HC3 Innovation Solutions & Tillit Inc., Page 1 of 28

The Bitcoin and The Blockchain

Introduction

Who We Are

Tillit:

State of Digital Stored Value

History of Digital Stored Value

DSV Implementations

Fundamentals of Math-Based Money

The Byzantine Generals Problem

Satoshi’s solution:

But Why Trust the Algorithm? What is the Math that Underlies It?

Why Do Miners Participate?

Open-Source Code: What Does It Mean?

User Mechanics:

Technical Caveats:

Other Mechanisms for Securing a Ledger

Proof of Stake

Foundations of the bitcoin

Hashcash

Bitgold

Centralized Networks

Privately Administered Centralized Networks

Semi-Decentralized Network: Ripple

Decentralized Networks

Currency Uses of DSV

Non-Reversibility

Transaction Fees

Micropayments

Off-Blockhain Transactions

Trading and Payment Networks

Electronic Real Time Trading Exchanges

Fixed Rate Exchanges

Over-the-Counter

Local Exchange

The Other 6 Billion…

Emerging Market Governments and Bitcoin: Friend or Foe?

Non Currency Uses of Decentralized Trustless Ledgers

Colored Coins

Smart Contracts/Property

DSV Ecosystem Gaps

HC3 Innovation Solutions & Tillit Inc., Page 2 of 28

“As Mark Twain's character Pudd'nhead Wilson once opined, if you put all your eggs in one

basket, you better watch that basket.”- Ben Bernanke

(http://www.federalreserve.gov/newsevents/speech/bernanke20110404a.htm)

Exchange Risks:

Risk Mitigation

Multisignature m(n) transactions:

Cold Storage and Insurance:

Auditing:

Identity and Anonymity

Anonymity vs Pseudonymity

Pseudonymity and Personal Identity

Policy Concerns with Strong Anonymity

Strong Identity

Identification

Legal Landscape

Key events

General Worldwide Legal Viewpoints

United States

FinCEN

SEC

CFTC

IRS

Emerging Legal issues

Uniform Commercial Code Issues

Summary

Acknowledgements

Appendix: Terms and Terminology

HC3 Innovation Solutions & Tillit Inc., Page 3 of 28

Introduction

What is Bitcoin? Depending on whom you ask Bitcoin is either an asset, a commodity, a new

form of electronic money, or a worthless electronic bit. Some analogize the eventual impact of

Bitcoin on global finance to the impact the internet has had on media; while others dismiss it

entirely as a mania that will collapse spectacularly. Whatever Bitcoin is and whatever the

eventual impact, the dialogue surrounding it has heated up, especially among financial

institutions and pundits.

The purpose of this paper is to explain what Bitcoin is, where it came from, what it can be, what

similar technologies exist, how they might disrupt or enhance the existing financial

infrastructure, and the legal, regulatory, and accounting issues that must be taken into

consideration. While this paper is geared towards the financial community, we hope readers

from multiple backgrounds will find it helpful. We intend to provide a solid foundation for

understanding the subject matter but encourage the reader to seek out the myriad fantastic

literature related to the various subsets touched on in this paper.

HC3 Innovation Solutions & Tillit Inc., Page 4 of 28

Who We Are

Tillit (http://www.tillitinc.com/):

Tillit is developing a platform and ecosystem of toolsets enabling, normalizing and empowering

decentralized ledgers for use in business transactions of all sizes. Tillit’s offerings are expected

to include contextual APIs supporting a wide ledger set and exposing powerful systems of trust

to application developers.

Zachary Smith founded MerchantPlus in 2003, responsible for product strategy and innovation.

Zac is focused on helping customers capitalize on the latest payment capabilities by innovating

the MerchantPlus platform.

Zac was previously a partner in Voxel, a NY-based cloud hosting provider with a focus on

infrastructure automation. As COO, Zac ran the global operations team and was instrumental in

the 2011 sale of the company to Internap (NASDAQ:INAP) for 35MM.

Miles Cowen is CEO of Tillit which implements Blockchain-based decentralized trust solutions.

Previously Miles was a corporate attorney with Dentons and a Juilliard-trained classical

musician where he first met Zachary.

HC3 Innovation Solutions (www.hc3innovation.com)

HC3 Innovation Solutions provides Business Development (sourcing, exploration, structuring,

negotiation, and execution), Strategic Consulting, and Investor Communications (liaise between

current and prospective investors and management) solutions to a range of clients from

agriculture to global sourcing to drone technology. With respect to Blockchain technologies,

HC3 acts as a bridge between traditional asset management/financial services and the

emerging Blockchain-based technologies set to hasten the evolution of many industries.

Hudson Cashdan, CFA, CEO of HC3 Innovation Solutions. Hudson has over 10 years’

experience in buy-side investment management. From 2004-2010 he was an analyst and

portfolio manager with ReachCapital Management, an international equity Hedge Fund based in

Westchester, NY. From 2010-2013 he worked as a partner at Glenwood Capital, a merchant

bank specializing in middle-market private equity transactions. Email:

hudson@hc3innovation.com

While we believe our combined expertise to be fairly thorough, we fully expect a few oversights

and perhaps even a factual error. Hopefully you’ll find this a useful reference and welcome

constructive feedback. Enjoy.

HC3 Innovation Solutions & Tillit Inc., Page 5 of 28

State of Digital Stored Value

History of Digital Stored Value

Today’s Digital Stored Value (DSV) conversation is dominated by currency-specific electronic

money1 applications, specifically popular centralized systems such as PayPal, m-Pesa2 or even

Linden Dollars3, cryptographic yet centrally maintained systems such as DigiCash and eCash4,

semi-centralized networks like Ripple, and the fully decentralized networks of Bitcoin, LiteCoin,

Nxt, Ethereum, etc.

In the past 20 years, many efforts have been made to produce reliable, trusted and widely

adopted electronic money. Most initiatives have failed for reasons of trust, repercussions from

illicit/illegal activity, or insufficient technological capability. However, the current phenomenon of

bitcoin (and the cryptographic ledger technology that supports it, henceforth referred to a

Bitcoin, with capital “B”) and related initiatives goes well beyond merely presenting a compelling

platform for electronic money. As such, popular public discourse has moved beyond electronic

money applications and into a wider reaching topic generally called Digitally Stored Value

(DSV), which encompasses not only the value of specific assets, but how they are traded and

the legal constructs that surround them. In this paper we will refer to bitcoin the token as:

“bitcoin;” and Bitcoin the infrastructure enabling a distributed ledger as “Bitcoin.”

DSV Implementations

The age old problem with storing and trading valuable items- be it money, paintings, contracts

or other representations of value- has revolved around the question of who or whom to trust to

hold, transport, and/or broker the assets involved in a transaction. Societies around the world

have developed complex and highly evolved systems to effectuate trust as part of their

economies and social interactions, including banks, escrow agents, governments, lawyers,

common custom, etc. But those trusted institutions are often limited by geographic distance,

technological capabilities, political boundaries, or social reach.

Bitcoin created a distributed public ledger requiring trust in one thing: math. The network of

users keep track of the ledger, incorporating technology analogous to the World Wide Web and

using the same encryption protocols (Sha256) as the most secure government and banking

institutions. Prior to the development of Bitcoin, distributed systems couldn’t be guaranteed to

reach consensus due to what is referred to as The Byzantine Generals Problem.

