Being an example...

The Trouble with Blockchain January 7, 2018
Blockchain's raison d'Ítre is providing peer-to-peer transactions, but does it?

Many of the strange and wonderful aspects of bitcoin originate in its colorful narrative, wherein facts, hopes and criticism swirl together: a mysterious birth; the scene of an orphan backed by nothing but an anonymous text and a collection of computer programs; growing stature as the first cryptocurrency; serious decline and recovery when its main exchange is hacked and hundreds of thousands of bitcoins are stolen; and not least, the remarkable arc of its valuation. The market for bitcoin is anchored in beliefs its technology fills a gap left by banks and national currencies, pushing the narrative to its conclusion, where bitcoin becomes a new standard of commerce. Plenty of people are ringing alarm bells, most questioning whether bitcoin can maintain its sky-high valuation. We'll avoid taking a position on that, instead we raise a more basic concern: that perhaps bitcoin fails to accomplish exactly what it was created to do.

More precisely, it appears (details follow) bitcoin's blockchain algorithm does not secure "peer-to-peer" transactions after all, which is what the famous founding paper set out as its purpose (see sidebar for the paper's abstract).

What is a peer-to-peer transaction? It is an exchange between two parties who don't necessarily trust each other and who don't have the services of an honest broker, such as a bank. One party gives bitcoins to the other for goods and services. The crux is that by using the blockchain, at every step in the exchange both parties are supposed to be protected. The peer-to-peer transaction model is the premise and justification for bitcoin(see sidebar). Why is a peer-to-peer transaction so important, and how have we arrived at a point where one bitcoin is worth thousands of dollars, yet it doesn't seem to do the one thing it was designed to do?

If bitcoin is a currency, it is a fiat currency: one that is not backed by something tangible, such as gold. The US dollar became a fiat currency in 1971, after a complicated history of gold coinage, mixed gold and silver coinage, and, finally, the gold standard. Even when the gold standard was supposed to be in force, not all dollars could be redeemed for gold. Today, virtually every national currency is a fiat currency. And, the standard government-backed fiat currencies do quite well as mediums of exchange. So why bother with bitcoin? What advantage does bitcoin offer? Bitcoin claims to remain free of any government, by allowing those peer-to-peer, "decentralized" transactions. Free of any government means bank deposits can't be totally or partially confiscated as they were during the Cypriot financial crisis in 2013. It also promotes sound money, because, unlike central banks, who freely print money, the issuance of cryptocurrency is restricted in advance by the algorithms. People value bitcoins in part because they believe money is more valuable when it is disconnected from government.

Blockchain is supposed to allow two parties to barter bitcoins without requiring them to trust each-other or to have access to a bank. But it's a cumbersome mechanism, the price free-from-the-government seeking citizens pay so cryptocurrency does not rest on services, like banks and policing bodies, that are regulated and controlled by the government. Instead of relying on a bank and a police force, the bitcoin/blockchain exchange algorithm is a manifestation of the Internet. It brings to bear the community of participants who trade bitcoins. An ever-changing group of bitcoin traders, represented by their Internet-linked computers, collectively confirm transactions and keep track of the blockchain. The founding algorithms, embodied in open source computer code, control actions these linked computers, known as the "nodes," are allowed to perform.

The key challenge of a peer-to-peer transaction is prevention of "double-spending." How do you prevent a trader, such as Anne, from transferring the same bitcoins twice, to, say, Bill and Charlie? How do you make sure Anne, Bill and Charlie (and all the nodes) agree on one version of the blockchain, after each transaction? The blockchain is bitcoin's history, it grows when Anne transfers her bitcoins. In order to prevent just anyone from adding to that history, a node gains the privilege and some bitcoins, when it discovers the solution to a mathematical problem. The process of looking for new bitcoins by solving problems is called "mining," and a node running a program that finds solutions by trial and error is called a "miner." A miner begins by collecting reports received from bitcoin owners that say: "I hereby transfer these coins to this new owner," and builds a "block" from the reports. The block's header is translated into this mathematical problem: find a string that can be joined to the header so when the combined string is translated by a well-known encryption algorithm (created by the US National Security Agency) into another number, that number is less than a certain threshold. What miners do is not technologically difficult. They mechanically add one string after another to the header until the encrypted answer comes out low enough to qualify as a solution. When a miner solves the problem, he finds the key for adding the block to the blockchain. The miner adds the block and publishes the blockchain containing the new block for all the nodes to see.

Solving these obscure mathematical problems is called "proof of work," and it is a mechanism that paces the rate blocks are added to the blockchain, so all the nodes can keep track of changes. The presumption is mining success will be spread out among nodes, preventing a miner or cartel from manipulating the blockchain to its advantage. Successful miners are big players: in December, 2017, about 0.2% of the world's electricity was expended running bitcoin mining operations, and mining success is increasingly concentrated in a few mining cartels. Currently, over 50% of bitcoins are created by the top 4 mining cartels.

Anne proves she has the right to transfer her coins with her "digital signature." A digital signature is a text string that appears to be nonsense, but for which there is a publicly available key that allows anyone to translate it into an intelligible statement. Anne has a unique private key that generates her signatures (Anne gained the pair of keys when she acquired her bitcoins). Using Anne's public key, everyone can see Anne's report is valid, but lacking Anne's private key, it is virtually impossible for anyone else to generate any string that makes sense when it is unencrypted with Anne's public key.

The blockchain, however, hasn't yet stopped Anne from double spending — she could have sent separate transfer reports to two different miners, sending the same coins to both Bill and Charlie. If she does, two miners add different blocks to the end of the blockchain. So, for the moment, the blockchain exists in two forms. But the two versions will not last long. Each time a miner begins to build a new block, he looks for all versions of the blockchain that currently exist. If multiple versions are found, the miner is required to use the longest.

