Could COVID-19 turn America into a cashless society?
Cashless or less cash? Somo's President of the Americas, Jack Reinelt, explores the pros and cons surrounding the cashless debate.Read more
For some years now, Blockchain has been a name to conjure with. Its original home is fintech, with the first and original use of the technology being Bitcoin, beloved of technophiles, crypto investors and buyers of illicit goods alike; the concept rapidly gained traction as, seemingly, a magical combination of a new security system and a money pump. For a period, tech companies, and then a wide variety of others, would include Blockchain in their strategic visions, culminating in The Long Island Iced Tea corporation renaming itself Long Blockchain and experiencing a prompt tripling of its stock price.
This apparently boundless enthusiasm for Blockchain, or at least its name, is because of what if offers: a publicly visible, decentralised way to verify the integrity of a set of records that doesn’t rely on any one individual or organisation to guarantee it. In a world where trusted organisations aren’t always trustworthy, and where concerns about the corruptibility of power are more salient than ever, this truly is a worthy goal.
Being the kind of person I am, I wondered how it worked. What I discovered at first fascinated, then alarmed me. While the aim of Blockchain is excellent, and the method truly ingenious, I believe the existing techniques for generating and maintaining one have flaws that cannot be repaired, because they are fundamental to how Blockchain works.
So just what is a Blockchain? Why are people excited by it? And does it live up to its promise?
Let’s take a step back, first, and think about how we verify documents in the real world. Contracts are a great example of a document that has real power in the world and requires verification. They are typically signed before witnesses; each page of the contract is also commonly initialled.
The reasoning for this is simple: a witnessed signature is very unlikely to be fake. It’s hard for anyone to produce anyone else’s signature, and a witness can verify that the person who wrote the signature did so in a normal amount of time, without copying a reference example or using a stencil. The initials on the pages mean if a page is added or replaced, the initials will be absent, and so give us some confidence that, when the contract is produced later, it’s the same one the parties who signed it agreed to.
Digital signing works in a very similar way. Firstly, the document is hashed, which is a way of distilling a document to a random-seeming number, that nevertheless depends closely on every part of the original document. A new comma on the input document will produce a completely different hash. Producing two documents that create the same hash is so difficult as to be almost impossible (and producing two intelligible documents that create the same hash is even harder); for this reason, if you can trust the hash, you can trust the document.
The hash is then encrypted using a clever method. In essence, this method allows you to lock something with one key, and unlock it with a completely different, but related key. One key, the private key, is only ever used by one person, in this case, the person signing the document; the other, the public key, is freely available. A hash encrypted with one person’s private key can be unlocked with their public key; the hash can be matched with the document. This essentially guarantees that the document we have is the same one that the private key owner meant us to see.
However, a signature can be forged; a witness can be bribed; a private key can be stolen. And what if, even without these things happening, you don’t trust the person who signed the document?
Blockchain attempts to do away with this by replacing the signature—evidence that one person attests to the integrity of a document—with a kind of collective guarantee, where an entire network of people all attest to the integrity of a document. No single person needs to act as an authority; instead, a whole community act as an authority.
Because it’s no longer necessary to trust in the integrity of an authority, this is sometimes known as “zero trust”, though in fact, implicitly, we replace trust in an individual with trust in a crowd of individuals. That idea—trust in a community—is going to be important later.
One way this could happen is if everyone in the community digitally signed documents in the way we’ve described above. A collection of signatures would all guarantee the integrity of a document, so even if one private key were stolen, we’d still have all the others. However, it’s very easy to make a private/public key pair. How can I guarantee that any of these signatures are from real people? One moustachioed villain could easily create thousands of keys and sign a fake document. We still rely on trust.
Blockchain solves this by moving things around a little. Instead of using keys, everyone in the community of users competes to solve a difficult puzzle whose solution is extremely easy to verify. This puzzle is to find a hash. Now, as we said earlier, these are usually random-looking and change dramatically with a very small change in input. This means that, by adding a small piece of information to the beginning of the document and changing that, we can produce a huge variety of hashes. However, whereas hashes usually look random, here we specifically seek ones that do not: we seek only hashes that begin with a long string of zeroes.
There are two benefits to this: hashes beginning with lots of zeroes are extremely easy to verify—you don’t need even a public key—but also extremely hard to find, and therefore hard to fake. This is how Blockchain allows us to trust a community: we assume that the majority of the community want Blockchain to work. These people will all be seeking hashes of this type; as time goes on, the quality of hashes (the number of zeroes at the beginning) improves. A moustachioed villain would have to work harder than all these other people together to produce a similar hash on a fake document.
Of course, the assumption that the majority of the community want Blockchain to work is a pretty big one. Blockchain addresses this by paying them in the cryptocurrency guaranteed by the Blockchain method. This gives everyone involved a financial interest in keeping the system afloat.
Each part of the solution thus rests on the other parts, like the trick where a glass of water is balanced on three interleaved knives. Remove one part and the whole thing comes crashing down.
And that’s the problem. Blockchain has several flaws, but each flaw is a necessary part of how the system works.
