Category Archives: Cryptography

Bitcoin: Going legit with an absolutely appalling history

Recently, I had a birthday.

My dear wife had been asking me, “So what do you want for your birthday?” and frankly, I had no idea. It’s just sort of not part of my habits to think about getting gifts; I was going to bake a batch of cookies this year instead of a cake, but I hadn’t really thought about gifts. But a news story caught my eye, and reminded me of something I first looked at back in 2008: a form of imaginary nerd money called Bitcoin.

I was on the Metzdowd cryptography mailing list when Satoshi Nakamoto (who is probably not a real person) made the first version of his (or her, or their) whitepaper on the protocol public, and it had been at least interesting as a cryptographic curiosity. But, I’d been very skeptical at the time; I just couldn’t see a way for it to get widely adopted, and couldn’t see anything providing a support for any kind of nonzero valuation, and it had smelled a lot like a scam. Numerous attempts to provide an “online currency” had already failed so there was more than enough skepticism born of experience. Wide-eyed optimists had for some time been advancing online payment schemes of questionable legitimacy which finally always got shut down by legal intervention or simply failed to gain any kind of widespread adoption. It was fairly easy to mistake Nakamoto for such an optimist.

But he had at the very least done his homework;  I was going to blow him off, but Hal Finney reviewed his paper and said it was worth reading, so I had a closer look at it.  Eventually I did a code review and security audit.  Then a month or so later it was released, and I’d been periodically keeping an eye on it; at least enough to note, “hmm, not dead yet” every few months and conclude that we had been at least right about the protocol being secure enough to withstand attacks. In 2011 a journalist contacted me because of my participation in the initial discussion, and asked me what my opinion of Bitcoin was as of 2011, so I went and investigated it more closely.

The rather lengthy email that I sent to the journalist basically outlined my opinion as of 2011, which was that the protocol was reasonably secure, and that Bitcoin had most of the necessary properties to function as money, and that something much like it was probably going to become the standard way to send money from anybody with an Internet connection to anybody with an Internet connection (or from anybody with a Bluetooth device to another person with a Bluetooth device at short ranges) in the future. It was, and is, a currency capable of being digitally stored and easily transmitted with very little ranging to no account or transaction fees, across national borders, into and out of places where currency exchanges are rigged or crooked, and without exposing ones money to theft or misdirection. It really makes a compelling case for electronic payments, and potentially solves a multi-trillion dollar problem for the world.

That said, I considered it a scam. To start with, its designer had engineered in an initial phase of very high reward in Bitcoin at very low difficulty rates, before more than a few cryptography nerds like myself had ever heard of it. By the time it started to be noticed as a means of payment for anything, half of all the Bitcoin that would ever exist had already been created and rested securely in the hands of a very small group. As it appreciated in value, it made the initial investors (who were investors of extremely little actual money but considerable computer time) extraordinarily wealthy mostly at the expense of later investors, which smelled suspiciously like a Ponzi scam. You could also interpret this as a substantial reward for the early adopters who brought Bitcoin through its rough early phases, but it still smelled suspiciously like a Ponzi scam.

Once the debatable Ponzi scam had brought Bitcoin into existence, it was possible to use it for money-like purposes online — and the world desperately needs something to use for money-like purposes online. Unfortunately the early adopters who had first identified their own need for Bitcoin needed it mostly for gambling, money laundering and drug deals. Most of the trade in Bitcoin at that time was carried out on a website called Silk Road, which was (and if it still exists probably is) a sort of clearinghouse of criminal activity. So, I was guessing, at least seventy-five percent of Bitcoin’s value was probably due to the premium crooks were willing to pay for anonymity.

Don’t be surprised if you can’t find Silk Road with your favorite search engine; it’s part of the “Dark Web,” accessible only through the Tor network. Tor is another cryptographic protocol, called an “Onion Routing” system. When you send a Tor message, it is sent encrypted, and gets transferred through several computers randomly, having additional encryption and decryption applied at every step, until finally it gets to an “exit point” that transforms the Tor message into a message in some Internet protocol like HTTP. This goes out to the Internet, resulting in some response like a webpage being sent back to the exit point, and this webpage is then rendered as another Tor message, which hops through a bunch of intermediary systems and encryptions back to you. Except for sites like Silk Road, which exist only in the Tor network. Traffic between Tor users and someplace like Silk Road never leave the Tor network at all, making them darned hard to identify, let alone track.