1 http://en.wikipedia.org/wiki/Electronic_money

2 http://en.wikipedia.org/wiki/M-Pesa

3 http://en.wikipedia.org/wiki/Economy_of_Second_Life

4 http://blawgconomics.blogspot.com/2012/10/a-brief-history-of-digital-currencies.html

HC3 Innovation Solutions & Tillit Inc., Page 6 of 28

Fundamentals of Math-Based Money

The Byzantine Generals Problem

The Byzantine Generals problem is an offshoot of the Two-Generals Problem that goes

something like this: two generals are in the hills on either side of a fortified city that they are

preparing to attack. The city is in a large valley and the only way for the two generals on either

side to communicate is to send messengers through that city- a very risky proposition as there

exists a significant probability that the messengers will be captured or their messages changed.

The two generals have agreed to attack the city together, as that is the only way the attack can

succeed; but have not agreed on the time. The generals must be able to communicate a time

and receive confirmation from the other so that one army is not sacrificed making a lone attack.

Because the confirmation is as likely to be lost or altered as the original message, there can

never be certainly around the attack time and both generals are essentially stuck in limbo5.

Byzantine Generals Problem builds on this to include many armies surrounding a fortified city

that need 50% of Generals to attack at the same time. These Generals struggle with the same

communication and timing problems. To quote directly from Bitcoin Founder Satoshi Nakimoto’s

original discourse:

James A. Donald wrote:

“It is not sufficient that everyone knows X. We also need everyone to know that everyone knows

X, and that everyone knows that everyone knows that everyone knows X- which, as in the

Byzantine Generals problem, is the classic hard problem of distributed data processing.”

Satoshi’s solution:

“The proof-of-work chain is a solution to the Byzantine Generals' Problem. I'll try to rephrase it

in that context.

A number of Byzantine Generals each have a computer and want to attack the

King's wi-fi by brute forcing the password, which they've learned is a certain

number of characters in length. Once they stimulate the network to generate a

packet, they must crack the password within a limited time to break in and

erase the logs, otherwise they will be discovered and get in trouble. They

only have enough CPU power to crack it fast enough if a majority of them attack at the same

time.

They don't particularly care when the attack will be, just that they all agree. It has been decided

that anyone who feels like it will announce a time, and whatever time is heard first will be the

official attack time. The problem is that the network is not instantaneous, and if two generals

announce different attack times at close to the same time, some may hear one first and others

hear the other first.

5 http://en.wikipedia.org/wiki/Two_Generals%27_Problem

HC3 Innovation Solutions & Tillit Inc., Page 7 of 28

They use a proof-of-work chain to solve the problem. Once each general

receives whatever attack time he hears first, he sets his computer to solve an

extremely difficult proof-of-work problem that includes the attack time in its

hash. The proof-of-work is so difficult, it's expected to take 10 minutes of

them all working at once before one of them finds a solution. Once one of the

generals finds a proof-of-work, he broadcasts it to the network, and everyone

changes their current proof-of-work computation to include that proof-of-work

in the hash they're working on. If anyone was working on a different attack

time, they switch to this one, because its proof-of-work chain is now longer.

After two hours, one attack time should be hashed by a chain of 12

proofs-of-work. Every general, just by verifying the difficulty of the

proof-of-work chain, can estimate how much parallel CPU power per hour was

expended on it and see that it must have required the majority of the computers to produce that

much proof-of-work in the allotted time. They had to all have seen it because the proof-of-work

is proof that they worked on it. If the CPU power exhibited by the proof-of-work chain is

sufficient to crack the password, they can safely attack at the agreed time.

The proof-of-work chain is how all the synchronisation, distributed database

and global view problems you've asked about are solved.”6

Essentially Bitcoin solved the potential problem of double-spending on a distributed system. The

impossibility of doing so previously necessitated that trust exist somewhere in the system.

Paper and coins are used because we trust that they are immune to counterfeit. In electronic

transactions, we utilize a trusted third-party as a central hub to clear transactions and update

the ledger. Central banks, credit card companies, Paypal, etc. fit this profile.

Bitcoin instead relies on a race within the network to check a mathematical equation, confirming

the former ownership of one party and new ownership of another party and send that out to the

network for confirmation. Once that transaction is confirmed, it becomes ingrained in the ledger

- henceforth called The Blockchain7 - which is essentially a record of all transactions going back

to the very first block created by Satoshi that resides on all computers running the Bitcoin client.

In this system one must only trust in the mathematical difficulty of the algorithm - a function that

all participants can see. The participants in that race to validate transactions are called “Miners”,

although the process is more similar to competitive bookkeeping than mining.

6 http://www.mail-archive.com/cryptography@metzdowd.com/msg09997.html

7 https://en.bitcoin.it/wiki/Block_chain

HC3 Innovation Solutions & Tillit Inc., Page 8 of 28

But Why Trust the Algorithm? What is the Math that Underlies It?

Cryptography: “practice and study of techniques for secure communication in the presence of

third parties (called Adversaries).”8

Applications are boundless but some examples include ATM’s, electronic banking, and e-commerce. Essentially, transactions on the Bitcoin protocol employ a mathematical function that can be solved going one way, but not the other. A good analogy was conveyed in an article by Ritchie S. King, Sam Williams, and David Yanofsky: “Think of it like mixing paint. It’s easy to mix pink paint, blue paint, and grey paint. But it’s hard to take the resulting purple and unmix it.”9 The Private Key held by owner of a given bitcoin is equivalent to the formula of paints (numbers outside of this analogy) that combine to produce the purple color. Without access to the Private Key, the bitcoin cannot be de-linked from the associated wallet.

When Party A sends a bitcoin to Party B, the network races to conduct trial-and-error plugs into

the function to determine the exact amount of pink, blue, and grey that resulted in the purple

they see. Of course, rather than colors we are speaking about numbers, but the process is the

same. Once a Miner stumbles on the correct input- called a Nonce- it broadcasts the Nonce to

the network which checks to validate that the input solves the equation. When a majority of the

network recognizes the mathematical validity of the input with respect to the function, the record

is entered into the blockchain.

From Satoshi’s paper:

“The steps to run the network are as follows:

1) New transactions are broadcast to all nodes.

2) Each node collects new transactions into a block.

3) Each node works on finding a difficult proof-of-work for its block.

4) When a node finds a proof-of-work, it broadcasts the block to all nodes.

5) Nodes accept the block only if all transactions in it are valid and not

already spent.

6) Nodes express their acceptance of the block by working on creating the

next block in the chain, using the hash of the accepted block as the previous

hash.”

8 http://en.wikipedia.org/wiki/Cryptography

9 http://qz.com/154877/by-reading-this-page-you-are-mining-bitcoins/#Correction

HC3 Innovation Solutions & Tillit Inc., Page 9 of 28

Why Do Miners Participate?

The miner that broadcasts the proof-of-work to all nodes goes on to begin the next block by

entering the first transaction and receiving a new coin as compensation. This process is

algorithmically adjusted with the intention of a new block being mined every ten minutes, a goal

that is generally- but not always- achieved. This is the derivation of the term: “Miner,” as these

processors expend resources to add new bitcoin to the economy in the same manner in which a

physical miner adds gold.

Open-Source Code: What Does It Mean?

Similar to the technology underlying email, nobody owns the Bitcoin network. Instead, it is

controlled by global users, with the source code free for all to see (and contribute to). While

developers can propose changes to the underlying protocol, the users must adopt the software

that incorporates the recommended changes for them to be implemented. It is in this manner

that consensus is required and maintained.

That being said, a core development team has emerged who has the respect of the rest of the

developer community. This core team manages a platform where changes to the protocol can

be proposed, debated, and eventually supported for implementation. The core development

group consists of: Satoshi Nakimoto, Gavin Andresen, Pieter Wuille, Nils Schneider, Jeff Garzik,

Wladamir J. van der Laan, and Gregory Maxwell, with many more contributors working along

with them.

