There has been so much tumult in bitcoin and crypto currencies over the past few days! Interest and concern extends beyond online communities. Motives vary.
Decentralized and anonymous
There are two conceptual pillars of trust that uphold bitcoin as being superior to fiat currency. The first is decentralization. The fiat currency of reference is primarily the US dollar, for the time being. Why? Because the $US is the world’s reserve currency, for now. It is highly centralized. As ideological (but not market) confidence in the $US has diminished, the appeal of an apolitical, alternative currency increases, especially one that is a fungible, stable store of value.
The second conceptual pillar of bitcoin is anonymity. US dollars held as cash will be anonymous until one wants to use them for exchange for commercial transactions of size. Bitcoin has some anonymity shortcomings, but there may be tractable remedies. That is a detailed discussion, widely covered elsewhere.
Centralization of bitcoin
All markets are game theoretic. Bitcoin is more transparently so. I really wish we could ask Professor John Nash what he thinks of bitcoin! Nash wrote a pleasant, accessible article that described bitcoin-like currency, titled “Ideal Money” a few years ago.
Did Mathematician John Nash Help Invent Bitcoin? http://t.co/AVNLfSW5bZ
— Egan J Chernoff (@MatthewMaddux) June 13, 2015
I mention game theory because monopolists and cartels can assert control as a function of mining power.
Bitcoin’s most acute concern right now is loss of decentralization. It is due to the documented, persistent existence of a 51% majority mining pool controlled by gHash.io. gHash is owned and operated by a private entity, cex.io. gHash’s market dominant behavior was noted in March 2014, but the situation was transient, unlike now. See How a mining monopoly can attack bitcoin for a chart of strategies that mining pools can pursue as a function of hash power. As a follow-up, Ed Felten confirmed that Bitcoin mining is now dominated by one pool.
Production and transaction costs
In theory, bitcoin is a perfectly smooth, zero transaction cost medium of exchange. In reality, this is possible but involves a modicum of effort.
Some bitcoin miners and many non-mining users keep their holdings in custody of a clearinghouse such as Mt. Gox or Silk Road. This does generate small transaction costs, for holding user e-wallets. In return, users benefit from the greater convenience in making purchases and sales. The clearinghouse may have an additional appeal to miners, as it offers the option of participating in a shared mining pool. Bitcoin was designed to reward early adopters; as more bitcoins are mined, more computational effort is required.
Mining Bitcoin requires processing power and electricity. In 2010, a PC with an NVIDIA or ATI GPU would have been adequate, but no longer. A new crypto currency-specific manufacturing industry has evolved for bitcoin mining equipment, using FPGAs which are more energy-efficient than graphics processing units. This was further improved by an application-specific integrated circuit (ASIC),
In other words, a chip designed from the ground up for the specific purpose of mining bitcoins. ASIC also represents the theoretical limit on the hardware capabilities of mining equipment.
The mining rigs cost tens of thousands of dollars, and create a high barrier to entry for many miners. The remedy had been to use mining pools in the cloud e.g. Amazon AWS or clearinghouse hardware.
There are costs for miners, but a monetary levy is not the worst of it. The same can be said for non-miners who have others hold their e-wallets. Trust is equally important as middle-man costs. Mt. Gox “lost” many customers’ Bitcoins, then declared bankruptcy. No depositor funds have been recovered.
Electricity cost and externalities
Mining bitcoin is costly due to mining equipment prices and the high power usage, which result in large amounts spent on electricity.
Perverse incentives motivate uneconomic choices. The most egregious and harmful behavior directly associated with bitcoin mining that I’ve seen to-date was unauthorized use of a National Science Foundation supported supercomputer to mine bitcoin. $150,000 in computing resources, e.g. electricity, were spent in order to mine the equivalent of $8000 in bitcoin. Another incident occurred at Harvard University in March 2014. The researcher used Harvard’s high-powered network of thousands of CPU cores to mine an unspecified number of dogecoins.
For an intuitive understanding of bitcoin cultural approaches to attack vulnerability remediation, see Novel method for backup of wallet seeds or private keys (not serious). Next, go play and have fun with the Bitcoin Bullshit Generator, freshly forked from the Web 2.0 Economy Bullshit Generator. It amused me.
For a detailed understanding of bitcoin vulnerability, see Dispelling some myths about Bitcoin. I don’t know the significance of the following two articles to Bitcoin. From “Ooh Aah… Just a Little Bit”: A small amount of side channel can go a long way:
We apply the FLUSH+RELOAD side channel attack based on cache hits/misses to extract a small amount of data from OpenSSL ECDSA signature requests…This means we obtain private key recovery by observing a relatively small number of executions, and by expending a relatively small amount of post-processing via lattice reduction. We demonstrate our analysis using…the Bitcoin protocol.
Using the attack described above, 200 signatures were sufficient to recover the secret key for bitcoin encryption protocol. Now, the authors have refined their approach, reducing the number of signatures to 25, see Just a Little Bit More and IACR eprint 2014/434 [PDF], emphasis mine:
We extend the FLUSH+RELOAD side-channel attack to extract a significantly larger number of bits of information per observed signature when using OpenSSL. This means that by observing only 25 signatures, we can recover secret keys…used in the Bitcoin protocol, with a probability greater than 50% …We utilize all information obtained and not just that in the least significant or most significant bits…whereas previous work require direct information on ephemeral key bits, our attack utilizes indirect information…
Nice Mr. OkTurtle @taoeffect said it was a server side issue, and not to worry.