With reasonably efficient communication, once one version of the blockchain grows longer than the others, it is virtually impossible for the shorter ones to catch up. The shorter versions are discarded by the nodes. Blocks that were added to the shorter versions are wiped out and transfers in those blocks are returned to their owners, who send them back out to the world of miners, so they might be placed into another block and with better luck permanently added to the blockchain. When there are multiple versions of the blockchain, all but one quickly disappear.

That it is "virtually impossible" for two versions of the blockchain to continue to grow depends on probability arguments that don't hold up if one mining cartel discovers too many bitcoins. For this reason, critics question whether bitcoin is a reliable medium of exchange. The peer-to-peer transaction problem does not depend on probabilities or the state of mining, however.

How does Bill know in advance whether Anne's transfer to him will become embedded in a stable version of the blockchain? He doesn't. If he is prudent, Bill waits until the blockchain has grown past the block containing Anne's transfer record, before concluding Anne has successfully transferred her bitcoins to him. He should not release what he is trading to Anne until their transfer is well embedded in the blockchain.

But if Bill can now safely conclude Anne has transferred coins to him, and complete the exchange, then Anne has trusted Bill: she had to wait until Bill could see the blockchain stabilize. In order to protect Bill, Anne must wait until the blockchain stabilizes before receiving value from Bill. However, it is not prudent for Anne to send her transfer report to a miner before Bill releases his assets to her. Bill and Anne are caught in a paradox the blockchain algorithm cannot resolve: to be prudent, neither Anne nor Bill can let go of their trade assets first, and, because the blockchain requires one or two blocks to be added before it stabilizes, between the two sides of an exchange will be a substantial delay.

In the real world, a trade occurs when either Anne trusts Bill (usually because Bill is a large, respected business that has established a portal to accept bitcoins), or via an exchange. An exchange is a disinterested third party who submits Anne's transfer to a miner and holds Bill's trade assets until the blockchain stabilizes. After the transaction is safely embedded, the exchange releases Bill's assets to Anne. Without a presumption of trust on one side or the other, bitcoin requires a disinterested referee, which, of course, contradicts the definition of a secure peer-to-peer transaction.

Can the situation be patched? Not easily, and possibly, not at all. One might gin up a mechanism in which the nodes collectively act as a trade asset verifier. This would require substantially more machinery than the current blockchain algorithms, and would introduce several hazards. Imagine a group of nodes working together to form a temporary entity acting as an asset holder, which must dissolve after the blockchain stabilizes and both trade assets have been released to their new owners. The group would temporarily control ownership of the assets, using distributed information so no single node is able to access assets on its own.

Through most of its history, bitcoin has traded on exchanges without the background, substance, or regulation of a typical bank, usually organized for no other purpose than trading cryptocurrencies. Bitcoin traders have suffered for that. A number of cryptocurrency exchanges have been hacked and millions of dollars of bitcoins have been stolen. According to a Wired Magazine report published in April 2013, and quoted in Wikipedia, 45% of exchanges "end up closing." Traders are left with two choices: trust one's cryptocurrency to a dodgy non-government regulated exchange, or to a perhaps safer, but government controlled entity.

If bitcoin fails at something so fundamental as supplying a secure peer-to-peer transaction, why has it gained acceptance? Several factors come to mind.

  • First, truth be told, bitcoin traders do not desire peer-to-peer transactions. They have reasons to prefer exchange-dominated trading. Exchanges create liquidity and a ready market; and they record transactions, creating a quotation system. Exchanges offer reassurance, and perhaps most important, most traders are probably uncomfortable taking control of the encryption software behind blockchain transactions. Most traders acquire a cryptocurrency "wallet" to hold all their bitcoins, which is an artful term for an exchange account.
  • The fear of becoming a victim of double spending currently is not such a large concern. If mining activity continues to be concentrated, however, this could become a larger problem. While traders have other reasons to do business via an exchange, using the exchange also removes (or at least substantially reduces) the risk of loss from double spending.
  • Bitcoin is not widely used as an actual exchange vehicle. Much has been written regarding this, so we won't say much here. What we will say is the most important requirements of actual barter, which are fast and cheap transactions, were sufficiently important to inspire creation of a new currency, known as "Bitcoin Cash," which branched from bitcoin in August 2017. However, it was not sufficiently important to motivate the Bitcoin Foundation to adopt software changes that Bitcoin Cash was formed to employ. Bitcoin Cash is a substantial cryptocurrency, but it does not approach bitcoin in total valuation. So, apparently, the requirements of day to day barter are important to some, but not a majority of traders.
  • Exchanges are becoming more mainstream, and thus more reliable, even if they are becoming more likely to be controlled by a government.
  • Another factor is the way markets react to events. Risk assessment bends towards the persistence or repetition of dramatic events, and perceptions of expert opinion. In the case of bitcoin, acceptance by growing numbers of mainstream financial institutions, and bitcoin's ability to pull off its nine lives of near death and recovery, act as powerful anodynes.

    Will realization that bitcoin must depend on exchange trading affect bitcoin's future? The main casualty will be the notion that bitcoin is independent from government control. Traders have the choice between exchanges that are not regulated by governments, and are clearly not reliable, and ones that are subject to government control or at least interference (which in some minds, makes them equally unreliable). With regulation comes loss of their independence from government, but bitcoin is not the wildflower it once was. Today's traders have different concerns than the bitcoin founders. Will traders abandon bitcoin when they realize the promise of independence from government cannot be kept? Like so many predictions for bitcoin, it could easily go either way.