Author

I am Joannes Vermorel, founder at Lokad. I am also an engineer from the Corps des Mines who initially graduated from the ENS.

I have been passionate about computer science, software matters and data mining for almost two decades. (RSS - ATOM)

Meta
Wednesday
Aug032011

## Bitcoin, thoughts on a nascent currency system

Bitcoin is a fascinating concept, in short, it's a crypto-currency backed by nothing other than raw processing power and geeky enthusiasm. For those who've never heard of it, you can have a look at the introduction provided by the Bitcoin community itself or by The Economist.

This currency seems to trigger a much positive reactions than skeptical ones. My personal stance is very inclined in favor of Bitcoin, and I have invested a conservative amount of Euros in exchange of Bitcoins. Granted, nothing that would too troublesome even considering a 100% loss of value for those Bitcoins.

A lot have been said already about Bitcoin, so I will not go through the routine discussion of pros and cons, but merely make some observations.

### Bitcoin vs Credit Cards and Classical Banking, the long term value

A good deal of interest in Bitcoin is strictly speculative: people go for Bitcoin thinking they have a good chance of cashing out. Yet, when it comes to evaluate the value of venture of any kind, I am a strong believer of the Guy Kawasaki credo: does it make sense? Is the world a better place with Bitcoin than without? Indeed, making a speculative profit is not enough, Bitcoin has to improve the world in some tangible ways.

Here I believe that Bitcoin addresses a very deep problem: how to pay or receive money without involving either an expensive physical process (meeting and exchanging gold, goods, ...) or an expensive middleman (your bank, your credit card operator, PayPal, ...).

To a web entrepreneur, the current banking system looks like a 19th century legacy setup:

• About 4% (1) of my money gets consumed through system friction.
• It takes days (2) to complete anything that does not go through credit cards.

(1) Indeed, there are many costs that pills up (rough estimates):

• 0.5%, fees of the consumer bank account (explicit or not),
• 1%, fees of the credit card owned by the consumer,
• 2%, merchant fees for any online payment,
• 0.5%, fees of the merchant for its own bank account.

(2) International wire transfers with a bank routing in the middle where a 7 to 10 days delay is pretty much the standard.

And yet, in my experience there is not so much to be done about this friction, at least not if you're just Joe the Plumber or a small business. Marginally lowering those costs through negotiations with the bank is possible if you have leverage (that is to say money) and a lot of patience; but there is so much one side can do because both sides (payer and receiver) are paying fees anyway.

The long-term promise of Bitcoin is to bring down this 4% friction to 0.1% or less, and to reduce payment latency from days to minutes, possibly seconds with a healthy competitive ecosystem of trusted 3rd parties. Indeed, Bitcoin is not natively designed for low latency transactions, but Bitcoin can be complemented by low latency services (backed by Bitcoin) if the need arises.

Anecdotal evidence: When I purchased Bitcoins on MtGox a few days ago, the sole wire transfer from France to UK cost me about 4% (EUR to GPB conversion included), plus the transfer took 8 days, because the receiving bank in the UK had a multi-day downtime of one of their system.

### Weaknesses of Bitcoin

When it comes to assessing the weaknesses of Bitcoin, most people discuss the possibility of breaking the underlying cryptography, or swarming the network with some overwhelming computing power. Yet, Bitcoin has been designed to be natively resilient against this sort of attacks, and very capable people are working hard to make Bitcoin even more resilient. Hence, I am not too worried here: the Bitcoin community is now big enough to make those sort of attacks really complicated.

Anecdotal evidence: I have tried to mine about 0.01 BTC through Deepbit.net and on my GPU enabled laptop it was taking about 30h. Naturally, I gave up before the end of the experiment, as it was pointless to waste further electricity. Bitcoin mining has reached the state of being vastly unprofitable for everyone but the experts, which is good. It means Bitcoin had reached the point of diminishing returns where printing money (aka mining) is only very marginally profitable.

