April 17, 2014

avatar

Bitcoin hacks and thefts: The underlying reason

Emin Gün Sirer has a fascinating post about how the use of NoSQL caused technical failures that led to the demise of Bitcoin exchanges Flexcoin and Poloniex. But these are only the latest in a long line of hacks of exchanges, other services, and individuals; a wide variety of bugs have been implicated. This suggests that there’s some underlying reason why Bitcoiners keep building systems that get exploited. In this post I’ll examine why.

[Read more...]

avatar

Why Dorian Nakamoto Probably Isn’t Satoshi

When Newsweek published its cover story last week claiming to have identified the creator of Bitcoin, I tweeted that I was reserving judgment on their claim, pending more evidence. At this point it looks like they don’t have more evidence to show us—and that Newsweek is probably wrong.
[Read more...]

avatar

Understanding Bitcoin’s transaction malleability problem

In recent days, several Bitcoin exchanges have suspended certain kinds of payments due to “transaction malleability” issues. There has been a lot of talk about why this happened, and some finger-pointing. In this post, I will try to unpack what “transaction malleability” is and why it has proven to be a problem for some companies.
[Read more...]

avatar

Why the Cornell paper on Bitcoin mining is important

    Joint post with Andrew Miller, University of Maryland.

Bitcoin is broken, claims a new paper by Cornell researchers Ittay Eyal and Emin Gun Sirer. No it isn’t, respond Bitcoiners. Yes it is, say the authors. Our own Ed Felten weighed in with a detailed analysis, refuting the paper’s claim that a coalition of “selfish miners” will grow in size until it controls the whole currency. But this has been disputed as well.

In other words, the jury is still out. But something has been lost in all the noise about the grandiose statements — on their way to getting to their strong claim, the authors make a weaker and much more defensible argument, namely that selfish miners can earn more than their fair share of mining revenue. [Read more...]

avatar

Bitcoin isn’t so broken after all

There has been a lot of noise in the Bitcoin world this week about a new paper by Ittay Eyal and Emin Gun Sirer (“ES” for short) of Cornell, which claims that Bitcoin mining is vulnerable to attack. In a companion blog post, Sirer says unequivocally that “bitcoin is broken.” Let me explain why I disagree.

This post has three parts. First, I’ll give some necessary background on how Bitcoin works. Second, I’ll explain the essence of the ES attack. Third, I’ll explain a serious flaw in the logic of the ES paper and why, as a result, the ES attack is not nearly as scary as they indicate.
[Read more...]

avatar

Silk Road, Lavabit, and the Limits of Crypto

Yesterday we saw two stories that illustrate the limits of cryptography as a shield against government. In San Francisco, police arrested a man alleged to be Dread Pirate Roberts (DPR), the operator of online drug market Silk Road. And in Alexandria, Virginia, a court unsealed documents revealing the tussle between the government and secure email provider Lavabit.
[Read more...]

avatar

Regulating Bitcoin

On Tuesday the State of California sent a letter to the Bitcoin Foundation, saying that the Foundation might be in violation of California’s law against running an unregistered money transmission business. The letter isn’t important in the grand scheme of things—it’s clear that the Bitcoin Foundation isn’t transmitting money—but it does raise the obvious question of how governments will try to regulate the use of Bitcoin.
[Read more...]

avatar

Open-source Governance in Bitcoin

Josh Kroll, Ian Davey, and I have a new paper, The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries, from the Workshop on Economics of Information Security. Our paper looks at the dynamics of Bitcoin, how resilient it would be in the face of attacks, and how Bitcoin is governed. Today I want to talk about governance in Bitcoin.
[Read more...]

avatar

The low-transaction-fee argument for Bitcoin is silly

A common argument advanced by Bitcoin proponents is that unlike banks and credit cards, Bitcoin has low (or even zero) transaction fees. The claim is a complete red herring, and in this post I’ll explain why.

Let’s assume for the purposes of argument that Bitcoin transaction fees are, in fact, zero. There are small mining-related transaction fees, but it seems plausible that these fees will always be far smaller than those associated with traditional banking.

Why do banks and credit cards charge those annoying fees? A major reason is fraud. Banks eat the cost of fraudulent transactions, but pass on the cost to the customer by taking a cut of each legitimate transaction. Fraud is not an artifact of a particular system that we can design away — it is inherent to every form of money handled by humans. To compare Bitcoin meaningfully with traditional banking, then, we must ask how big fraud-related losses are for Bitcoin users.

Framed this way, the comparison is not a happy one for Bitcoin. From thefts of wallets to hacks of Bitcoin exchanges, fraud in the Bitcoin ecosystem is rampant. It only gets worse when we add sources of risk other than fraud. A recent study found that 45% of Bitcoin exchanges shut down. Several of the rest have suffered attacks and losses.
[Read more...]

avatar

How Consensus Drives Bitcoin

Josh Kroll, Ian Davey and I have a new paper on the dynamics of Bitcoin, which we’re going to release in a few days. This post is the first in a series exploring our paper’s analysis of why Bitcoin works and what could derail it.

Consensus drives Bitcoin. Like any fiat currency (a currency not backed by anything of intrinsic value), Bitcoin has value because of an expectation that people will continue to accept the currency in payment. Like Tinkerbell, who exists because you believe in her, Bitcoin has value because enough people believe it has value. This much is true for all fiat currencies.

But Bitcoin is not just a currency, it is also a technology—and that technology must function correctly for the currency to operate and retain its value. In particular, there are two additional forms of consensus that must exist for Bitcoin to operate.
[Read more...]