When explaining Bitcoin to friends, sometimes they have asked me: where’s the coin? Every Bitcoin consists of nothing more than a transaction history; where is the actual thing being transacted?
This turns out to be a question worth asking of money in general. Paper money, for example, is no more intrinsically valuable than the paper that wraps your chips—in fact, since currency paper tends to be made highly impermeable (since it must have a very long life and may need to survive a laundry cycle or two) it is actually pretty useless as chip-wrapping.
Money’s value is, rather, guaranteed by the idea that we can exchange it for something else with concrete value, such as chips. As such, Bitcoin does not need to have “something inside”: if people treat the transaction history itself as having value, then it’s no different to treating paper money as having value.
Of course, most paper currencies are backed by a national government; everyone in that nation will accept this currency in exchange for pretty much anything that’s for sale. In this case, the currency’s value becomes a proxy for the perceived health of the country’s economy, deriving value from the purchasable wealth of that country.
Smaller countries, with smaller economies, sometimes index-link their currency to a larger economy; for example, since 1975, the Bajan dollar has half the value of a US dollar. This makes sense, since the economy of Barbados, being much smaller, could be buffeted by global economic forces in a way the US economy is far less likely to be.
Bitcoin, by contrast, explicitly avoids any connection to any nation or government. Unshielded by the intrinsic value of a large economy or any kind of regulation, cryptocurrency is astonishingly volatile.
Now this is a huge problem for numerous reasons. The first is that cryptocurrency’s instability, and its lack of any regulation, mean it is extremely vulnerable to manipulations. When people try to mess with the LIBOR rate, they can be sent to prison, but cryptocurrency has no such protections. “Pump and dump” schemes, where a coin has its value first inflated, then rapidly deflated by coordinated activity, are practised openly, allowing short sellers in the know to make money from the coin’s collapse. These would be illegal for any real currency.
This is bad for investors, but there’s a bigger problem. As you’ll recall, Blockchain’s security is underpinned by paying people in the cryptocurrency for their work to maintain its integrity; the assumption is that people will not work against their own economic interest. But a short seller wants the currency to collapse. Their economic interest is directly opposed to other coin-holders’.
In The Hitch-Hiker’s Guide To The Galaxy, among other strange, yet strangely familiar alien civilizations, we are introduced to the Golgafrincham people. One third of them are great thinkers and visionaries; one third are makers and builders; the remaining third … are totally useless, and find themselves unwittingly cast adrift on a spacecraft set to collide with our own planet, two million years before the present day.
Having, very improbably, survived this collision, they set about remaking life and its institutions in the image of the society they have left. They decide to use leaves for money. Unfortunately, this means there is far more money than there is anything to buy; to solve this problem, they embark on a program of massive deforestation, and burn down all the forests.
Now proof of work uses a lot of electricity. The calculations built into Blockchain are, by design, difficult—this is the reason we trust them—and hence they are power-hungry. They cannot be made more efficient without damaging the security of the system. Furthermore, they have to be continued forever! Unless the chain is constantly lengthened, an attacker can catch up and break the chain’s integrity.
Douglas Adams, a keen environmentalist, clearly intended Golgafrincham’s profligacy with trees as a comic metaphor for humanity’s capacity for destructive greed. I do not think he would be very amused to discover that, by creating a currency whose value depends on an unending expenditure of power, we are essentially burning forests to increase the value of leaves.
In June of this year, a study found that Bitcoin has the same carbon footprint as Las Vegas. This brings us neatly to the second issue with Blockchain: its guarantees are probabilistic and based on the assumption that humans behave rationally with money. Las Vegas is a wonderful counterexample to both notions.
Let’s take the probability issue first. In the abstract of the original Bitcoin paper is a huge caveat:
As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they'll generate the longest chain and outpace attackers.
The system’s security is underpinned by the idea that most people are trying to make it work. An attack where a majority of computing power aims to attack the network, called a 51% attack, actually happened in May 2018. These attacks are rare and very hard to stage, but they are not impossible.
What about the issue of rationality? Well, again, it’s supposed to be more expensive to break a chain than to benefit from it. One could make more money within the system than without it. Plenty of people have, nevertheless, acted destructively in ways that either did not benefit them, or in some cases, caused them enormous harm. In the early days of computer viruses, there was often no payoff for success, but there were still lots of them around.
However, a completely rational actor could still benefit from breaking a chain because of another assumption implicit in Bitcoin. This one is very sneaky, and interestingly, Bitcoin and cryptocurrencies generally provide some of the strongest counterarguments for it available today.
Michael Lewis’s superb book The Big Short describes the origins of the 2008 global financial crisis, but also a few far-sighted investors who saw it coming and made an enormous amount of money from it. Their story is complex and oddly poignant, and I will not retell it here, but a critical concept—indeed, the concept of the book’s title—is that it is possible to profit from something losing value by “shorting” it.
Shorting, in essence, is this: you sell something you don’t yet own at a certain price. You then hope that the price of the thing drops; if so, you buy it at the lower price and pass it on to your buyer, pocketing the difference. Effectively, you are betting that the price of the thing will drop. Your buyer is probably betting that it will rise, and hence hoping that, by paying the price now rather than later, they can save some money.
