Wednesday, May 18, 2011

Ben Laurie Blathering on Bitcoin

Yesterday seemed to be the day for visceral reaction to the burgeoning bitcoin ecosystem. Starting off the day was Ben Laurie, creator of lucre, which is an implementaion of David Wagner's Diffie-Hellman variant on Chaumian blinding. He also wrote Apache-SSL, the basis of most SSL-enabled versions of the Apache HTTP Server, and is a co-author of OpenPGP Software Development Kit. Ben Laurie is a founding director of the Apache Software Foundation.

Given that backdrop, Ben blogged about bitcoin:
"A friend alerted to me to a sudden wave of excitement about Bitcoin.

I have to ask: why? What has changed in the last 10 years to make this work when it didn’t in, say, 1999, when many other related systems (including one of my own) were causing similar excitement? Or in the 20 years since the wave before that, in 1990?

As far as I can see, nothing.

Also, for what its worth, if you are going to deploy electronic coins, why on earth make them expensive to create? That’s just burning money – the idea is to make something unforgeable as cheaply as possible. This is why all modern currencies are fiat currencies instead of being made out of gold.

Bitcoins are designed to be expensive to make: they rely on proof-of-work. It is far more sensible to use signatures over random numbers as a basis, as asymmetric encryption gives us the required unforgeability without any need to involve work. This is how Chaum’s original system worked. And the only real improvement since then has been Brands' selective disclosure work."

Ben, I usually like your work and I also go back the 10 or 20 years in digital bearer certificates. But what has changed from the Chaumian (or even Brands) days is that distributed p2p architecture has flourished. It has flourished not only for efficiency but for ultimate survival. It would be irresponsible and naïve to think that a centralised issuing mint (required to prevent double-spend) can avoid shut-down if that were the goal of the authorities. Historically, bitcoin is really a peer-to-peer implementation of Wei Dai's b-money proposal and Nick Szabo's Bit gold proposal.

However, the more important consideration for digital bearer cash is that true, auditable reserves (metals or otherwise) themselves create a single point of failure through confiscation. Bitcoin has no reserves and it has value precisely because it has purchasing power. It is a fully nonpolitical unit of value with transactional non-repudiation and two-way convertibility.

Bitcoin’s author commenced a fairly lengthy (and robust) exchange on the cryptography mailing list thread prior to the January 2009 software release. It covers multiple exchanges on a broad range of topics and it is required reading for cryptographers. Regarding the prevention of double-spending, the network implements a peer-to-peer distributed timestamp server utilizing chained proofs of work which then provides the confirmations to the client. This transactional block-chain has permitted decentralisation without compromising integrity and that in itself is a major change from the prior practice of reissuing digital tokens at a centralised mint.

I’m really surprised that a friend had to ‘alert’ you to bitcoin. Realizing that all money is a mass illusion in some way or another, I would prefer to trust in cryptography than to trust in God and I thought you would as well.

Completing the day was Adam Cohen's nonsensical answer on Quora to "Is the cryptocurrency Bitcoin a good idea?", which was elegantly refuted by Sean Lynch and Brandon Smietana. This was followed by Victor Grishchenko's critical piece on bitcoin, which is slowly being negated on the Bitcoin Forum.

For further reading:
"Underappreciated (ii)", Nick Szabo, November 21, 2006
"RPOW - Reusable Proofs of Work", Hal Finney, August 15, 2004


  1. I don't understand why people think a currency shouldn't deflate. Oh, yes, I understand how their argument goes ... that if you hold onto your money it will gain in value, and so you'll never spend it. Trouble is that that argument applies to receiving interest on your money. 5% deflation per annum is identical for this reason to 5% interest per annum.

  2. Great article. There are many bad arguments, both criticisms and sales pitches, about Bitcoin running around in need of correction.

