12 Sep 2018
This post was originally written for an opinion series marking ten years since the announcement of Bitcoin. It was not published at the time but appears here, without change, in the form it was written in late-2018. It was originally published in Dec, 2022 and has been backdated.
Reflecting back on my almost-8-years of working on Bitcoin, I’m very proud of his far we’ve come in answering some of the biggest questions around viability of trustless financial technologies. We’ve gone from a niche technology valued by only a small handful of geeks to something discussed and debated in international financial publications. Bitcoin itself has moved on from a single software project maintained by one individual to a large ecosystem of startups, projects, and individuals the world over. Still, we must not allow our progress to make us think that we’re guaranteed success, however that may be defined. Cryptocurrency’s many detractors, more often than not, raise legitimate issues, and the space as a whole has some serious soul-searching to do when it comes to the types of projects we prioritize.
The broader cryptocurrency community seems to get mired in so many debates on technical minutia that it becomes easy to lose sight of the bigger picture. After all, cryptocurrency will never compete with systems that more directly utilize the efficiencies that trusted parties provide. Even the costs involved in slightly reducing trust in single third parties introduce massive engineering and user experience tradeoffs that almost always make such systems simply uncompetitive. And yet, the cryptocurrency ecosystem seems hell-bent on compromising its trustless origins to eek out a few multiples in performance or “scalability,” all while remaining orders of magnitude away from the user experience of systems with similar trust models. There are simply no use-cases for a financial system in which three entities must cooperate to seize or freeze assets instead of one, especially when that seizure is ordered by a western government with cross-jurisdictional financial reach.
Instead of attempting to compete with centralized alternatives in the broader market, the cryptocurrency community should focus on places where there simply is no competition. After all, no one outside of cryptocurrency has managed to design a similar financial product without a trusted third party despite over 30 years of trying. If we can execute on this vision, those facing financial censorship or collapsing financial infrastructure at home could finally have an alternative to go to for financial services. Sure, that alternative will never significantly improve on the user experience of more centralized alternatives for most use-cases, but by focusing on markets where trustlessness provides genuine value we can generate real adoption that doesn’t come and go with the latest investment bubble, and broader adoption can come in its own time.
Of course utilizing “blockchain technology” to create fictional decentralization can provide all the features we want to get out of Bitcoin’s decentralization with few of the tradeoffs for quite some time, but the benefits of such regulatory arbitrage are dubious, at best. Regulators have a tendency to move slowly, and it can often take tens of years for them to fully understand the contours of their powers and utilize them to shut down behavior they dislike. However, if a system can be controlled by a handful of entities, it eventually will, and no amount of claims about the value of “decentralization” or jurisdiction hopping will stop that.
In order to focus on adoption, however, we need to move on from asking “how” we can make a blockchain go faster, to asking “why” such a system will likely provide long-term benefits for its users that cannot be more efficiently and better replicated with more centralized alternatives. What is the point of building a “better blockchain” that “scales” by replacing the attempt at decentralized ledger-keeping that Bitcoin’s Proof of Work represents with something that clearly will never be more than a handful of companies or individuals confirming transactions? Ultimately, as capital centralizes in a few hands as it has through all of human history, does a Proof of Stake blockchain provide any value for its users that a cluster of high-performance databases run by the inevitable few entities with the vast majority of the capital couldn’t? Do cats really need to be on a blockchain, or can we instead keep them on a server somewhere that provides an identical public interface so anyone who wishes to display or trade them can build their own application to do so?
It is very easy to be swayed by an argument that, because Bitcoin’s Proof of Work is currently fairly centralized, an alternative system need only be equivalent to be worth consideration. This, however, misses the obvious point that if Bitcoin’s Proof of Work were never going to become more distributed and control-resistant than it is today that we may want to start rethinking the viability of cryptocurrency as a whole. Luckily, we have lots of room left to shift the needle on the control-resistance of Bitcoin’s mining system, but the effectiveness and adoption of such proposals remains one of my the biggest long-term concerns for Bitcoin’s (and cryptocurrency’s) future.
As much as building a future we want to see requires focus, we should obviously also take this opportunity to celebrate how far we’ve come in demonstrating Bitcoin’s resilience. What was once a system endeavoring to be “trustless” while its rules were changed by its founder with little outside input or review, the consensus rules of Bitcoin today are not subject to the whim of any one group alone. Prior to the events of 2017, one might have reasonably concluded that any one of a number of different groups had outright control over the rules which govern all Bitcoin users, be it the diverse community of developers working on key Bitcoin software, Bitcoin’s many miners and pool operators, or the largest cryptocurrency businesses. However, despite the outward chaos that was the activation of Segregated Witness, the failure of each individual group in succession to make changes to the rules without the agreement of others showed a resilience that will be critical to any future in which no group of third parties need be trusted to use Bitcoin.
