Trust: Tragedy of the Victim
Click here to load reader
-
Upload
mike-hayes -
Category
Documents
-
view
44 -
download
5
description
Transcript of Trust: Tragedy of the Victim
Mike Hayes copyright April 6, 2014 !
Trust Tragedy of the Victim
!!
This paper addresses a primary problem existing today in the Bitcoin economy. It is the
carry over of the habit and use of trust from the world of old money.
People do not change ingrained habits easily or quickly. Many invested in Bitcoin, but then
left their coins on exchanges. Why should they not? Who in recent years has pulled their money
out of a bank or investment house? People were used to trusting banks with their money. They
trusted stockbrokers and many other intermediaries, most whom operated as fiduciary agents.
They knew the world as a place where intricate layers of government regulation created or
appeared to create safe havens for investment capital. Many went to exchanges, bought Bitcoin,
watched the price rise, and sat back to watch what would happen.
They might have proudly said “I, too… own bitcoins!”
But did they?
Did they actually own bitcoins?
!Owning bitcoins?
If they did not own the secret of the private key, then at best they had a contract with
someone regarding the funds and assets. One of those assets was the private key. By typical
business and legal standards, they did not own bitcoins, They owned only a “Promise to pay”
from a vendor. It may seldom be in the business interest of the “Trusted Intermediary” such as
an exchange to engage in full disclosure, or to explain such distinctions to a customer.
Indeed, if one explained Satoshi Nakamoto’s trust less model to an average consumer he
might opt for the trusted intermediary. The “workhorse of traditional finance”.
!1HAYES - TRUST - TRAGEDY OF THE VICTIM
Finally, the Bitcoin user community should, but has not and did not, help new entrants to
the Bitcoin economy in this understanding. Buyer and seller, unwittingly for the larger part, took
the technology of Satoshi Nakamoto of trustless transactions, perverted it into requiring trusted
intermediaries, and then in many cases, suffered losses from unregulated trusted intermediary
relationships. This should never have happened according to the Satoshi trustless model of
transactions.
Ownership of Bitcoins means taking possession of them. This must be explicitly defined
and understood. We are talking about “taking possession” of what is basically just long
numbers. As a way of explaining this, let’s look at a conversation between two people. We’ll call
them Jane, and her friend, named Hack.
Jane asks Hack if she could “own” the number 2345. Hack tells her, she could own the
secret of which five digit number the number was. He continues “you’d own it for a millisecond
before my computer cracked it.” Hack then says “But if you made the number a lot longer and
added letters as well as numbers, you could create a number that could not be cracked in a very
long time. You could own that secret for sure.”
Jane confronts Hack “Really? Well how about my social security number and my driver’s
license number? Bet you can’t crack those.”
Hack replies “Mmm, trying ten million combinations of digits for the Social Security
number would just take a fraction of a second. Same for the driver’s license number. Forget
those being secrets.” Then Hack states the obvious: “Jane, neither the Social Security number or
the driver’s license number were ever a secret. They were given to you by a government, and the
data was stored and recorded in thousands of places. They were routinely scraped by various
bad actors on the Internet.”
Hack explains to Jane that no such number could even get close to the true meaning and
the importance of “secret” in the cryptographic sense. He proceeds to explain that a secret was
believed to be a secret until multiple eyes had seen it, or until it was recorded digitally in multiple
places, where access - past, present or future was possible.
In fact the many, many layers of law, rules and regulation supposedly protecting privacy
have only covered up vast increases in the collection of private information, it’s incorporation
into legitimate and illegitimate databases. Today vast industries exist including Internet social
media, are based on the the sale, legitimate and illegitimate, of that information. Government
!2HAYES - TRUST - TRAGEDY OF THE VICTIM
and corporate entities rely on such data, and seek to include themselves in the list of those
permitted access, while excluding the individual. In the cryptographic sense, artificial walls
around datasets, secret to those whose data is held in them, yet available for sale, publicly and
privately, do not comprise secrecy. Thus the more you hear about privacy, the less of it there is.
Looking at the trends, little personal information is or is going to be “secret” in the 21st century.