The most critical threat for Bitcoin is something simpler and stronger: a potential fade of interest, which may vastly hinder the tooling ecosystem to mature. Fade of interest would not annihilate Bitcoin, but it would make it stagnant. Then, in the innovation trade, being stagnant is the closest thing to being dead.

For the short term (next few months), my No1 concern is that a tiny few individuals such as the enigmatic Satoshi Nakamoto may possess +100k BTC (or this guy with 370k BTC). And no, the problem is not that the system is unfair - being unfair does not hinder economical success, quite the opposite actually. The problem is that each one of those individuals has the power to disrupt the emerging usage of Bitcoin. As a matter of fact, the first Bitcoin market crash was not the result of a weakness within the protocol, but the result of a not-fully-secured wallet within a trading system. A lot of early adopters are moving around with thousands of BTC, and each one of those, willingly or not, may disrupt the Bitcoin trading by simply getting their wallet stolen. A similar analysis goes for all the emerging companies supporting the Bitcoin economy that are really lacking the expertise needed to operate properly (ex: the now infamous MyBitcoin.com downtime fiasco). Those bumps are not for the faint hearted, and are likely to slow down the Bitcoin adoption. As time goes, this sort of problem will fade through survival of the fittest, but a couple of Bitcoin crashes should be expected.

For the mid-term (6 months ahead to 2 years), the most difficult operation will be to transition the Bitcoin community from mining stage to trading stage, then repeat the process again from trading stage to end-user stage (see below, for the detail of the phases) - and do those transitions without loosing commitment and enthusiasm of the people who contribute the most to the Bitcoin community. Basically, as long there are smart people enthusiastic about Bitcoin, Bitcoin will keep growing; but the attention sharing economy is a harsh mistress, and the community interest might jump to the next revolutionary idea just as well. See the law of conservation of hype as a practical illustration. Bitcoin has successfully attracted a horde of miners. Now this horde needs to involve into the next stage, as mining earnings are marginalized.

For the long term (2 years), assuming Bitcoin interest has not faded already, direct Government interventions - for whatever reasons (*) - may kill the community. Outlawing Bitcoin would be hard to enforce to its fullest extent, at least if Internet still exists, but flagship companies supporting Bitcoin are easy targets. It would also be easy to spot any company publicly accepting Bitcoin as payment method. Again, the problem is not Bitcoin annihilation - which seems a remote possibility - but rather Bitcoin undergoing a fade of interest if its community has to go underground.

(*) Until 1996, all encryption methods were banned in France, classified a warfare materials. As a result, encryption usage was close to inexistent despite obvious benefits.

### Assessing a global value for Bitcoin

Many people looking at Bitcoin make the naïve assumption that BTC mined X USD per BTC gives any reasonable assumption of the overall market value of Bitcoin. This approach is misleading. First, we don't know for sure how many BTC have been lost already. Super early users were not really treating BTC as a real currency, and it took more than 2 years for Bitcoin to take off. I suspect that many early casual miners have not properly preserved their wallet. This could account for 1M or 2M BTC being lost already (warning: this number is vastly unverifiable).

Second, those who've read Making Money  - which I strongly recommend - know that the real long-term backing of any currency is the people behind it, possibly as unwilling taxpayers (but I am digressing). Granted, Bitcoin has no magical Golems backing the protocol, but they have about the next best thing: a enthusiastic, dispersed and growing community of geeks working hard to make of Bitcoin a success.