While the originally-proposed release of SegWit saw strong support from across the development community and Bitcoin’s most vocal users, it was met with apathy from the business community and outright hostility from many miners. Thus, despite the best efforts of many to advocate for the benefits and relative few drawbacks of such a change, the original activation method went largely nowhere. A vocally frustrated group of users pushed for the forced activation of SegWit in the form of BIP 148, despite condemnation from most developers for its hasty nature, further inflaming tensions. Finally, the backroom dealing between miners and businesses that led to Segwit2X turned what was a roaring dumpsterfire into a full-fledged emergency. Only when the design of Segwit2X was amended to be compatible with BIP 148 did the two efforts converge and lead to the activation of SegWit, again in spite of the condemnation of the timeline and lack of consensus of both efforts by much of the development community.
Still, with both developers and vocal users shown to not have unilateral control over Bitcoin, one might have reasonably concluded that a group of business leaders may yet be able to exert control. However, with the failure of the second half of Segwit2X thanks to user, developer, and market pressure it become clear that, at least as of 2017, many diverse groups have the ability to veto changes to the rules that govern all Bitcoin users, and no such group can make changes unilaterally.
While the events of 2017 were in no question formative to the fledgeling governance process of Bitcoin’s consensus rules, even the solace we take in each groups’ failure must not be taken for granted. After all, a large number of new users entered the Bitcoin community after the Twitter brawls that characterized the mid-2017 Bitcoin community. We must ensure that the lessons we all took from the many key events in Bitcoin’s history not be forgotten and be accurately communicated to each new generation of Bitcoin users.
Despite the many headwinds and challenges of focus the cryptocurrency community faces over the coming years, the diversity of interests and maturity that has developed in the community over the past ten years, not to mention its explosive growth, gives me great hope that, as long as we define it correctly, the next ten years may be one of cryptocurrency’s success.
28 Feb 2017
A few months ago I ran a hacker residency program with Chaincode Labs where we taught about Bitcoin philosophy, security, implementation, and technology. This is the first in a series of posts in which I’m going to write up some of what we discussed, hopefully making Bitcoin protocol development more accessible and helping frame discussions around proposed changes to the system.
Before I can begin talking about Bitcoin’s security model or protocol development generally, we have to agree on one thing: what IS Bitcoin? Or, at least, what are the key features of Bitcoin that we must protect as we endeavour to change the system?
Of course Bitcoin is many different things depending on whom you ask, but to understand what is critical to its operation, we need to understand why people use Bitcoin. Ultimately, the properties which must be maintained are those which users of Bitcoin care about, not some arbitrary design decisions which its creator picked out of a hat.
Of Bitcoin’s many properties, trustlessness, or the ability to use Bitcoin without trusting anything but the open-source software you run, is, by far, king. More specifically, interest in Bitcoin appears to almost exclusively derive from a desire to avoid needing to trust some third party or combination of third parties. This should hardly be news to anyone, but an understanding of exactly why this trustlessness is so important (and what forms it takes) is critical to building and upgrading Bitcoin technology.
The debates over Bitcoin’s future which have occurred over the past year or two have repeatedly been described as a choice between two extremes - Bitcoin is either a trustless payment system or a trustless digital gold. While this is far from an accurate characterization, it does provide a useful basis for understanding the primary Bitcoin use-cases - most can be categorized into one of these two broad categories. Further, the trust models of these two categories differ greatly, and it often seems that those arguing for one group of use-cases in favor of another are more often arguing in favor of one trust model over another.
The digital gold uses of Bitcoin are enabled largely through users fully validating the entire chain history, trusting only the open source software they run themselves to enforce the 21 million Bitcoin limit and the validation of transfers. While there is arguably some trust in miners required to ensure the entirety of the blockchain isn’t reorganized, the financial incentives baked into the system provide clear costs to such actions. Of course to ensure you aren’t trusting miners and pools to secure their operations perfectly, such users have to wait for a large number of “confirmations” (eg waiting a week or two, a timeframe on which humans can respond to issues; still, after all, it’s a long-term investment, right? What’s an extra week to buy in?).
Whether you want a digital gold because you don’t trust your national bank’s ability to protect your currency from inflating uncontrollably (or want to hedge against such a scenario) or you want to hedge against global financial contraction (and don’t want to manage the storage of physical gold), or you just want a secure medium-term settlement layer for large value transfers, avoiding trust in anyone is critical, and full validation with large work requirements can enable that.