In opposition to these expanding invasions of privacy and their intricate coverups and mis
or dis information on the subject, enters the Bitcoin economy. It requires actual complete secrecy
of the private key, since anyone knowing or having access to that key could spend its money.
With Bitcoin, the very fact that it is called a “cryptographic currency” means that it is based
on secrecy of the private keys. “Private keys” are very long numbers that a skilled adversary
cannot discover. As the Hack explained to Jane, the entire system of the cryptographic currency
only works if these keys are held secret. What one “owns” is the secret of what the number is.
The important meaning of “cryptographic” to take away here, is that if and when and for
what time Jane keeps the key secret, no one can deduce, infer or compute the value of the secret
number. Jane’s funds are totally, completely safe.
Suppose that Jane possessed a private bitcoin key. She could generate some public keys of
her own, then transfer values from a third party’s bitcoins into hers. She could then check the
block chain, the public transaction registry, to verify that the transaction did happen. At this
point, Jane does in fact “own bitcoins”. As long as she holds his private key secret, she will own
them.
Now, suppose that Hack runs a bitcoin exchange. People start an account on his exchange,
then convert their US dollars to bitcoin. They may transfer the bitcoin to an outside account,
either that of someone they are doing business with or to some private key which they own. But
what if they leave their bitcoins with the exchange, in their “Wallet”?
!The customers of Hack cannot check transactions or verify their ownership of coins on the
block chain. At the point the principles of the Satoshi model cease to exist. The naive end user,
perhaps not understanding the subtle distinction, has substituted trust in a third party for the
capability of trustless transactions. He has accepted a “promise to pay” instead of ownership of
bitcoins. If an individual does not own the private keys, he cannot be said to own bitcoins.
Trust is a strong habit.
!3HAYES - TRUST - TRAGEDY OF THE VICTIM
Some wallets don’t display the private keys or particularly help the user find them.
BitcoinQT is one such. There is no menu item to “show private keys”. The menu and help
options do not describe private keys. It is there, but it is fairly well hidden. BitcoinQT forces the
user to go to command line options to get the private keys. This is a very high level of security,
since the user himself does not know the private keys until he requests knowledge of them from
the program.
There is no question that if one moves funds from a web wallet to a version of BitcoinQT
on a private computer, that person has ownership of those bitcoins. To take them away requires
hacking into or taking the private computer. When the coins were at the web wallet service, first
they may have been pooled in common inventory and were used with ad hoc designated private
keys and public key pairs. Private keys may have been handed out to customers only upon
request, either being generated on the instant the customer request was made or having been in
existence from when the customer started his account. This is more akin to trade accounts
receivable than any form of true ownership.
Now that we have defined ownership, let us note that web wallets have many uses and
distinct advantages. Many active bitcoin users have both. They have cold storage on a private
computer or offline entirely in paper wallets, and they have an online “hot wallet” which contains
funds only in the amounts required for expected transactions. Basically, the online “Hot wallet”
has a sum of money that the user can afford to lose. But that describes a competent and perhaps
a sophisticated bitcoin user.
So what of the newbie, one who comes into the world of bitcoin knowing little, buys some
coin on an exchange, and who many not even know how it functions. He may engage in a few
transactions, but his primary interest is investment. The user comes into the virtual currency
market preferring or knowing only of trusted third party intermediaries. A sophisticated and
seasoned investor in the stock markets or other forms of investments may make this error without
even thinking. The very concept of trust being an error would shock him.
Hypothetically, an exchange or web wallet company could attempt to give each customer
private keys, and could operate in a fashion where each customer’s money and coins was
separated and not in a common pool. It would even be possible using M of N transaction
systems to have a web wallet company system in which customer funds could not be meddled
with, hacked or stolen. However it would be incumbent upon the company implementing these
!4HAYES - TRUST - TRAGEDY OF THE VICTIM
features to explain the issues clearly and simply enough that new incoming users understood the
advantages and gravitate towards them.
!The Proper Role of the Exchange and the Web Wallet
A bitcoin exchange exists to facilitate conversion between fiat currency and virtual. But
many have a second function - facilitating on line transactions and use of the virtual currency.