If Bitcoin gets adopted by a sufficiently large amount of people, then it will start getting the interest of retail folks. There are already a few eCommerce out there supporting Bitcoin, but it's still very niche. The design of Bitcoin offers unprecedented opportunities to support micropayments that were simply not tractable with classical systems. Indeed, anything below $20 is considered as a micropayment by Visa, and there is no widespread electronic solution out there for payments below$1. In comparison, Bitcoin would easily scale down to $0.01 payments (or rather the equivalent amount in BTC) with only a marginal friction. Yet, in order to grab those opportunities, it will take some serious Bitcoin-powered merchant systems, as complete automation is required. Offering to any (non-geek) merchant all the tools he/she needs to receive and process Bitcoin payments is the v3.0 milestone. #### Bitcoin v4.0 - Enterprise tools No matter the success of Bitcoin, large companies will probably be among the latest entrants in the Bitcoin economy. In order to make Bitcoin useable in corporate environments, it will require a lot of support from the software industry. For example, there is nothing yet in the Bitcoin software ecosystem that would enable an enterprise to grant rights to people to operate within spending quota, possibly requesting multiple approvals if a spending goes over a certain threshold. Naturally, the same Bitcoin system would also need to be seamlessly integrated into the primary accounting system in order not to drive nut both accountants and auditors. Getting Bitcoin corporate-proof is the v4.0 milestone. ### So what next? Bitcoin is still in the middle of trading stage but, for those who are inclined in giving Bitcoin a chance to establish a very low-friction currency system, the most simple contribution is not to purchase Bitcoins, but simply to start accepting Bitcoin, which is exactly what my company, Lokad.com, started doing. ### References (1) References allow you to track sources for this article, as well as articles that were written in response to this article. • Seit ich meinen Eintrag zu Bitcoins verfasst habe sind wieder einige Merkwürdigkeiten im Zusammenhang mit dieser Form des elektronischen Geldes passiert. Die bis zum Zeitpunkt des Vorfalls drittgrößte Bitcoin-Börse (bitomat.pl) hat aufgrund eines bedau... ### Reader Comments (11) Very thoughtful analysis but it is based on the assumption that Bitcoins are still in a starting-up phase but according to mrbitcoin.com Bitcoins have been around for centuries and we just didn't know about it. Maybe the point is well taken and we should lighten up a bit. Bitcoins are here to stay my brother - one way or another. August 4, 2011 | Craken I have to wonder if the author of this analysis read anything about bitcoin beyond the propaganda fountain at bitcointalk.org. For example: "The design of Bitcoin offers unprecedented opportunities to support micropayments that were simply not tractable with classical systems." While it is true that the bitheads push the micropayment angle, the sad reality is that the present bitcoin client is heavily weighted against micropayments. Further, this state is almost certainly going to persist for as long as bitcoin does. Why? Micropayments, especially large volumes of them -- which is the whole point, no? -- are indistinguishable from a denial-of-service attacks against the network. Then we have this claim: "I believe that Bitcoin has reached a point where brute-force attacks are unlikely to succeed, even if botnets are put to the task." It can't be emphasized more strongly, so I'm going to yell this one out in bold italic: THE PRESENTLY DEPLOYED BITCOIN PROCESSING NETWORK IS WOEFULLY FEEBLE COMPARED TO EVEN A MODESTLY FUNDED ADVERSARY. Given an existential threat, or even just on a complete lark, banks or government can throw machinery at bitcoin that will make all the basement gamers that run the bulk of the present network beg for mercy. 100 TH/s would be petty cash, and, properly deployed, would bring the network to a virtual standstill. (The adversary would simply hash transaction-less blocks -- and shred the 50 BTC "reward" for good measure.) More amusing games would be to run until the difficulty goes to 100 million ... and then stop for a while. Ominously, this latter scenario has been demonstrated recently with namecoin. Their production network is, at this writing, suffering because a large number of bitheads "attacked" namecoin a few weeks ago to profit from an arbitrage between BTC and NMC, and then left en-masse when the arbitrage disappeared (the namecoin difficulty increased too much). Namecoin is now struggling to complete a sequence of 2000 blocks; what should take about 2 weeks is now projected to take at least 10 more. There is precious little that can be done about this. The developers can put in more policies about what kind of blocks are valid, difficulty change schedules, and such, but it can all be worked around with great ease. The basic problem is that using raw processing power is extremely unwise, since, no matter how much of it you have, you will never have enough of it. www.links.org has some more to say on this particular point. Finally, the analysis on "end user tools", "merchant tools" and such are ignoring the elephant in the room: because bitcoin is essentially a cash transaction, the question arises as to who on Earth is going to trust an online merchant with an irrevocable cash transaction? The bitheads babble about "escrow" and such, but these escrow people are going to want a piece of the action. In order to "make the consumer whole" from a deal gone bad, these escrow services will have to charge fees that will likely equal present-day credit cards. Yeah, sure, credit cards may well be evil incarnate, but if the replacement payment system ends up being the same, whatever is the point? August 5, 2011 | noone A very good article, not like the other 101 reposts of Bitcoin FAQ. :) Emphasizes the points that currently Bitcoin needs secure exchanges and user tools - preferably secure native apps on their smartphones, rather than online escrow sites that can be taken offline or seized. But I also strongly agree with the previous long comment that outlines all the weaknesses of Bitcoin: 1) Currently trading bitcoins involves at least one or two bank wire transfers, because you have to buy/cash-out using fiat currencies, which actually increases the friction in real world dealing with them; 2) If you require transactions that are not irreversible, third-party escrow service brings us back to starting point of VISA/Mastercard/PayPal; 