Now, before you get angry about the existence of such an obviously criminal form of the Internet as Tor, you should know that Tor has lots of legitimate uses and has been used to do more good than harm. In fact, Tor was originally developed by the US Navy for quite noble purposes, and has served those purposes well. By obscuring the origins and destinations of emails, webpages, et cetera, it has allowed dissidents in any number of oppressive regimes to remain alive, remain informed, and communicate with the outside world. It has been used by international journalists to file stories from places where those stories would certainly have been censored out of existence and possibly led to the persecution or murder of the journalists themselves. It has provided the means of free speech to those who would otherwise be denied it, and it has allowed organizations such as Doctors without Borders to hide their locations, plans, and operations from those who would like to seize and perhaps kill their war-wounded patients, steal their drugs and equipment, or kidnap the Doctors themselves to hold for ransom. I want to be clear about this; Tor has many very legitimate purposes and is used by a lot of noble people.

But, well, evil people will use whatever they have access to for evil. So, Tor is also the home of major clearinghouses for drug deals, money laundering, gun running, smuggling for hire, and all sorts of other malfeasance, many of which, like Silk Road, do their “business” in Bitcoin. So, as I told the journalist who contacted me, it was at that time mainly a currency that served crooks. In June of that year, my opinion of the reasons for Bitcoin’s value was verified.

In June of 2011, two US senators, Charles Schumer of New York and Joe Manchin of West Virginia, wrote a letter to Michele Leonheart, the head of the US Drug Enforcement Agency, asking directly for an investigation into Silk Road and the Bitcoin payment system it used. To make a very long story short, the heat came down and as the Federal Government figured out how to properly attack it, it became clear that against a determined opponent capable of massive Sybil attacks and timing analysis, Tor is not all that secure. Further, the public record of all transactions in Bitcoin, although it holds no information about the identity of the people buying and selling, can still be used to trace the movement of the money that any particular miscreant is found in possession of.

As the crooks fled to other means of concealing their transactions during the following four months, Bitcoin lost ninety percent of its value. I had estimated that seventy-five percent of the value was due to its use by crooks; I was surprised that it had apparently been even worse than I thought. But, on investigation, it turned out there was another reason for the plunge in value; a crisis of faith in the currency brought about by a failure of one of its online markets.

During the same period, on June 19 2011, Mt. Gox, at that time the primary exchange for Bitcoin, was compromised, causing black-hats to gain access to thousands of its users’ accounts. In an hour, the price of Bitcoin had plunged from seventeen dollars to one cent as the pirates flooded the market with stolen Bitcoin. And then an amazing thing happened. By mutual agreement among the miners not to extend the blockchain containing all those transactions, they forced a massive chain reorganization, and all those transactions (and also all legitimate transactions that had taken place during that hour) were reversed as the entire Bitcoin-using community abandoned the blocks containing that transaction history. This whole thing made the price of Bitcoin fluctuate, but the people that the money had been stolen from got their coin back, and the price then remained reasonably stable at least for a few ensuing days. Still, the loss of confidence in the exchange probably contributed to its dramatic four-month fall. I can’t imagine this kind of rollback ever happening again, or to any currency with a larger circulation. Most exchanges then shut down for a week to review their security, realizing that they were now responsible for hundreds of thousands or in some cases millions of dollars worth of assets and that they had damned well better take security seriously.

This incident exposed to me a somewhat ugly truth; There is a lot more Bitcoin out there being saved than being spent. We’re talking about a relatively small fraction of the users of the currency here, and probably none of the ones with the biggest balances. People with major investments simply don’t keep their wallets online in the hands of others. The fact that the stolen coin was enough to effectively destroy the market means that the actual market in terms of purchasers and sellers is very small compared to the number of Bitcoin in circulation. So, as of June 2011, the average Bitcoin user was clearly a speculator hoarding coin on the hope that it will go up, rather than someone using it as a medium of exchange. This usually means that the commodity is in a “bubble;” people hoard it rather than using it and, should people lose faith in it, its value may fall precipitously. So, that probably contributed its own bit to the 90% decline. Yes, there’s a certain degree of tulipomania here. However, in this case I think the speculators are right. If Bitcoin fulfills its potential as a means of transferring payments online, then the value they postulate for it, no matter how inflated it seems relative to its current level of use, will be justified.

Later, from April 24 to May 1 of 2012, someone launched a massive denial-of-service attack on Silk Road. The crooks had come back to Silk Road as the heat died down, but apparently immediately (and probably correctly) concluded that Silk Road was again under attack from the Drug Enforcement Agency and got the heck out. But this time, the drop in Bitcoin’s value was only about 50%. Again, this must represent the movement of a fairly small fraction of all the Bitcoin out there; the market, as the above incident showed, was primarily made up of speculators not contributing much to the buying and selling of coin and hence to its market stability. Small movements of money can have large effects on price in such an environment.

