five.

      High five!

    3. They bid a fond farewell.

      Girl: Bye! Alien: Bye!

    The neat thing about this exchange is that each of these utterances has an associated hand gesture. I find it is easier to teach little kids words when they come with an associated “thing to do”. So you can wave hi, do a high five with your kid, and wave bye.

    High fives are particularly underrated. At some point you can explain where the “five” comes from and get them into the math of having five fingers a little bit. Children seem to love it. It’s hard to believe the high five was only invented in the late 70’s.


    An interesting question is whether this alien is male or female. Or “other”. I like to ask my kids to see what they think.


    Three mercifully wordless pages follow. The girl swings back down into the atmosphere, towards the playground, and is caught by her father. On the very last page, the girl turns to her father and has a last request:


    Of course, your child is quite likely to interpret this “Again!” as a reminder, that they should also turn around and ask you plaintively, “Again?”

    Such a clever engagement hack by the author. Like the Netflix widget that just quietly nudges you to watch the next video in the series. But this time, it’s a good thing, right? Because reading to your kid is good for them and you want to get them excited to read another book?

    So there you have it. Higher! Higher! is a strong book for small children. The key is that you can do more than just read it to them. You can get them engaged with the words, and nudge them bit by bit into reading it themselves, even if they have never done that with any book before.