3) If someone would REALLY want to attack the bitcoin network, they COULD, it's just a matter of money: currently the ~15TH/s network strength equals to rigs of total capacity of ~30-50k video cards plus motherboards, etc.. If you can buy 1GH/s rig for around 1000$, you only need 10-30M $to overwhelm the network at this stage, which is pocket money for any decent government, drug cartel, oil company, etc.. It's just a motivational problem. I think NSA could quite easily develop their custom SHA hashing chips that could drive up the total hashrate up to 1PH/s if they felt the need.. Currently it is just WAY more price-efficient to hire hackers that write trojans, hack exchanges and escrow sites than to build massive data-centres. But hey, for me Bitcoin is more of an experiment to see what must be changed in order to create even more resilient currency. August 5, 2011 | watcher Great article. In response to commenter 'noone': "Micropayments, especially large volumes of them -- which is the whole point, no? -- are indistinguishable from a denial-of-service attacks against the network." This is profoundly inaccurate. Transaction fees of 1 cent are enough to make any dos attack prohibitively expensive and still extremely cheap for a normal user. " Given an existential threat, or even just on a complete lark, banks or government can throw machinery at bitcoin that will make all the basement gamers that run the bulk of the present network beg for mercy." This could not be done without the bitcoin community becoming aware of it. The global supply of the type of graphics cards good at mining is low, and it would take months for such an attacker to acquire the gpus needed to gain 50% of hashing power, during which time the bitcoin community would have time to react. "The basic problem is that using raw processing power is extremely unwise, since, no matter how much of it you have, you will never have enough of it. " I disagree. Any defense can be overwhelmed. This at least can be automated to a large degree. August 5, 2011 | Amin @Amin: "This is profoundly inaccurate. Transaction fees of 1 cent are enough to make any dos attack prohibitively expensive and still extremely cheap for a normal user." Can you stick to the point? We are talking about micropayments. Why pay 10 or 100x as much in a transaction fee under such circumstances? This kind of minimum charge is precisely why credit cards are useless as micropayment mechanisms. @Amin: "The global supply of the type of graphics cards good at mining is low, and it would take months for such an attacker to acquire the gpus needed to gain 50% of hashing power, during which time the bitcoin community would have time to react. " You are naive: the machinery the adversary will deploy will most definitely not be stupidly inefficient GPU's. @Amin: "I disagree. Any defense can be overwhelmed. This at least can be automated to a large degree." The processing power is not a defense: it is a fundamental weakness, a critical design flaw that will be used against the network if other means prove ineffective. There are vastly more efficient ways to secure the network in a way that do not expose it to this particular kind of attack. Again, please read and understand the content at www.links.org, and invest accordingly. August 5, 2011 | noone "@Amin: "This is profoundly inaccurate. Transaction fees of 1 cent are enough to make any dos attack prohibitively expensive and still extremely cheap for a normal user." "Can you stick to the point? We are talking about micropayments." I define a sub-10 cent transaction as a micropayment. A one cent transaction fee, which is two times higher than the current transaction fee and likely higher than what's required to prevent dos attacks, is orders of magnitude less than the fees charged by paypal or credit cards. You're greatly glossing over this advantage of bitcoin. "@Amin: "The global supply of the type of graphics cards good at mining is low, and it would take months for such an attacker to acquire the gpus needed to gain 50% of hashing power, during which time the bitcoin community would have time to react. " "You are naive: the machinery the adversary will deploy will most definitely not be stupidly inefficient GPU's." The suppy of FPGAs is also limited, and I would guess far more limited than a mass-produced consumer good like GPUs. An ASIC would require months to design and start manufacturing, and probably months more to produce enough to gain 50% of current network power. By then there could already be many legitimate bitcoin miners using ASIC chips to mine, as there is indication that investors have already started funding production of them. " There are vastly more efficient ways to secure the network in a way that do not expose it to this particular kind of attack. Again, please read and understand the content at www.links.org, and invest accordingly." I've read the content at links.org, disagree with it, and written a rebuttal to it. August 6, 2011 | Amin @Amin: "I define a sub-10 cent transaction as a micropayment." Should I care about your definitions? "A one cent transaction fee, which is two times higher than the current transaction fee and likely higher than what's required to prevent dos attacks, is orders of magnitude less than the fees charged by paypal or credit cards." You really have NO CLUE about what a dos is. A one cent transaction fee moots 0.01, 0.02 or hell, even 0.10 payments -- the relative cost is way too high. So, if tens of thousands of honest people try and give 0.001 to some guy with a nice YouTube video, your precious bitcoin network will consider it a DDOS. Worse, even if it does not, the network will receive as much, or more, money than the content creator in this case. Why is this tolerable? (Hint: rhetorical question) "You're greatly glossing over this advantage of bitcoin." What advantages are there again? So far each one claimed does not stand up to careful scrutiny. All you are doing here is just what Nakamoto does in his paper: proof by assertion. "Everyone is going to be honest! Trust me!" "The suppy of FPGAs is also limited, and I would guess far more limited than a mass-produced consumer good like GPUs. An ASIC would require months to design and start manufacturing, and probably months more to produce enough to gain 50% of current network power. By then there could already be many legitimate bitcoin miners using ASIC chips to mine, as there is indication that investors have already started funding production of them." Again, your naivete is showing. As noted above, the total investment in the current bitcoin network is on the order of$10 million.