Conversely, Bitcoin use-cases which fall more into the “payment system” category, today, almost always require a slightly reduced trust model to be practical, though to varying degrees. Clearly a payment system which requires a week or more for payment to clear would not be able to compete with much faster alternatives. Thus, Bitcoin users rely on 6 (or less!) confirmations to secure their payment, potentially opening themselves up to any number of transient attacks . Still, these use-cases end up being possible only because users can avoid some element of third-party trust by using Bitcoin, even if it requires some trust in miners.
If you want a system which provides uncensorable payments through privacy enhancements which protect users from asset seizure by governments and freezing by private institutions, you’re using Bitcoin because you don’t want to have to trust a third party. If you want an asset storage or transfer system with strong programmability and cryptographic ownership features not found elsewhere in most of the financial world, Bitcoin (or other cryptocurrencies) is likely your only option to avoid single points of failure from centralized third-party trust. Even if you only want a cheap international transfer system and don’t directly care about trustlessness yourself, you ultimately are choosing Bitcoin because you want the benefits associated with transacting without a single, centralized counterparty, and the costs (or censorship) associated with a lack of competition between such counterparties.
Clearly trustlessness and the ability to operate without counterparty risk is critical to Bitcoin’s functionality, but individual users (and use-cases) are willing to tolerate varying levels of such trust, and are willing to trust only in different parties. When considering changes to Bitcoin, it is critical that we, the community of Bitcoin users, consider the effects of such changes carefully. We must consider not only our own ability to use Bitcoin, but consider how proposed changes might require others to trust third-parties more than they currently do.
Take, for example, Proof of Stake systems. While often compared to Bitcoin, such systems have never overcome the bootstrapping problem - new users (or users who have been offline for an extended period of time, often on the order of a week or month) are not able to find the current network consensus without trusting some third-party for a current checkpoint. While this works perfectly fine for some use-cases of Bitcoin, users who wish to store away Bitcoin and come back to spend them six months later would now have the same security as a multi-signed centralized blockchain!
All that said, trust should not be discouraged where it is not otherwise harmful. Many investors who care strongly about Bitcoin’s scarcity properties are happy to trust centralized third-parties in the form of Bitcoin exchanges and “Bitcoin banks”. Many Bitcoin users who want fast payments for medium- to small-value transactions are happy to trust miners, in sufficient measure. Such trust relationships, as long as users aren’t forced into them (either by explicit requirement or sufficiently strong financial incentive), can provide significantly better user experience through faster, cheaper, and more user-friendly transactions.
Users willing to trust miners with only one or three confirmations are likely also willing to trust the lightning network and similar systems which require that a user be able to reliably get a transaction confirmed within a day or three. Users who trust the current crop of Bitcoin businesses, or at least one or two of them, might be interested in the functionality or low fees of a federated sidechain. Users looking for features like real-name recipients may even hold some money in a centralized Bitcoin bank. By building on top of, but not directly on, the Bitcoin blockchain, all of these systems can provide significant usability improvements for their users. This without introducing more required trust than necessary, at least as long as their backstop, the Bitcoin blockchain, remains truly trustless.
Sadly, the best designs we have for trustless Bitcoin and Bitcoin-like systems all fail to scale to even moderate transaction volumes. Further, in order to ensure that properties which users care about remain in place without requiring users trust others to enforce them (eg trusting miners or developers to keep the 21 million Bitcoin limit), Bitcoin must only change by consensus of its ever-growing userbase. This results in changes to the Bitcoin protocol getting bogged down in politics and social debate, hampering the agility of the system.
Putting all of this together we see a picture of where Bitcoin must evolve if it wants to retain its trustless properties while providing a usable system for its many, vastly divergent, use-cases. Users who do not need or want a fully trustless Bitcoin (eg because they want a payment system that doesn’t require weeks to confirm payments) can and should use the most optimal system which fits into their trust model - whether it be the lightning network, a federated sidechain, a merged-mined sidechain, TumbleBit, or even a trusted “Bitcoin bank”. Users which do not even want to trust miners should be free to do so, placing their transactions on the blockchain and waiting weeks to ensure even future hashpower attacks will not reverse them (and paying fees to ensure sufficient hashpower provides security for their transactions).
In order to enable users to continue to transact and trust in Bitcoin as they always have, the community of Bitcoin users must continue to enforce that changes happen only through consensus among the ever-broadening group. Conversely, in order to keep Bitcoin from stagnating unnecessarily, its community must be willing to form consensus around and make changes which help the system they wish to use without hurting others and make common-sense changes, whatever form they might take. Critically, this means that all changes which do not harm the utility of Bitcoin for any of its many use-cases, while helping others, should be made, wherever possible. I am always impressed with the social resilience of the Bitcoin community, and continue to be optimistic that it will come together with a unified vision to continue to move the Bitcoin protocol forward.