Many seem to have acquired a third function - the repository of customers’ virtual or fiat
currency.
What happens when customers leave their bitcoins or their cash on the exchange? To
understand let’s take two hypothetical exchanges, and look at their business structure and it’s
effects on the balance sheet, profit, and operational risk. Assume they operate by taking a 1%
commission on conversions from and to fiat and virtual.
For $100,000,000 face value of transactions in one month, the commission would be
$1,000,000. If average stay time for a transaction was a week, the exchange might on the
average hold something like $25,000,000 of customer funds. This would be divided between fiat
and virtual currencies. If 50% of the customers left their coins or money with the exchange, in a
year the exchange would be holding a pool of $600,000,000. Out of this it could handle
promises to pay as and when they arose. Risk exists, obviously. The risk can be computed
mathematically based on the fraction of holdings in bitcoin versus currency, and a range of
possible values for bitcoin.
For this paper we leave those risks aside. The point is when…. and why, if ever, would the
exchange encourage the customer to take possession of his coins?
A hypothetical exchange that refused to hold customer funds, which for example did the fiat
to bitcoin conversion and then immediately sent the coins to the customer provided address,
would have a running balance of about $25,000,000. But an exchange which sent the coins to
customers immediately 50% of the time, and 50% of the time kept them for long term storage,
perhaps assuring the customer that they were “in safe and offsite storage” would see something
quite different. Within a year, such a company might easily be sitting on hundreds of million
dollars in customer assets. That’s without the fiduciary safeguards of the banking and investment
industries. Many businessmen, either for reasons of greed, ego, unethical inclinations, or simply
!5HAYES - TRUST - TRAGEDY OF THE VICTIM
to satisfy stated and desired customer demand, would opt for the latter business structure. Any
error in the ratio of value between the two inventoried items - currency and bitcoin - would be
reflected in that exchange’s ability to pay it’s customers if they demanded what they were owed.
Exchanges all uniformly require their customers to deposit funds in fashions that prevent
chargeback risk to the exchange. Before the customer is allowed to trade fiat for bitcoin, the fiat
transaction must be one hundred percent settled and non reversible. Delivery of bitcoins is non
reversible, and if the exchange did not adequately protect itself from the possibility of a
fraudulent reversal, it could have serious problems.
But after purchasing the bitcoins, the customer is exposed to all these identical risks and
more, without the safeguards the exchange provided for itself.
!The Silence of the Bitcoin Exchanges
Finally I come to the third issue, the attitude and response of the user community to these
factors. The bitcoin community has a small core of very knowledgable people. It has a vast, and
growing majority of users who are fairly ignorant about the details of Bitcoin. And many are
quick to suggest the latest exchange with good features, fast response and reasonable fees. But
seldom has the very concept of ownership versus a “Promise to Pay” been described. Even if
Laisse Faire, clear and simple statements regarding ownership and trust relations cannot help but
improve the growth and operation of the bitcoin economy. Because the Satoshi model is a
mathematical model, any proposed deal, including those as simple as a sale of bitcoins from
Hack to Jane, can be measured in quality against the model of trust less transactions by
Nakamoto.
The Nakamoto model does not allow or require banks or governments to say “Trust us”
and the user to nod his head and do so, but neither does it allow or require exchanges or third
party intermediaries to be trusted. The only plausible way to judge the quality of a business
proposal involving bitcoins is against the Satoshi Nakamoto model.
!Summary
In conclusion I propose clarity in definition of ownership versus of “Promise to Pay” based
on the strict Satoshi model. The suggestion is made that the relationships be measured by the
!6HAYES - TRUST - TRAGEDY OF THE VICTIM
Satoshi model. This is often in opposition to the prior habits of customers and the business
interests of exchanges. Silence on the issue of what comprises “owning bitcoin” on the part of a
bitcoin exchange is a purposeful effort to increase holdings by that company, possibly in a very
deceptive manner.
!Contact me if you like at mike AT makersofthemoon DOT com.
!7HAYES - TRUST - TRAGEDY OF THE VICTIM