User Mechanics:

From the user side, there are four main components to a bitcoin transaction: the wallet, the

public key, the private key, and the address. A wallet can be online (web-based) or local (on

hard drive) and is where one stores their bitcoin. When opening a wallet a user is given an

address, analogous to an email address, created by generating random numbers and

conducting a mathematical computation to derive an associated public and private key. The

address is where one pays from or is paid to and it is recommended that one never use the

same address twice, for security reasons.

In the simplest terms, the bitcoin address links the public key and the private key using a

mathematical function. As the name implies, the public key isn’t kept private and is where one

receives bitcoins. Therefore, anyone can send funds to an address merely by having the public

key and without knowledge of the private key. However, in order to transfer those said funds to

another address, the private key must be provided in order to “sign” the transaction. This

process is considered secure because it is mathematically impossible for one to reliably

determine the private key to a wallet given the public key. Once this transaction is signed, it is

broadcast to the network and eventually confirmed and entered into the Blockchain.

Technical Caveats:

Forks: every bitcoin contains only one path to the genesis (first) block. When two blocks are

HC3 Innovation Solutions & Tillit Inc., Page 10 of 28

created only a short time apart, a fork can develop and nodes then work on whichever block

they receive first. Whichever block is included in the following block becomes part of the main

chain because that chain is now longer (nodes do work on the longest chain).

51% Attack: refers to a single entity controlling the public ledger by obtaining 51% or more of

the networks total processing power. Although a 51% attack can create large disruption by

preventing confirmations of existing transactions and double spending, the entity in control

couldn’t reverse old transactions, create new coins, or steal from wallets and so such an attack

would likely not be crippling. Still, some fear that the preponderance of large mining networks

running ASICs- highly efficient computers due to focus on mining exclusively- elevates the

concentration of control and danger of a 51% attack. Many fixes to this hypothetical problem

(and counters) have been asserted, but that is beyond the scope of this paper.

Other Mechanisms for Securing a Ledger

Proof of Stake

Rather than network influence being predicated on computing power, as is the case with Proof-

of-Stake, Proof-of-Work mandates that the influence a miner has is a function of the holdings-

stake in the system- as opposed to the computing power.

Foundations of the bitcoin

Although Bitcoin was quite innovative- revolutionary perhaps- it was only novel in the way it

combined various solutions already in existence. The most impactful building blocks include:

Hashcash

Hascash is a proof-of-work system designed by Adam Back to limit spam and denial-of-service

attacks over email systems. Satoshi directly attributed Hashcash as the concept on which he

based the Bitcoin proof-of-work.

Bitgold

In addition to including a time-stamped proof-of-work, Nick Szabo’s Bitgold10 also envisioned a

“Distributed Property Title Registry;” but because he couldn’t properly account for the double

spending issue, there was no scaleable mechanism to implement such a system.

Although cryptography is highly complex, it is omnipresent throughout western society with only

a minute percentage of society fully understanding the underlying math. Although one may be

uncomfortable with a concept they only understand in very general terms, the open-source

nature of the protocol and the algorithm, based on SHA-256, makes it robust when combined

with the proper security procedures.

10

http://unenumerated.blogspot.com/2005/12/bit-gold.html

HC3 Innovation Solutions & Tillit Inc., Page 11 of 28

Centralized Networks Centralized networks developed for obvious reasons: commercial activity between unfamiliar

economic actors requires a mutually trusted individual or institution to hold assets and handle

disputes. While a distributed consensus and trust network is feasible for the custody of assets

and adjudication of disputes across very small populations, it is highly inefficient and impractical

when dealing with large populations that are neither culturally nor politically homogenous. Thus,

institutions arose that applied a hub-and-spoke model in allocating that trust to subsegments of

the economy; the result being that two parties who didn’t necessarily trust each other could

conduct commerce by dealing through an independent third party that they both trusted.

As it relates to commerce and global finance, centralization has many advantages. The Central

party often ensures the integrity of the participants in a network and actively works to ensure

that violations of the set standards are addressed. If a trade fails for any reason the central

exchange adjudicates the dispute or guarantees to provide for any damages. Whether a

payment to a merchant or a trade on an exchange, some trusted institution administers the

process.

With respect to sovereign currencies, responsible elected officials typically appoint experts who

control the official unit of account in order to provide continuity and instill confidence within an

economy. Prudent management of monetary affairs ensures that the unit of account can act as

a medium of exchange while either holding value or only gradually losing value over time.

Obviously, some are less sanguine on the competence of monetary experts:

"The best credit by far, history has shown, has been the private company. Sovereign countries

have defaulted 30 times as often as private companies, both domestically and foreign.

Individuals default five times as often as private companies."- Michael Milken

Privately Administered Centralized Networks

M-Pesa: in 2002 it was discovered that citizens of Uganda, Botswana, and Ghana were

spontaneously using mobile minutes as a method of value transfer. MCel in Mozambique built

an infrastructure for mobile minute swapping in 2004 and in 2007 Safaricom launched their own

payment network in Kenya called M-Pesa.

M-Pesa is not local currency as the telecom operator holds domestic fiat currency in bank

accounts; but rather it is competition to the existing banking and credit card networks, especially

with respect to the currently unbanked. It is estimated that the equivalent of 43% of Kenyan

GDP flows through the system and is also making inroads in Afghanistan, Mozambique, South

Africa, Tanzania, and India.

Digicash was one of the first attempts at electronic money transfer. As the company proclaimed

in 1994: "World's first electronic cash payment over computer networks," 1994-05-27. After a

series of failed business negotiations with large multinational banks, Digicash ran out of venture

funding and the assets sold off.

HC3 Innovation Solutions & Tillit Inc., Page 12 of 28

Beenz and Flooz: loyalty rewards points similar to airline miles marketed as an online currency.

Eventual fatality of the dotcom bubble.

Semi-Decentralized Network: Ripple

Ripple is a Peer to Peer currency exchange that allows participants to exchange fiat currency

for digital currency without requiring a central clearing party. Transactions are done over what

amounts to a trust network- one trusts certain parties- or Gateways- that they are willing to

transact with and stipulates what currencies they are willing to provide liquidity for and the

Ripple network uses that to determine the best path to the desired cross. Ripple is essentially

an attempt to implement a more efficient, modernized, open version of SWIFT (Society for

Worldwide Interbank Financial Telecommunication).

Decentralized Networks The benefits of centralized systems come with an associated cost. Because many participants

must put great faith in a single entity, any mistake by that entity will have an outsized impact on

the overall ecosystem. Decentralized systems, on the other hand, may suffer from more small

failures but the impact will be defuse, leaving the system in a position to repair and adapt.

MtGox was one of the earliest and most utilized exchanges. The failure of Gox created a major

panic among customers who lost access to assets that they thought they owned; but a systemic

panic among the larger bitcoin community never materialized. The failure of Gox is analogous to

a bank run- Gox and related institutions were impacted while other users of bitcoin were largely

unaffected. With U.S. bank runs, the fiscal damage done to customers and related institutions

did not threaten the viability of the Dollar (although the same cannot be said of sovereign default

and semi-sovereign failures like Fannie Mae and Freddy Mac).

The inherent ability to weather small failures enables distributed experimentation within a

decentralized ecosystem. In fact, the failure of Gox seems to have catalyzed an enhanced focus

on the implementation of innovative auditing and security protocols by exchanges and other

centralized institutions dealing in bitcoin. In addition, many “Altcoins” have emerged that mimic

bitcoin’s underlying principles but apply small changes to the protocol in ways intended to better

serve certain regions or subsegments of the economy.