Basically, a few thousand people have maxed their credit cards to put some stress on their electric bills.

If you are seriously suggesting that these people are going, en-masse, to purchase custom silicon you are not thinking this through. Furthermore, your attacker will have 10 to 100x the money that can be fielded by the basement gamers. Ergo, it does not matter a whit what the computational substrate is: you, and the rest, will lose this fight.

This is why depending on computer power is a huge design flaw in bitcoin. One way or another, either the amount or distribution of it will be the downfall of bitcoin.

"I've read the content at links.org, disagree with it, and written a rebuttal to it."

I hope it shows more clarity and consideration than you have demonstrated here...

August 8, 2011 | noone

Frankly, noone, the analysis at links.org is just worthless. Bitcoin is still early stage with tons of pending issues, but links.org is just barking at the wrong tree.

August 10, 2011 | Joannes Vermorel

@Joannes Vermorel: "Frankly, noone, the analysis at links.org is just worthless."

Then you have not read them. A brief summary:

That bitcoin is ultimately grounded in processing power is beyond question -- even Nakamoto admits this. That bitcoin's designers and developers are aware of this problem is also beyond any cogent dispute -- read the source! They are "locking in" the precious block-chain right into the client. Why? To prevent another, faster, network from recomputing a longer chain from scratch. A chain that does not include any of the coin in the current chain. (For heavens sake, think! Since most of the coin is owned by the developers, they perceive this risk much more than almost anyone else, and so it is natural they will take whatever advantage their unique position offers to minimize their bit.risk).