“Hmm, the community is making progress,” I thought. In less than a year the criminal economy had gone from providing about 90% of the value to providing only about 50% of the value of Bitcoin. The speculative value as opposed to current utility value is troubling, but also means that the speculators, who are at least legitimate, account for a much greater fraction of the wealth out there than crooks, who are actively making transactions. It also revealed that the transactions the crooks were making as of that date were evidently a much smaller fraction of the total transactions being made. It occurred to me that the denial-of-service attack on Silk Road may have come from some source other than the DEA. Turned out I was right; they held it for ransom.

The motives may go even deeper though; If someone sufficiently devious wanted to speculate by owning a large number of Bitcoin, what better way to acquire the coins cheap than by temporarily driving down their value? And what better way to temporarily drive down their value than by attacking Silk Road and other Bitcoin sites in the Dark Web? That drove down their value quite nicely when the DEA did it, after all. And what better way to attack Silk Road for this purpose than to hold it ransom for the very same money you want to buy Bitcoins with? The way all the points come together here makes this scam, if I’ve identified it correctly, an absolute masterwork of scam artistry, a con man’s Picasso. Even a white-hat hacker can attack a blatantly criminal enterprise with a clear conscience, even for reasons of personal greed. Black-hats of course can do pretty much anything with a clear conscience, because apparently they don’t have any. Our unknown scam virtuoso could be either one.

In late March of 2013, the government of Cyprus, deep in financial crisis, shut down the nation’s banks, limited the amount citizens could withdraw, and began talking about appropriating a fraction of the citizens’ savings accounts in an unprecedented tax. The value of Bitcoin promptly doubled. This represented Cypriot citizens seeking refuge from a financial crisis and the bad fiscal policy that comes from it or precipitates it. It was more progress, in my book, toward legitimate use .

In mid-March 0f 2013, the US department of the Treasury issued a guidance document outlining, among other things, that in the US, virtual currency exchangers are subject to the same rules of record-keeping and fiscal integrity that apply to other currencies, and that the definition of a money transmitter does not differentiate between official fiat currencies such as dollars and convertible virtual currencies such as Bitcoin. Accepting and transmitting anything of value that substitutes for currency makes a person a money transmitter under the regulations. And, among other things, money transmitters are required to report transactions over a certain amount, or transactions deemed suspicious, to the authorities, and required to comply with “know your customer” laws that require them to collect and file ID information for those who create accounts to transact business with them — primarily so that such information can later be available for subpeonas when investigators are on the trail of a crook. This guidance document set the stage for what happened next.

Mt. Gox, which apparently got started as an exchange of Magic: The Gathering playing cards and had gone from there into game tokens and strictly imaginary currencies like video-game money, should have responded instantly to this but apparently didn’t fully understand. It was understandable that when they were founded they didn’t think of themselves as a monetary exchange and hadn’t done the corresponding paperwork nor observed the corresponding laws. They had drifted gradually into brokering deals for actual money as video-game money like World of Warcraft’s gold and Second Life’s Linden Dollars had acquired monetary value. And when they started brokering Bitcoin, it had been a sort of imaginary nerd money that was easy to mistake for the same category as game tokens or video game money. However, by 2013, it was serious business, and that guidance document whether they realized it or not was aimed directly at them and other Bitcoin exchanges. They failed to respond. It was a poor choice that would come back to bite them hard that August. It wasn’t the only poor choice that Mt. Gox made at around that time, but the $75 million dollar lawsuit they’re facing for breach of contract won’t bite them until next year at the earliest. And due to their poor choice here, there may be nothing left for that suit to fight over.

On May 30, the state of California issued a cease-and-desist letter to the Bitcoin foundation (a nonprofit organization that promotes the legitimate use of Bitcoin as a currency), stating that it might be in the money transmission business without a license, and that its officers could be subject to fines and/or jail time. According to rumors, pretty much every identifiable Bitcoin-related business with any operations in the state, presumably including Mt. Gox, received similar letters. The letter we’ve actually seen demanded a “factual response” within 20 days, which looks like a major fishing expedition to me; the state was trying to make as many of the people involved as possible tell them what the heck was going on and how it worked, so they could figure out how to regulate this new thing. This is all progress, as far as I’m concerned. It may be uncomfortable in the short run, but these are growing pains. Bitcoin can never truly be a real part of everyday life unless it goes legit, and going legit means obeying the same rules that the rest of the world obeys. The good news to me was that the value of Bitcoin was mostly unaffected by this, meaning most of the holders had accepted that it will be treated as legitimate money of some kind and were willing to accept the necessary legal infrastructure coming into place.