The bitcoin community are split on the subject of Altcoins: some view them as mere knock-offs

that will eventually prove worthless due to inability to achieve a network effect on the scale of

bitcoin; but others see Altcoins as worthwhile experiments, many of which will fail but some of

which will prove highly successful. Either way, the emergence of Altcoins lends credence to the

view that the open-source nature of the bitcoin protocol enables a larger diversity of participant,

as centralized systems must be much more careful in vetting all participants due to the greater

potential damage resulting from failure. Along the way there may be more failures in a

Decentralized system but they will not be fatal to the ecosystem, allowing it to evolve and

eventually prosper.

HC3 Innovation Solutions & Tillit Inc., Page 13 of 28

Currency Uses of DSV In addition to being a store of value, bitcoin also has the potential to serve as a medium of

exchange. There are several features of bitcoin that differentiate it from the existing electronic

payment network. Because of these inherent differences, both technology and business culture

have been slow to evolve; but that is starting to change as the business community is starting

recognize the inherent advantages and adapt to the new technology.

Non-Reversibility

The most notable feature of bitcoin that differentiates it from the current forms of electronic

payment is the non-reversibility of transactions. Once one uses their private key to send their

bitcoin to another address, the transaction cannot be reversed. Contrast this with credit and

debit card transactions done through the banking system where disputed or fraudulent

transactions are routinely reversed.

It is estimated that there were $139B in fraudulent transactions in 2010 and that after other

business costs are taken into account (replacement cost, interest, etc.) the real cost is ~2.6x

higher, or $362B.11 Most if not all of these reversals- 8.3% of the $4.3T in retail sales in 2010-

end up embedded in the cost structure, making up a significant percentage cost of goods and

services sold. A non-reversible electronic payment system transfers risk from merchants to

consumers. It’s conceivable that the consumer will receive better pricing from merchants in

order to compensate them for this assumed risk.

Transaction Fees

Lower transaction fees with respect to credit cards are considered an inherent advantage of

using bitcoin in commercial transactions. Currently, bitcoin transaction fees are negligible

compared to credit cards, whose all-in fees are typically several percentage points.

Although transaction fees currently exist on the Bitcoin platform, they are minimal- currently XBT

.00001, or about half a Penny- and mostly intended to discourage flooding the system with small

transactions or transactions requiring too much memory. For instance, if “change” from a

transaction is less than a certain amount, then a fee is charged in order to prevent denial-of-

service attacks (spam).

Alternatively, if the size of the transaction is greater than 1,000 bytes, a fee is charged on the

excess (in lieu of the fee for small transactions). The Bitcoin client and the transaction fee

system seeks to balance ease of use with reasonable incentives for maintaining the network

with the end result being minimal transaction costs compared to the existing payments

infrastructure.

11

http://img.en25.com/Web/LexisNexis/2010%20True%20Cost%20of%20Retail%20Fraud%20Study.pdf

HC3 Innovation Solutions & Tillit Inc., Page 14 of 28

That being said, transaction fees are one of the more clunky aspects of the Bitcoin protocol, as

acknowledged by lead developer Gavin Andreson who called it “a complicated mess.”12 Work is

underway to evolve away from a system where the transaction fees are hard-coded, and

towards a system whereby the software makes “smart” estimates based on market data. Much

controversy surrounds this aspect of the bitcoin protocol, with some analysts more doubtful of

the ability of the network to scale at anywhere near the current low cost.

Tim Swanson has conducted thorough analysis of this topic and his contention is that when the

seigniorage costs (mining rewards) are added to the overt transaction costs, the total costs are

actually quite high relative to volumes. Tim compares the capital expenditures of the credit card

networks and the Bitcoin network relative to transaction volumes and concludes that

decentralized systems will always be more expensive to run.

However, we would point out that there are many legs in the standard payment flow- including

Acquirers and Issuers- and exclusively comparing the costs of running the credit card networks,

which are the most capital-lite, high-margin participants, to the entire Bitcoin network may not be

fair. We would highly recommend Tim’s blog for deeper insights into this matter.13

Micropayments

Credit card companies typically levy a base fee in addition to the percentage fees they charge

based on transaction value. This base fee generally renders micropayments economically

unappealing. While Bitcoin also has a base fee, the costs are minimal and interesting

technologies have arisen to nearly eliminate this cost.

One technology, being utilized by a major newspaper, works with one of the major exchanges to

bundle orders off the blockchain, only sending them to the blockchain once the bundle has

reached a minimum size. Seamless, nearly-costless Micropayments is one of the more

promising economic use cases for bitcoin. As the aforementioned approach to Micropayments

demonstrates, several of the limitations of the Bitcoin protocol can be worked around. Another

limitation not yet mentioned is in the time it takes to confirmation.

Off-Blockhain Transactions

While at its core Bitcoin is a platform for trustless, peer-to-peer transactions, many economic

actors are willing to trust more centralized entities in return for ease of use, liquidity, and general

practicality. Taking previous example with respect to micropayments, many institutions are

choosing to cross transactions internally before getting the tally entered into the ledger.

One of the weaknesses of bitcoin as it relates to trading and arbitrage lies in the time it takes to

confirm transactions.14 By crossing transactions internally, transaction times depend only on the

12

http://www.coindesk.com/bitcoin-core-dev-update-5-transaction-fees-embedded-data/ 13

http://www.ofnumbers.com/ 14

The Bitcoin protocol’s target of one block every 10 minutes imposes a minimum latency condition on transactions across the blockchain.

HC3 Innovation Solutions & Tillit Inc., Page 15 of 28

capabilities of the chosen trading platform, similar to the way Forex trading is currently handled

using crossing networks.

Further, as currently implemented, the Bitcoin protocol is capable of handling approximately

seven transactions per second. Many existing business, from exchanges to payment platforms,

currently handle substantially more transactions per second, so the only practical way to handle

this volume of activity is off-blockchain.

Another feature addressed by off-blockchain transactions is privacy. Since off-blockchain

transactions aren’t entered onto the public ledger, privacy is preserved, at least outside the

platform on which one is transacting.

In summary, off-blockchain solutions can be advantageous for applications that are willing to

forgo the trustless nature of the Bitcoin ledger in return for enhanced speed, greater privacy,

and/or lower transaction costs.

Trading and Payment Networks

Transactions are generally completed in one of two ways: direct, peer-to-peer (address to

address); or on an exchange.

Electronic Real Time Trading Exchanges

Users set the price themselves via buy and sell orders. The exchange provides the platform,

holds and releases the funds, and executes the trades. Trust is required in the exchange.

Fixed Rate Exchanges

Platform offers fixed rate of exchange, typically available for a finite period of time. Vendors

generally generate income off the spread.

Over-the-Counter

Can be private parties seeking to transact pseudonymously or regulated institutions dealing in

large block trades

Local Exchange

Sites that facilitate in-person transactions, generally cash to bitcoin.

HC3 Innovation Solutions & Tillit Inc., Page 16 of 28

The Other 6 Billion… Access to financial services is considered a requisite for a functioning market economy.

According to The World Bank, three quarters of the world’s 7 Billion people have access to a

mobile phone while only half of adults have a bank account. Most of the unbanked live in less

developed markets and it is the goal of economic development advisors to increase access to

financial services. Some of the most commonly cited obstructions with respect banking access

are: lack of funds to justify (30%), expense (25%), distance from branches (20%),

documentation (18%), and trust (13%). Blockchain-based services have the potential to mitigate

or completely eliminate all of those obstructions, especially when acting in cooperation with

governments.

In Kenya, 79% of adults report having access to a mobile phone in their household and 68%

reporting having used their mobile phone to pay bills, send, or receive money. This means that

86% of adults in Kenya are mobile money users, compared to 23% of all mobile phone users in

Sub-Saharan Africa. 43% of Kenyan adults and 92% of Sudanese who report using mobile

money don’t have a bank account.15

In developing markets, savings is primarily conducted via Community Savings Clubs, asset

accumulation (e.g., gold or livestock), or under the proverbial mattress, the latter two of which

account for 29% of savers worldwide and over half in 55 nations. In Sub-Saharan Africa, for

instance, 34% have saved through community savings clubs in the last 12 months.

