Yes, I’m (increasingly) long bitcoin.
Here are notes from a good bitcoin primer/academic paper I read, Bitter to Better: how to make bitcoin a better currency (from Palo Alto Research Center and UC-Berkeley).
The paper was published in 2012, and given how quickly the bitcoin community moves, some parts are likely outdated (when they wrote the introduction, each bitcoin was worth $5!).
The paper addresses 2 questions. Direct quotes:
1. Despite three decades’ research on e-cash, why have e-cash schemes not taken off, while Bitcoin — a system designed and initially implemented possibly single-handedly by someone previously unknown, a system that uses no fancy cryptography, and is by no means perfect — has enjoyed a swift rise to success?
2. Does Bitcoin have what it takes to become a serious candidate for a long-lived stable currency, or is it yet another transient fad?
The answer to #2 is clearer today. In particular, I enjoyed Marc Andreessen’s answer (one reason: bitcoin is a 4-sided network effect among payers, recipients, miners, and innovators).
Some bitcoin basics (from the paper):
- It’s a peer-to-peer network that broadcasts to all nodes
- There are two types of broadcasts: transactions and blocks (record of vetted, valid transactions); both types are addressed by a hash of the object data
- Incentive for block creation: collection of fees and minting of new coins
- When a new block is created and broadcast, it may include a special generation transaction which awards the block creator a (decreasing) number of coins (called a “coinbase”); the coinbase also claims all the fees in the transactions collected in the block
- The rate of block creation is metered by a “proof of work” that adjusts in difficulty to maintain a constant rate: once every 10 minutes
- Each block references a chronologically prior block, thus forming a blockchain of all transactions
- The number of coins awarded for each coinbase decreases until total bitcoin supply reaches 21M (today we’re at ~12.2M mined at a pace of 200K new coins/month)
- If two blocks are published nearly simultaneously, the blockchain (and last block) whose proof of work was the most difficult wins
On to question #1.
While bitcoin does not have “fancy cryptography”, it is quite innovative in addressing incentive problems and has the following strengths:
- Distributed architecture with no central point of trust – with its associated pros and cons (eg, for the USD that would be the Federal Reserve)
- Strong incentives to mine bitcoin and verify transactions
- Predictable money supply – bitcoin is mined at a fixed rate of one block of new coins (exact number varying) per 10 minutes
- Ease of dividing and recombining bitcoins to create any denomination; other e-cash systems have standard denomination amounts which increase transactions costs
- Open-source with a strong community supporting it
- Option to embed scripts in each transaction to power things like rich metadata, contracts, escrow and dispute mediation
- Irreversible transactions with complete transaction history (good for merchants concerned about credit-card fraud and chargebacks)
- Low transaction fees (optional and chosen by payer)
Now to question #2, bitcoin’s problems and potential solutions:
The authors’ chief concern is that bitcoin is deflationary. There is a cap on total coins, and (less importantly) coins are lost when private keys are forgotten or destroyed. For example, back when this paper was published, there were 7M coins, and already tens of thousands were reportedly already lost.
Given that the bitcoin industry and community are working hard and fast, I assume some (if not all) of the below has already been addressed and possibly solved.
- Incentive to hoard – because of the 21M cap, there is an incentive to hoard which is pronounced in times of crisis (remember people lining up by the hundreds to withdraw cash from banks during the Great Depression?)
- History revision attack – in theory, an attacker could publish a fake blockchain whose last block has a higher difficulty proof of work than the real blockchain, causing the fake blockchain to be accepted as the real one and thus replacing all existing blockchain history
- Theft or loss of bitcoins – thieves could forge your digital signature or steal your private key, or you could simply lose it. Solutions include distributing a private key amongst several computers, or each user having a remote superwallet (for storage) and local subwallet (for spending)
- Scalability challenges – the blockchain grows linearly, adding computational strain especially for everyday users; transaction confirmation is delayed ~10 minutes (the time required for new block creation)
- Anonymity-and-trust tradeoff – using multiple public keys increases anonymity, but there are still transactions where multiple public keys can be linked back to the same user; there are services called mixers which address this issue, but the authors end by proposing an alternative approach called a “fair exchange protocol”