    The most popular criticism in libertarian circles invokes Mises' regression theorem to argue that Bitcoin won't work because it isn't arising from a preexisting commodity. But all the regression theorem says is that money _can_ arise without foresight based on use as money emerging from use as a commodity. It doesn't say that money, even non-fiat money _must_ arise that way. There are many other factors involved, including, with our considerable economic knowledge, foresight. Just as we can foresee that some designs for stock exchanges will lower transaction costs more than others, so can we foresee such things for different currencies based on their security, trust, convenience, etc. properties. Not that our foresight is anywhere close to perfect -- there are a number of ways in which Bitcoin could fail. Just that we don't actually need a preexisting commodity to get the ball rolling, such as making shiny jewelry, any more than a stock exchange has to be useful as jewelry or anything else before it becomes useful for trading stocks.

    Two possibly quite valid criticisms of Bitcoin are that (a) the most obvious initial markets for Bitcoin are illegal (money laundering for dictators, drug dealers, etc.) and that the security of Bitcoin has not been, AFAIK, audited by talented cryptographers. Grischenko does have some insightful comments which are disconcerting. The claim that Bitcoin provides "anonymity" in particular is exaggerated: it relies on other mechanisms for anonymity as Bitcoin itself links all transactions. Every peer keeps the transaction history of all peers. So it's not at all clear that those other mechanisms in conjunction with Bitcoin will actually provide sufficient anonymity. It just doesn't have anywhere close to the much stronger anonymity properties provided by Chaumian cash.

    OTOH it has something far more important and useful (beyond the illegal markets) than anonymity, namely Byzantine distributed trust.

    Incidentally, while not discounting Nakamoto's ideas and implementation which are nothing short of genius, most of the main ideas behind Bitcoin came from a guy who also wrote a great article about the nature of money and how it can arise in ways other than how Menger and Mises described. Besides failing to recognize the advantage of Byzantine distributed rather than centralized trust, Laurie is missing Szabo's idea of "unforgeable costliness" and how non-fiat money is a subset of "collectibles" that have this property (regardless of whether they emerged a la Menger and Mises from preexisting commodities or not):

  3. The technical arguments here are a bit over my head. But there is one thing in Ben Laurie's critique that too I questioned when I first came across Bitcoin. This is the mining aspect & why Bitcoins are costly to make. It didn't seem to make sense to me.

    However, with hindsight I can see that the ability to 'mine' Bitcoins has helped to hook people into the currency and given it momentum. It might be a pointless exercise technically (I simply don't know), but i reckon its been hugely important in Bitcoin's success so far.

  4. I may start taking "bitcoins" seriously when my spell check no longer flags it and, or I can purchase nano "bitcoins".

  5. Quote
    ... I have to ask: why? What has changed in the last 10 years to make this work when it didn’t in, say, 1999, when many other related systems (including one of my own) were causing similar excitement? Or in the 20 years since the wave before that, in 1990? As far as I can see, nothing.

    1999? How about the introduction of the euro in January and the Central Bank Gold Agreement (CBGA) signed on Sept 26 in Washington, D.C.? That's my guess. Perhaps, paraphrasing the well-known saying, "Plus ça change, plus c'est la même chose", the more things appear separated, the more they are connected. Perhaps not. What do I know? Maybe only this:
    ... Some critics such as the Gold Anti-Trust Action Committee (GATA) however, maintain that the Washington Agreement did not serve to limit central bank gold sales at all. Rather, it served a very different purpose. According to GATA, central banks throughout the 1990s, had been leasing out their gold to privileged bullion banks, in order to suppress the price of gold, and bolster the value of their national currencies. Through the mechanism of the Washington Agreement, central banks were able to account for the sale of gold which they no longer had possession of. Therefore, bullion banks weren't required to return their leased gold by purchases of gold on the open market, which would have driven up its price. This also would have caused the value of national currencies to fall. Therefore according to GATA, the Washington Agreement simply allowed central banks to sell their gold to the bullion banks which had in fact, already leased it.
    This was documented in an article written by GATA.

    Connecting these dots is left as an exercise for the student.