Remittances also play a major role in many economies. By 2015 it’s estimated that remittance

flows to emerging market economies will be $515B 16On average, the remittance process takes

9% from sent funds (12% in Africa, sometimes higher), roughly evenly split between collection,

transport, and distribution. As far as Bitcoin can foster competition by lowering barriers entry,

the new technology can significantly reduce the cost of remittances channeling a massive

windfall to emerging market economies.

As starved as developing market economies are for savings and payment solutions, they are

even more starved of funding for capital formation. In Sub-Saharan Africa, 29% report that

friends and family are their sole source of capital for loans while only 2% cite formal financial

institutions. There are several entities building services that utilize the inherent advantage of the

blockchain with respect to both micropayments and peer-to-peer lending.

Emerging Market Governments and Bitcoin: Friend or Foe?

It seems logical that some governments will view the emergence of bitcoin as a threat, some as

an opportunity, and some as both. Nations that maintain tight control over monetary flows into

and out of their economy may find the ease of transactions to be a threat. Other regimes may

be reluctant to embrace a technology that they perceive- correctly or incorrectly- to be a privacy-

15

http://elibrary.worldbank.org/doi/pdf/10.1596/1813-9450-6025 16

http://www.worldbank.org/en/news/press-release/2013/04/19/world-bank-launches-initiative-on-migration-releases-new-projections-on-remittance-flows

HC3 Innovation Solutions & Tillit Inc., Page 17 of 28

enhancing technology that enables citizens to circumvent censorship or finance and spread

dissent.

But many more nations will find the blockchain to be a useful way to account for and collect

taxes since the blockchain creates a clear transaction chain that can be audited. It’s estimated

that the informal economy- not including illegal trade- makes up 41% of economic activity in

emerging markets (OECD average is 18%). The benefits offered to citizens by the various

technologies that use the blockchain may provide the necessary incentive to migrate from the

informal to the formal economy. We would expect governments to embrace any technology that

encourages growth of the formal economy, and the tax revenues that result.

Each emerging market government can be expected to react to Bitcoin in a different manner,

depending on their specific concerns. But if blockchain-based technologies can facilitate asset

accumulation, establish credit history, enhance tax revenues, and help enshrine property rights,

they will have a positive impact on emerging market economies and may eventually be

embraced by the governments.

Non Currency Uses of Decentralized Trustless Ledgers As discussed herein, the real technological breakthrough represented by the technology that

gave rise to Bitcoin and related cryptocurrencies was the decentralized trustless ledgers on

which these cryptocurrencies exist. But, conceptually, a ledger is capable of recording

transactions referencing more than a single asset. And because this ledger is maintained

programmatically, the trustless nature of such a ledger can be extended beyond merely

recording the transfer of an asset (i.e., preventing “double spending” of a cryptocurrency) to

enabling and enforcing rules and behaviors governing the ownership and operation of an asset

algorithmically.

Colored Coins

There are currently a number of improvements and overlays to the Bitcoin protocol as well as

completely separate platforms that provide for the ability to instantiate assets on a blockchain

other than a native cryptocurrency. These approaches are generally referred to as “colored

coins” as a common implementation involves marking or “coloring” an existing coin17 and using

such colored coins to represent other assets. Some of the approaches18 include integrated

asset exchange features, whereby users can buy and sell these assets. Others19 aim to provide

a “Turing complete” programing language enabling not just the creation of arbitrary blockchain

assets but much more control over the manipulation of these assets (see “Smart Contracts”

below).

Several potential uses of non-currency blockchain assets have been proposed, including:

17

In practice, usually only a fraction of the base unit of a native cryptocurrency is colored (i.e., a single satoshi, or 0.00000001 BTC) 18

http://www.mastercoin.org/, http://www.nxtcrypto.org/ 19

https://www.ethereum.org/

HC3 Innovation Solutions & Tillit Inc., Page 18 of 28

● reserve-backed digital assets (i.e. gold-backed)

● shares or other indicia of securities ownership

● representation of claims in the Mt. Gox bankruptcy20

● retail loyalty or rewards points

As noted above, several variations of technological infrastructure to implement many of these

proposals already exist. There is, however, very little legal clarity or authority that blockchain

assets can represent many of these real-world rights and assets. Further, there are already

many examples of purported “IPOs” having been conducted whereby colored coins or similar

blockchain assets ostensibly representing interests in a business enterprise have been issued in

exchange for cryptocurrencies and/or fiat. In many of these instances, the issuer is not actually

a separate legal entity, and disclosure to investors is ad hoc or altogether non-existent. It is

likely a question of when, not if, a major investor fraud case makes the headlines in the

cryptocurrency community. (See below regarding recent SEC inquiry regarding Satoshi Dice.)

Smart Contracts/Property

Although the Blockchain can be utilized to represent real assets or for simple contracts, more

detailed contractual agreements require a turing complete language capable of making a more

detailed series of stipulations, although there is much contention in the Bitcoin community over

this assertion. Thus some are attempting to use the Blockchain as a mechanism for negotiating,

verifying, and enforcing the terms of a contract; while others seek to create entirely new

platforms for this purpose with the same goal (ease of use, self-execution, and self-

enforcement). Both of these systems, incidentally, will still require the assignment of trusted

third parties to provide the information inputs necessary to execute the contract. In the early

1990’s, computer scientist Nick Szabo broadly referred to agreements embedded in code as

“Smart Contracts,” the phrase commonly used today.

20

http://www.humint.is/goxcoin/

HC3 Innovation Solutions & Tillit Inc., Page 19 of 28

DSV Ecosystem Gaps

“As Mark Twain's character Pudd'nhead Wilson once opined, if you put all your eggs in one

basket, you better watch that basket.”- Ben Bernanke 21

“the flip side of the centralization of clearing and settlement activities in clearinghouses is the

concentration of substantial financial and operational risk in a small number of organizations, a

development with potentially important systemic importance.”- Ben Bernanke

From the quotes above, you get a sense of how important trusted central parties are to the

modern financial system. In the U.S. equity markets, custodians hold stock and funds on behalf

of their clients (asset managers, pension funds, insurance companies, sovereign wealth funds

and brokers). These clients then execute trades directly or through an asset manager with a

broker. When trades are agreed to, the client side or custodian settles the transaction with the

broker through the DTC, making sure both parties are in agreement with respect to the exact

terms. When the trade details match then the seller delivers the shares to the buyer and

receives cash while the buyer receives the shares and delivers cash to the seller. The trade will

only settle if both sides agree to the terms and deliver either the asset or cash. This system of

settlement is known as delivery versus payment or DVP.

In a DVP transaction you are not at risk of the seller delivering the stock but not receiving the

cash, and conversely the buyer is not at risk of sending cash but not receiving the stock they

agreed to purchase. You do still incur counterparty risk between trade date and settlement date

which is 3 days in US equity markets. For example, if a broker were to default, i.e. declare

bankruptcy between trade date and settlement date, the open trades would not settle and the

broker or client would need to buy-in or sell out the securities and place a claim from any losses

with the bankruptcy trustee. Although this is an unpleasant process, there is at least a method

for conducting an orderly default of a broker/dealer regulated in the US. Currently, bitcoin

exchanges are holding customer funds and their bitcoin, in effect playing the role of broker,

custodian, and exchange, which is inherently risky as the Mt. Gox bankruptcy has proved. As

the eco-system matures, which is arguably happening, these three functions should be

separated so that clients: retail & institutional clients execute through brokers, who route orders

to exchanges, and the client or broker designates the cold storage or multi-signature wallet to

safekeep their funds and securely store their bitcoin.