If you happen to know a secret about the thing you’re selling, of course, you can make money this way from people who don’t. This is called insider trading, and is mostly illegal.
Cryptocurrencies are not regulated very heavily at this point in history. A specific type of scheme, called a pump and dump, has evolved to take advantage of this. Essentially, a cartel of investors conspire to inflate the currency price by coordinating to buy a lot of them; they wait for other speculators to join in as the price rises. When the price is high, they take a short position on the coin, as described above. They then dump their holdings of coins, the price drops, and they profit from their short position. Last Week Tonight with John Oliver had a fascinating piece on this which explains the phenomenon very well.
This is not an intrinsic problem to cryptocurrencies (although it does illustrate the problems with the kind of economic libertarianism frequently espoused by cryptocurrency fans). The intrinsic problem is that, if profiting from a currency’s partial collapse can be so lucrative, profiting from its total collapse can be more lucrative still—and this is, indeed, an incentive to break blockchain.
Both 51% attacks and pump and dumps are seen by some as harbingers of a currency’s collapse. Whether these things are causes or effects, nevertheless, a blockchain is not eternal and unchanging: it can very easily be destroyed, or simply decay to uselessness. As a means of securing either money or information, this is an alarming prospect.
There is one final attack vector that I’ve never heard anyone mention, and frankly it astonishes me that this is the case.
Bitcoin and cryptocurrencies generally are founded on the idea of zero trust: that is, they are designed so that you don’t need to trust anyone. The underlying mathematics and its instantiation as software are designed to be unbeatable by any individual bad actor (though, as I’ve been arguing, this premise is flawed).
But who made Bitcoin?
Bitcoin is open-source software. This means anyone can contribute to it. It is maintained at this webpage and in theory, you can go there right now and change Bitcoin.
In practice, of course, like any well-maintained open-source software project, you can’t just slip new code in there: someone will review it. The page mentions that there are no “core developers” (very much in keeping with Bitcoin’s philosophy) but there are “core maintainers”.
Now, the principle of open-source software is that, because you can see what’s in it, you can evaluate how safe it is for yourself. A lively community of developers will assure the kind of group trust that Bitcoin relies on: as long as most people are well-intentioned, malicious code will be detected and changed pretty quickly.
But could malicious code be introduced briefly in a way that might not be noticed by a code reviewer, but that would allow a bad actor to steal Bitcoin while the vulnerability exists? Ultimately, by using the software, you are trusting that the people who made it and maintain it—who, I am certain, are all excellent programmers and diligent reviewers and take this responsibility seriously, but are nevertheless fallible humans. If you evaluate the code before using it (if!) then you’re trusting your own full understanding of it.
As has been shown time and again, even mature code that has been seen by thousands of eyes in its lifetime can have problems. Heartbleed, the vulnerability in OpenSSL discovered in 2014, existed for almost two and a half years before its discovery and rapid patching. Nobody doubts the bona fides and credentials of the programmers involved; OpenSSL is a very serious security project, and is trusted by billions of users. Despite this, someone slipped. It happens.
This final objection is slightly unfair. Bitcoin, in this respect, is no worse than any other software project, but my point is, on this level, it’s no better, either. OpenSSL has the same potential to be attacked by malicious actors—probably with an even greater payoff—and care and diligence has kept it safe from malice, if not from error. However, I do think “zero trust”, if only for this reason, is a pipedream.
Blockchain is a brilliant idea with irredeemable flaws that never quite seems to live up to its promise. As long as it’s making people money, this is easy to ignore; but even there, the promise is often greater than the reality. Long Blockchain’s stock price may have tripled when they changed the name, but in 2018 they were delisted by NASDAQ and they are now under investigation by the SEC.
The genuine appeal is nevertheless clear. In a world where security breaches are increasingly an inevitable fact of life, a system with such strong potential to secure our information has massive value. In a conventional system, compromising a single computer can do immense damage. In Blockchain, it is necessary to compromise the majority of computers using the system to do the same damage. Despite my misgivings, this is a real improvement on the status quo in this sense.
The problem I have with Blockchain is that it only works because it is expensive and wasteful. Let me repeat that: the power consumption is the reason why Blockchain can claim to be secure. I’ve heard multiple suggestions to improve its efficiency, from quantum computing to low-power processors such as are used in mobile devices. These miss the point: if we restrict the power that Blockchain uses, we materially damage the one guarantee of security it has — that it is very, very expensive for an attacker to break it.
As we have seen, the economic motivation to keep a Blockchain secure assumes that the currency has value. Break that assumption, and users will fall away. As soon as users fall away, your cherished data will leak.
Finally, it relies too strongly on the idea that humans act rationally. Briefly, they don’t. I want to mention one last proof of that: Dogecoin. Dogecoin was created as a joke. It is now one of the most successful cryptocurrencies. I am firmly convinced that this is only because it is cute.
Blockchain is not my favourite technology.