In July 2013, Argentina, facing inflation over 20%, restricted its currency exchanges, denying citizens the right to exchange their Argentine pesos at the advertised rates for other currencies. Predictably, a black market in currencies emerged immediately and the number of downloads of the Bitcoin software in that country tripled. Over the course of the month, Bitcoin value advanced from 89 to 102 dollars. I’d like to think that this modest rise represented Argentinian people saving money someplace where the next Argentinian financial crisis (there’ve been so many) won’t wipe it away. These people really need a global currency; the history of holding bank accounts in Argentina is long and sad in a way that consistently wipes out the value of good honest work and faithful dealings. Sadly, on finally doing the math, I’m pretty certain that the rise in value that month is primarily due to more legitimate businesses accepting Bitcoin rather than due to coming to the rescue of the Argentinian people saving money against the next horrible crisis. Either way though, it’s progress in the form of legitimate users.

Also, as regards going legit; at the beginning of August, 2013, a massive security flaw was found and exploited in the Tor Browser (a special build of Firefox that is used with an http-over-Tor protocol). This was a major crisis for Tor users, both good and bad, and a major crisis for the Silk Road — but I noted something new. Despite exposing lots of information and making Tor a very risky way to do criminal business, the value of Bitcoin merely fluctuated a little. In fact, it held recent gains, continuing to trade at about $100. It was at this point that I decided that the criminal economy was no longer the primary reason that Bitcoin had value.

I went to some major Bitcoin forums to try to verify my new opinion, and noted that the obviously-criminal noise had quieted down considerably over the past year, replaced by a sort of confusion as people realized that the legitimacy of transactions was a worthy subject of debate and that they were in a sort of gray area with respect to the law. Oh, the obviously criminal stuff is still there, buried in the archives of old conversations, and it’s still present here and there even in recent conversations — but there’s a trend, and newer posts show a definite skew toward “you need to lawyer up and know what rules your business is subject to” rather than the old “screw the rules, we’re all outlaws here” attitude.

So, back to what I wanted for my birthday. “Sweetie?” I said. “I think I want to engage in some currency speculation.” After her initial puzzled look, I explained what Bitcoin was, and outlined a plan to buy a few.

I explained to her its origins as a sort of imaginary nerd money and possible Ponzi scam, its appalling history as a medium primarily for criminal exchange, and the recent indications that it is starting to go legit. I told her that I believed that regardless of its origins it has compelling legitimate use and is destined for eventual success because it solves a multi-trillion-dollar problem of how to easily, securely, and cheaply transfer money electronically and solves it better than anything else we’ve seen yet.

It was a long and awkward discussion, but I guess I was convincing. She decided to go into this speculative venture with me.

I went to our bank and got an international money order — and learned, incidentally, that after the beginning of October that service will no longer be available there because our bank is too small to comply with some new “money laundering regulations.” I think that’s probably a direct result of the investigation of Bitcoin that the authorities had been conducting, so I considered it good news. I scanned my drivers license and a utility bill and emailed the images, so that the exchange I was using could comply with newly applied “know your customer” laws — a result of their sincere desire to do business legitimately, which I share. I didn’t use Mt. Gox, due to its previous failure to keep its accounts secure and its apparent disregard for the niceties of money-exchange laws. And also due to the fact that Bitcoin was cheaper at the more legitimate exchange. Anyway, I did the transaction.

And, on my birthday, the first day when our new investment of a few Bitcoins was showing on my computer screen, the German government officially issued a document recognizing Bitcoin as a privately issued currency for legal and tax purposes in Germany, becoming the first country to make an official public stance affirming the legality of using Bitcoin as money. On the same day, Mt. Gox had 5 million dollars worth of its assets seized from its accounts at Dwolla and Wells Fargo for failure to register a money transmitting business. These are two events, one unambiguously good for the use of Bitcoin as a legitimate currency, The other actively punishing its use by people failing to comply with legitimate regulations. And on that news, amid grumbling and cheers depending on which piece of news affected people most, the value of Bitcoin rose ten percent. To me this indicates that the users of Bitcoin, finally, for the first time, are registering an unambiguous response that shows they want and intend to go legitimate.

So, happy birthday to me! I love being right.