The major advantage of Bitcoin, as previously outlined, lies in the trustless clearing mechanism,

allowing the blockchain to eliminate the clearing and settlement process for bitcoin. However,

the fiat side of any trade is not coupled or married to the bitcoin execution; therefore there is

currently no DVP method for settling trades. There is also extremely high operational risk as

bitcoin transactions are not-reversible, and therefore if bitcoin are sent to the wrong wallet, there

is no systematic way to get them back as there would be in a system with a central clearing

house.

21 http://www.federalreserve.gov/newsevents/speech/bernanke20110404a.htm

HC3 Innovation Solutions & Tillit Inc., Page 20 of 28

But for the foreseeable future, it’s likely that most large financial institutions dealing in bitcoin will

treat it similarly to a security and so will be tied to the legacy processes. Below we outline

several of the most important pieces of the payments and capital markets infrastructure and

how they might fit with this new DSV paradigm.

Exchange Risks:

When opting to transact on an exchange, participants assume counterparty risk (with the

exchange) the entire time that their funds reside on that exchange. For most institutions, that is

not acceptable. Currently the counterparty risk in dealing with bitcoin exchange is actually

greater than it is when dealing with a stock exchange, where the counterparty risk is distributed

throughout the process.

Furthermore, exchanges that are transacting between the fiat banking system and bitcoin are

faced with the reality that bitcoin transactions are non-reversible while fiat payments can be

reversed. If A sells bitcoins to B for $, A would have to receive $ first and then be confident that

the transaction would not be reversed; because if the transaction were reversed, B would end

up with both the bitcoin and the $. Thus bitcoin to fiat transactions require a clearing and

settlement mechanism similar to stock transactions.

Risk Mitigation

The well-publicized and rather chaotic bankruptcy of the MtGox exchange seems to have

served as a catalyst for the acceleration of new technologies under development:

Multisignature m(n) transactions:

In a 2(3) multisignature transaction two of the three pre-designated parties must provide private

keys before a transaction goes through. The third party in this example would be an exchange

that acts as an arbitrator that serves a similar function to an escrow agent but without ever

having control of the funds. By employing Multisignature, exchanges can provide a deep

marketplace without ever having to take complete control over funds or securities.

Cold Storage and Insurance:

Cold Storage refers to the process of keeping bitcoins offline, which can include storage on a

USB stick, a paper wallet, or on a piece of off-line hardware. There are several companies

currently offering cold storage which can be insured at the clients discretion for a fee. Utilizing a

third-party Cold Storage service as the custodian for funds is a more robust method for

safeguarding assets.

Auditing:

In light of Mt. Gox, and many other small exchange closures, bitcoin exchanges will need to

provide audited reports of their holdings of customer bitcoin and money to gain the trust of the

broader community. Many advances have been made on this front but there are still greater

needs. Fortunately, the ecosystem is innovating fast and proper security protocols are likely to

emerge in the near future.

HC3 Innovation Solutions & Tillit Inc., Page 21 of 28

Identity and Anonymity

Anonymity vs Pseudonymity

A common misconception regarding ledger-based transactions is that they are fully anonymous.

The ability to send and receive cryptocurrency with no identification more apparent than a

numerical address gives the impression that it is not possible to tie transactions to specific

individuals or entities. But the protocol was not designed to be anonymous, and as a

consequence is only pseudonymous.22 And given the by-definition public nature of the

blockchain, this difference is significant.

The pseudonymous nature of the blockchain has been much discussed in cryptocurrency

circles,23 and a number of user-friendly interfaces currently exist that simplify the review and

analysis of blockchain data.24 In light of these well-known privacy issues, users have developed

certain best practices and centralized approaches to enhancing the privacy of blockchain

transactions.

Among these approaches are specialized wallets that automatically create unique addresses for

various steps of a typical payment transaction, and therefore limit the identification of a

particular address to the minimum number of participants necessary for a given transaction.

While this obscures the relationship between addresses it does not sever the link between

transactions, and therefore remains susceptible to statistical pattern recognition and related

analytical techniques.

Separately, a number of centralized services have been created25 whereby users can

collectively commingle cryptocurrency for the purpose of obfuscating the sources and uses of

funds in cryptocurrency transactions. As centralized solutions, however, these services expose

users to many of the same risks related to centralization that a decentralized platform strives to

avoid.

Additionally, various additional proposed tools, ranging from “stealth addresses” on the

blockchain26 to approaches27 premised on “zero-knowledge proofs,”28 may be used, either alone

or in combination with any of the above techniques, to greatly enhance the level of privacy

afforded transactions effected on a public blockchain.

22

See e.g.: bitcoin.org/en/protect-your-privacy (“Bitcoin works with an unprecedented level of transparency that most people are not used to dealing with. All Bitcoin transactions are public, traceable, and permanently stored in the Bitcoin network. Bitcoin addresses are the only information used to define where bitcoins are allocated and where they are sent. These addresses are created privately by each user's wallets. However, once addresses are used, they become tainted by the history of all transactions they are involved with. Anyone can see the balance and all transactions of any address.”) 23

arXiv:1107.4524 [physics.soc-ph] 24

www.quantabytes.com/, blockchain.info 25

These services are generally known as “mixers,” “laundries” and “tumblers.” 26

http://sourceforge.net/p/bitcoin/mailman/message/31813471/ 27

http://zerocoin.org/ 28

http://en.wikipedia.org/wiki/Zero-knowledge_proof

HC3 Innovation Solutions & Tillit Inc., Page 22 of 28

Pseudonymity and Personal Identity

As with most technology related privacy concerns, identifying and addressing weaknesses and

solutions is intertwined with the use to which the technology is put. Used as a payment network,

a principal concern is whether an individual user can be identified as the sender or recipient of a

payment. More sophisticated uses of a decentralized ledger in the future may involve storing

and manipulating information relating to property title and registered securities owners on a

blockchain. As noted above, most cryptocurrency protocols offer only varying degrees of

pseudonymity, such preventing the identification of a particular individual or entity as the owner

of a specific blockchain address is in some instances not possible.

Policy Concerns with Strong Anonymity

Notwithstanding that Bitcoin and similar protocols do not provide for absolute anonymity, it is

widely accepted that careful use of these technologies permits transfers of cryptocurrency that

are difficult to track and/or identify with specific actors. Accordingly, regulators and law

enforcement agencies have frequently expressed concern that the technology is particularly well

suited for money laundering and other criminal transfers of money in a way that is difficult to

police.

The various techniques described above providing for much stronger privacy protection for

users of cryptocurrencies understandably increase the level of concern among regulators and

law enforcement agencies. Although the U.S. federal government has previously acted to

regulate encryption directly,29 and there have been some recent statements regarding direct

regulation of cryptocurrency technology,30 it is unlikely that direct regulation of the protocol will

be widely attempted by regulators (or that any such attempt would be successful).

Consequentially, we should expect that increasingly strong forms of anonymity techniques will

be developed and used in connection with transactions effected on public ledgers.

The official regulatory response to these developments will likely turn on the manner in which

these services and techniques are marketed and deployed. Explicit reference to money

laundering, tax evasion or other illicit activities will clearly not

Strong Identity

As discussed above, notwithstanding the somewhat imperfect privacy features of the

blockchain, the technology does provided for a certain measure of privacy, and users and

developers have a number of options available to increase the privacy of blockchain

transactions. And while it is important that users are able to protect personal information in

29

See, e.g., the Digital Millenium Copyright Act (criminalizing the use, development and possession of certain cryptographic techniques and technology relating to the decryption of copyrighted materials protected by digital rights management encryption. 30

[FIND LAWSKY QUOTE]

HC3 Innovation Solutions & Tillit Inc., Page 23 of 28

certain circumstances, it is also important that users have the ability to reveal and verify their

identity or other personal information on a case-by-case basis.

