Cryptographic Currency

CS 463/480 Lecture, Dr. Lawlor

What do you want out of money? 
If you're a buyer, you want...
If you're a seller, you want...
If you're a criminal, you want...
  • Anonymity, so nobody can track your purchases.
  • Tracking, so you can find your customers and sell to them again.
  • Anonymity, so nobody can bust you.
  • Refunds to be easy, so sellers can't give you shoddy goods.
  • Refunds to be hard, but possible, to keep your buyers happy.
  • No refunds, so you can make a clean getaway.

Currently, cash works reasonably OK for buyers and criminals, but it's way too easy to counterfeit, handling lots of cash is expensive for sellers, and doesn't give sellers the ability to track buyers.  The biggest weakness of cash is physical theft--muggers, sales clerks dipping into the till, bank robbers, seizure by law enforcement, etc. 

Credit or debit cards have a high 1-3% transaction cost, nominally paid by the seller, but the seller then gets the buyer's name and address, and nobody has to carry cash, which is good for everybody except criminals.  These transactions allow refunds to be initiated by either party ("chargebacks"), which is good for everybody except criminals.  Sadly, it's still ridiculously easy to steal credit card numbers, since they're not only printed in large friendly letters on the front of the card, they are vulnerable during processing.  There are security standards for protecting these numbers, called Payment Card Industry (PCI) compliance, but this is a nearly hopeless perimeter all the way from the point of sale to the issuing bank.  (It's slightly better for chip-and-pin, since the secret never leaves the chip inside the card, although because the card has no display, there's no way for the purchaser to really verify what exactly they're purchasing: a coke downtown, or a Macbook in Romania?)

The original electronic currency is the Automated Clearing House (ACH) network used by US banks for processing direct deposit and direct payment, and the Society for Worldwide Interbank Financial Telecommunication (SWIFT) used for international bank transfers.  Banks also transfer lots of money between themselves using nostro and vostro accounts.  These bank-built networks rely entirely on perimeter security: since only banks exist inside the network, any bank can see and create transactions.  A security failure at the Bangladesh Central Bank in 2016 allowed unknown attackers to both steal and transfer tens of millions of dollars around the world.  Many big banks recently formed a consortium, R3, to examine how to use cryptocurrency ideas to make bank-to-bank transfers more secure.

Enter cryptocurrencies!  The basic idea is a "sender signs" rule: anybody can post a public key that allows them to receive cash.  To send cash, you sign a transaction with your private key, and the receiver can then post the transaction to a public ledger--in theory this ledger could be some trusted centralized organization (eg, PayPal, Google, Apple), but in practice you'd worry the central organization would post fake transactions stealing all your money.

A blockchain uses a peer-to-peer public ledger, so it works without any trusted central authority.  Unlike with wikipedia, the ledger is designed to be append-only, via the "mining" process described below.  Unlike with credit cards, you never reveal your private key, so there is nothing crossing the network to steal.  Typically the public key is not associated with your real identity in any way, so buyers (and criminals) get the anonymity they want.  The cryptocurrency transaction has no way to force a refund of a transaction, which means processing fees are low because no humans need to make a judgement call about whether the buyer or seller is correct, but it also means stolen cryptocurrency is truly gone.

Blockchain gets used for a variety of wacky things, including:
Since everybody replicates everything on the blockchain, it's a shockingly inefficient system.  Probably if you can trust somebody, a permissioned ledger (like Ripple's XRP) is a better design, allowing much higher throughput, but you do need to both trust and verify, which means spending money on auditors and internal controls. 

Technology of BitCoin

It's actually pretty simple:
There are several good writeups of the technical details, such as "Bitcoins the hard way", which uses the address 1KKKK6N21XKo48zWKuQKXdvSsCf95ibHFa.  The original paper by "Satoshi Nakamoto" from 2008 is quite readable.

The surprising things about it are:

Value of BitCoin

One problem with BitCoin is nobody knows what the value should be--is a pizza 10,000 BTC or 0.001 BTC?  At some point both of these have been true.  BitCoins, like gold or land, are indeed somewhat scarce ("Buy land!  They're not making it any more."), but this is a poor argument for value--any pebble is utterly unique, but valueless.

The US dollar to bitcoin conversion rate has been quite volatile, with single-day drops exceeding 50 percent.

chart of bitcoin value to 2015

Value stability can be a problem with any currency, where there are two macroeconomic error conditions:


The other huge problem with alternative payment services is they tend to get used for thing you can't do on legitimate services--for example, illegal transactions like money laundering or drug transactions.  This means what looks like a technical issue, preserving anonymity in transactions, turns into a very controversial social and very thorny moral issue.

For example, the $1m/month online illegal drug marketplace  Silk Road used BitCoin as its payment service, despite denominating prices in US dollars.  Dealers and buyers still get busted, but it's during delivery, or because they didn't hide their IP address sufficiently, not via the payment service.

Morality of Drug Laws

In 2010 a doctor of neuropsychopharmacology in the UK led a workshop of experts to quantify the harms from a set of drugs, resulting in this surprising chart:
Nutt et al study of
        drug harms, chart by type of harm

The first author of the study, David Nutt, was fired from his position on a UK government research council due to disagreements about this approach.

I personally am not sure what the lack of correlation between harm and legality implies--should we ban the manufacture, possession, and distribution of alcohol too?  Legalize everything to the right of some trade-off point? Reboot our approach to drug addiction entirely?  How? Unfortunately, there are no easy answers, only complex and historically dependent trade-offs.

One lesson here is you can't ignore the second-order and third-order effects of your choices.  The designer of BitCoin chose to make transactions anonymous, which has fairly straightforward implications for a very touchy subject that could result in BitCoin being demonized and banned.