Despite this, however, it can not prevent future destruction by a more powerful network. As noted above, an adversary can slow the transaction processing rate, and engage in many other forms of disruption. Fiat currencies look pretty damn good in comparison to this...

The argument at www.links.org is that:

(a) in order for bitcoin or similar to remain viable as a system (end-to-end), it must, for all time, possess at least 50% of all processing power on the planet. I'd only say that it must have way, way more than 50% though. See above for why.

(b) Even if (a) was false (which it is not), the current bitcoin processing network is fantastically, stupidly inefficient from both a power and protocol perspective. Exactly the same job can be done without the "burn".

Do you have any rational response to these arguments? Until then, you aren't doing better then the typical Nakamoto-esque proof by assertion.

August 10, 2011 | noone

Reading the post and the responses have been very interesting I admit, as I've never heard of Bitcoins so far. I even ended up installing the client and spending some time to start mining, just to see how it worked (nothing visible is happening so far, so it might have ended up in a while(true) LOL).

At any rate, the perception problem with this kind of decentralized approach is itself in my opinion. I think that most people who use credit cards, most importantly online, do so because they have the reasonable guarantee that, if some fraudulent transaction is performed (e.g. their CC number was stolen), the CC circuit would most probably rollback it. They feel CC as safe, precisely because there is a single entity they trust, large enough to be considered "indestructible". This is the very point where, in my opinion, a decentralized system fails. Also, like "noone" pointed out, it would take VISA exactly no time or money to prove *today* that the network is somewhat unreliable - or make it perceive as so. A DoS attack of micro-transactions would be enough from what I've read (but I'm no expert). This is no worse than CC circuits probable (it could also be better), but I wouldn't trust the system myself, and I perfectly understand what hashes and public key cryptography are. The point is, I *want* a central entity that is subject to laws and regulations and to which I can appeal in case of problems. Not having it is... scaring. What if something goes wrong? If there is some flaw in the system? Who is held responsible?

Most importantly, however, is the very concept behind the "digital wallet".
If users are supposed to store it locally, then good luck. People are losing important, even vital data all the time. Backups have become a no-brainer, still people don't do them. And even when they do have a backup plan, there are a number of things that can go wrong. I wouldn't ACTUAL MONEY on my very own PC - and I'm paranoid about security and backups - let alone the fact that I use 3 main PCs all the time. If users are supposed to use a 3rd-party online service, then it will surely cost money, so we're off to PayPal (which is free to individuals, BTW). The practical cost of managing a distributed network would not be much different than that of CCs or PayPal (here is an interesting view on security http://msdn.microsoft.com/en-us/magazine/hh288087.aspx ).

There are also a number of financial issues that must be taken into account. First of all, accepting Bitcoins is easy (well, not exactly if you're a merchant and must process many transactions), but keeping track of them in accounting and bookkeeping is going to be a problem as there is no official exchange rate. This kind of virtual currency is also a bit frightening per se. I mean, not having an actual government taking care of it leaves a lot of possibilities open (both good and bad). I'm not an expert in finance either (nor I want to be :), but the fact that you can buy bread at the shop round the corner with Euros makes Euros implicitly a robust currency. It might lose power against other currencies, or be subject to tremendous inflation, but it still remains somewhat linked to actual, Country- or even continent-wide economies. Bitcoins are nothing like that so far...

All of that said, unless I did not understand the process (which might as well be), to generate Bitcoins we're consuming CPU power and thus ENERGY!!! We're burning oil for nothing more than moving bits around and inventing a new currency! That does not make any sense to me, most importantly because, in the end, Bitcoins will be converted back to USD/EUR/whatever.

August 12, 2011 | Dario Solera

Hi Dario, yes, you're pinpointing many important points. I will try to address them in a future post.

August 13, 2011 | Joannes Vermorel