In addition to the work underway on mechanisms to implement stronger anonymity features on

the blockchain, others are working to make stronger identity features available to users.

Legal Landscape

Key events The legal status of cryptocurrencies has been the subject of much debate and discussion, and

the many efforts to apply existing laws and reason from analogy, undertaken by regulators and

other lawmakers on one hand and by proponents of an unregulated blockchain on the other

(two groups widely distrustful of each other) have unsurprisingly done little to advance the ball,

and we are left with a substantial degree of legal uncertainty as to the legality of transacting in

(or in some cases even holding) cryptocurrencies.

There is no question that many of the initial attempts at creating a workable cryptocurrency

platform were motivated and informed by at least a general disinterest in, if not outright hostility

towards, governmental involvement.31 Today, the cryptocurrency community as a whole

appears to remain skeptical of regulation in general, but substantial events have occurred in the

regulatory sphere, and the outlines of an eventual regulatory framework are beginning to appear

to a limited extent in certain jurisdictions.

General Worldwide Legal Viewpoints

Country-by-country responses to the rapid adoption of Bitcoin and other cryptocurrencies have

varied greatly, ranging from many forms of explicit restriction32 to frequent general warnings

regarding the volatility and other risks inherent in cryptocurrencies to generally accommodative

positions.

United States

Notwithstanding the borderless nature of cryptocurrencies, as the world’s largest economy,

regulatory action within the United States will have a meaningful impact on the development and

use of cryptocurrencies and related technologies across the world.

31

See, e.g., Wei Dai’s initial b-money proposal, which was ostensibly motivated by an interest inf

“cryptoanarcy” (http://www.weidai.com/bmoney.txt) and Nick Szabo’s original bit gold proposal, which expressly cited reliance on a government as a trusted third party as a threat to the value of a currency (http://unenumerated.blogspot.com/2005/12/bit-gold.html). 32

E.g., China’s and Jordan’s prohibition on its financial institutions handling bitcoin transactions

(http://www.bloomberg.com/news/2013-12-05/china-s-pboc-bans-financial-companies-from-bitcoin-transactions.html), (http://jordantimes.com/central-bank-warns-against-using-bitcoin) and Iceland’s potentially broader prohibition relating to capital controls (http://www.mbl.is/vidskipti/frettir/2013/12/19/hoftin_stodva_vidskipti_med_bitcoin/).

HC3 Innovation Solutions & Tillit Inc., Page 24 of 28

FinCEN

The Financial Crimes Enforcement Network (“FinCEN”), a bureau of the U.S. Department of the

Treasury, has been the U.S. regulator most prominent to date in its provision of guidance and in

its involvement with enforcement actions relating to cryptocurrencies.

The focal point of FinCEN’s involvement in cryptocurrency regulation derives from the Bank

Secrecy Act (the “BSA”).33 FinCEN’s explicit mission statement34 and stated description of its

“core activities”35 are purposefully broad, and clearly intersect with the use of cryptocurrencies

as an exchange of value.

The most applicable tools FinCEN has in carrying out its mandate include the requirement that

money service businesses (as defined in the BSA) comply with FinCEN registration, reporting

and recordkeeping regulations.

Over the past year, FinCEN has released three guidance papers directly addressing certain

uses of cryptocurrencies. The first of these papers, released on March 18, 2013,36 established

three categories of participants in a cryptocurrency system: “users,” “exchangers” and

“administrators.”37 Under this guidance, users who obtain cryptocurrencies to purchase goods or

services are not money service businesses under FinCEN regulations. Under FinCEN’s

interpretation of the BSA, however, an administrator or exchanger of cryptocurrency that

accepts and transmits it, or buys or sells it in exchange for fiat or another cryptocurrency for any

reason (including intermediating between a user and a seller of goods or services the user is

purchasing on the user's behalf) is considered a money transmitter for regulatory purposes.

33

The BSA comprises the Currency and Financial Transactions Reporting Act of 1970, as amended by

Title III of the USA PATRIOT Act of 2001 and other legislation. 34

“FinCEN’s mission is to safeguard the financial system from illicit use and combat money laundering and promote national security through the collection, analysis, and dissemination of financial intelligence and strategic use of financial authorities.” (http://fincen.gov/about_fincen/wwd/) 35

“The basic concept underlying FinCEN's core activities is ‘follow the money.’ The primary motive of criminals is financial gain, and they leave financial trails as they try to launder the proceeds of crimes or attempt to spend their ill-gotten profits. FinCEN partners with law enforcement at all levels of government and supports the nation's foreign policy and national security objectives. Law enforcement agencies successfully use similar techniques, including searching information collected by FinCEN from the financial industry, to investigate and hold accountable a broad range of criminals, including perpetrators of fraud, tax evaders, and narcotics traffickers. More recently, the techniques used to follow money trails also have been applied to investigating and disrupting terrorist groups, which often depend on financial and other support networks.” (http://fincen.gov/about_fincen/wwd/) 36

http://fincen.gov/statutes_regs/guidance/html/FIN-2013-G001.html 37

Under this guidance: “A user is a person that obtains virtual 37

currency to purchase goods or services. An exchanger is a person engaged as a business in the 37

exchange of virtual currency for real currency, funds, or other virtual currency. An 37

administrator is a person engaged as a business in issuing (putting into circulation) a virtual 37

currency, and who has the authority to redeem (to withdraw from circulation) such virtual 37

currency.” 37

HC3 Innovation Solutions & Tillit Inc., Page 25 of 28

The March 18, 2013 guidance, while a promising first step, left unanswered a number of

questions, and the cryptocurrency community continued to operate in an uncertain U.S.

regulatory environment. In January of 2014, FinCEN published (in redacted form) two

administrative rulings that further interpret FinCEN’s original guidance paper in connection with

certain specific issues.

The first of these rulings, Application of FinCEN's Regulations to Virtual Currency Mining

Operations,38 covers the use of cryptocurrencies acquired by “mining.” In this ruling, FinCEN

found that a user (including a corporation) who mines Bitcoin and uses it solely for their own

purposes, not for the benefit of another, is not a money services businesses because these

activities involve neither “acceptance” nor “transmission” of the currency, and, provided the user

solely uses the mined cryptocurrency “(a) to pay for the purchase of goods or services, pay

debts it has previously incurred (including debts to its owner(s)), or make distributions to

owners; or (b) to purchase real currency or another convertible virtual currency, so long as the

real currency or other convertible virtual currency is used solely in order to make payments (as

set forth above) or for [the user]’s own investment purposes.”

The second January 2014 ruling, Application of FinCEN's Regulations to Virtual Currency

Software Development and Certain Investment Activity,39 FinCEN ruled on a question regarding

whether a company’s investment in virtual currency, and the development of proprietary

software facilitating such activity, would make it a money transmitter under the BSA. In finding

that it did not, this FinCEN ruling noted that “the production and distribution of software, in and

of itself, does not constitute acceptance and transmission of value, even if the purpose of the

software is to facilitate the sale of virtual currency.”

More recently, on March 18, 2014, David Cohen, the undersecretary for terrorism and financial

intelligence at the Treasury stated: “Terrorists generally need ‘real’ currency, not virtual

currency, to pay their expenses -– such as salaries, bribes, weapons, travel, and safe

houses...The same is true for those seeking to evade sanctions.”40 Whether this signals a

turning point in Treasury’s regulation of cryptocurrencies remains to be seen, but it fits the trend

towards more measured rhetoric from U.S. regulators.

SEC

The SEC has acted relatively little in respect of cryptocurrencies to date. This is in some

respects unsurprising, as the SEC’s mandate relates principally to the regulation of securities,

and cryptocurrencies, at least nominally, purport to be currency. The SEC has indicated,

however, that a determination of whether Bitcoin is a security “is dependent on the particular

facts and circumstances at issue.”41

38

http://www.fincen.gov/news_room/rp/rulings/pdf/FIN-2014-R001.pdf 39

http://www.fincen.gov/news_room/rp/rulings/pdf/FIN-2014-R002.pdf 40

http://www.bloomberg.com/news/2014-03-18/treasury-s-cohen-says-regulation-helps-virtual-

currencies.html 41

http://online.wsj.com/public/resources/documents/VCurrenty111813.pdf

HC3 Innovation Solutions & Tillit Inc., Page 26 of 28

Prior to the SEC’s inquiry to MPEx regarding Satoshi Dice described above, the SEC charged

Trendon T. Shavers and his company, Bitcoin Savings and Trust, with operating a ponzi

scheme. Shortly thereafter, the SEC issued an investor alert warning of the risk of ponzi

schemes involving cryptocurrencies.42 It should be noted, however, that cryptocurrencies played

only an incidental role in this case, which was simply a ponzi scheme that happened to involve

Bitcoin.

As the use of colored coins and related techniques brings an increasing amount of explicit

securities activities onto the blockchain, however, the SEC will likely take a much more active

and prominent role in the corresponding regulation. In fact, the U.S. Securities and Exchange

Commission recently requested information regarding the issuance and listing of shares of

Satoshi Dice, a gambling website, on MPEx, a Bitcoin-denominated securities exchange hosted

in Romania.43

CFTC

In May of 2013, Bart Chilton, from the U.S. Commodity Futures Trading Commission (the

“CFTC”) noted that the CFTC would have jurisdiction to regulate derivative contracts specifying

future delivery of cryptocurrency.

IRS

On March 25, 2014, the U.S. Internal Revenue Service issued its first guidance on the

application of U.S. tax laws to cryptocurrencies.44 Under this guidance, cryptocurrencies are

treated as property for U.S. federal tax purposes. Under this rubric, the character of gain or loss

from the sale or exchange of cryptocurrencies depends on whether the virtual currency is a

capital asset in the hands of the taxpayer spending and a payment made using virtual currency

is subject to information reporting to the same extent as any other payment made in property.

As a practical matter, under the IRS’ guidance, the most cryptocurrency transactions would be

taxable events, such that any gain over the user’s basis in the cryptocurrency will be realized at

the time of the transaction and treated as a capital gain (and any loss treated as a capital loss).

Accordingly, accurate recordkeeping as to the timing and corresponding values of acquisitions

and dispositions of cryptocurrencies is essential to correctly recognizing and reporting gains and

losses. Additionally, miners who receive new cryptocurrency in connection with mining activity

will have to recognize the fair market value of such new cryptocurrency as income.

Emerging Legal issues

Uniform Commercial Code Issues

As discussed throughout this paper, the use of a public ledger to record the entire transaction

history of a currency is fairly benign in certain circumstances, but, due to the truly

42

http://www.sec.gov/investor/alerts/ia_virtualcurrencies.pdf 43

http://www.bloomberg.com/news/2014-03-19/gambling-website-s-bitcoin-denominated-stock-draws-

sec-inquiry.html 44

http://www.irs.gov/uac/Newsroom/IRS-Virtual-Currency-Guidance

HC3 Innovation Solutions & Tillit Inc., Page 27 of 28

unprecedented nature of the technology, in other respects transacting on a blockchain can

result in some surprising and unintended consequences.

One example of this arises in the context of secured lending and other economic relationships

involving security interests in collateral. Integral to each one of these economic relationships is

the creation and perfection of security interests, the legal basis for which in the United States is

governed by Article 9 of the Uniform Commercial Code (the "UCC").

One of the basic principles governing Article 9 security interests is that “a security interest …

continues in collateral notwithstanding sale, lease, license, exchange, or other disposition

thereof unless the secured party authorized the disposition free of the security interest[.]”45

While the UCC explicitly strips a security interest in connection with a bona fide transfer of

“money,”46 it is unclear whether any existing (or proposed) blockchain-based cryptocurrency will

fall within the UCC’s definition of money: “a medium of exchange currently authorized or

adopted by a domestic or foreign government.”47 Accordingly, it is possible that, as a legal

matter, a lien that attaches to a cryptocurrency will follow the cryptocurrency through multiple

holders until the original debt secured by that lien is paid off. And if the debt is not paid off and

the original debtor defaults on that debt, the secured party (frequently a bank), will have the right

to take possession of the cryptocurrency subject to the lien.

This issue is not new, and improper dispositions of collateral (i.e., those that do not result in

stripping of a lien) can of course occur in respect of non-blockchain collateral. But as a practical

matter, it is often difficult to track down later holders of collateral, and as such, even though a

secured party may have a legal right to take such collateral in connection with a default, it is

often either impossible or cost prohibitive to locate and realize on most such collateral.48 The

permanent and public nature of blockchain transactions, however, could vastly simplify the

process of locating cryptocurrency subject to a lien. And, as discussed elsewhere in this paper,

while it may be initially difficult to identify the real-world identity of the owner of a blockchain

address, it is often not impossible, and the addition of a bankruptcy court’s subpoena power to

the investigator’s toolkit will only increase the likelihood of successfully identifying a future

holder of cryptocurrency (or other blockchain assets) subject to a prior lien.

45

UCC 9-315(a) 46

UCC 9-332 47

UCC 1-201(a)(24) 48

With respect to high-value collateral, of course, secured parties often will chase after later owners in

the event of a default. The UCC provides for a notice-type “perfection” regime whereby parties acquiring valuable property can protect themselves against taking property subject to a secured party’s lien by searching UCC filed financing statements or making other appropriate inquiry, but it is not realistic to perform such searches in connection with ordinary course payment activity.

HC3 Innovation Solutions & Tillit Inc., Page 28 of 28

Summary The DSV landscape is changing faster than your authors can keep up with. As we stand now,

Bitcoin is still getting the bulk of the attention, but there are hundreds of Altcoins, several smart-

contract platforms under development, and countless other economic applications and services

that utilize The Blockchain or apply the concept in an innovative manner. Additionally, there are

constantly proposed and implemented adjustments to the bitcoin protocol that may address

some of the current shortcomings. How the evolution of the DSV ecosystem plays out is about

as clear as the development of the World Wide Web in the early 1990’s; that is to say, the path

is not clear at all but clarifies a bit every day and is certainly worth following. Get going...

Acknowledgements Heather Schreider for her contributions to the DSV Ecosystem Gaps section

Tim Swanson for insights into transactions and the limitations of the Blockchain

Dan O’Connor for connecting us

Richard Gendal Brown for his insight into the Settlement and Clearing process

Andreas Antonopoulos and the Let’s Talk Bitcoin crew

Jerry Brito and the Surprisingly Free Podcast

Eric Voorhees for bringing me up to speed in the very early days

Russ Roberts for the 4/4/11 EconTalk Podcast with Gavin Andresen

Timothy B. Lee

Brett Stapper, Falcon Global Capital

Nikos Tiligadas and Mario D’Avirro for your math/crypto/computer science knowledge

Avish Bhama, Vaurum Seb Donovan Roger Wu Greg Cipolaro Greg Gurevich Barry Silbert of Second Market and Carla Holtze for the introduction