Imagine a prize of $1 trillion. Let’s say it’s not legal to claim it, but what if nobody could trace it? Would you do it? If not you, then I’m sure there would be plenty of people waiting in line behind you. Keep that in mind.
Also read: The Fraud of Intellectual Property
From time to time I hear “central banks could issue e-currencies on blockchains!”. Before dwelling on the details on why that isn’t possible, let’s consider an “Einsteinian thought experiment.”
What is Secure?
Let’s begin by asking ourselves the question: How do we know that a computer system is secure and not being tampered with?
A system consists of several components: software, hardware and networks, each component being vulnerable to attacks. Software means that something is programmable. We all know what malware is and how difficult it is to detect whether malware is present in your computer. Yes, we have anti-virus protection, but that is by no means a foolproof method, especially if you are being targeted.
Hardware can be specialized and “sealed” so it is not programmable. Then the trust of that hardware is left to its manufacturer.
In the late 90s I was working with PKIs (Public Key Infrastructures) and with smart cards that had the ability to generate private-public key pairs, so that the private key never left the smart card. The randomized private key was internal only to the smart card itself. Some great effort was put in place so that the smart card didn’t leak the private key (protecting itself with tamper-proof technology.)
But if I have a black box with the capability of randomized internal keys, how can I know it’s truly random? What if the hardware manufacturer, in this case the smart card manufacturer, after a certain time (say after a year) suddenly swaps the random generated numbers with something deterministic? You could even imagine planting a Trojan horse consisting of a piezoelectric microphone triggered by some special sequence of snapping fingers. It would then switch from “random” to “apparently random.” You could then could bribe someone with physical access to the device to snap their fingers. There are millions of similar ideas. If you can “win” $1 trillion, I promise you that this will happen sooner or later. The “black box” hardware approach is inherently insecure; it’s a dead end.
What about general purpose programmable hardware? Possibly running the same software from multiple hardware vendors. That’s a much better approach, but there’s a catch. Private keys are now no longer private. At least not as private as in the case of the “black box” approach. This means that the private keys must be transported between two general computing devices. That by itself is accessible to attacks. If it’s possible to transfer private keys, so can malware.
The Importance of Consensus
When you think hard about this problem, there are only two joint mechanisms that together can protect you from all such attacks. The answer? Consensus AND decentralization.
Consensus means that the rules are set in stone and that they are publicly accessible to anyone who can choose to independently verify that the rules are being followed. Decentralization is important so that many independent checks of consensus can be done consistently. If the number of devices that checks consensus is small (and/or centrally controlled) then again, it is vulnerable to attacks.
Thus, anything with private keys is not tamper-proof. As explained above, custom/specialized hardware does not solve this problem. Bitcoin shows how vulnerable private keys can be. We have witnessed multiple thefts on bitcoin exchanges, but the theft of bitcoin funds does not mean the integrity of the network itself is at stake. Quite the contrary. Why is that?
It is because the integrity of the bitcoin network is never secured by any secrets / private keys. The money supply of bitcoin is based on a consensus rule. Validating the authenticity of your bitcoin is achieved by tracing all previous transactions back to their respective coinbases. The coinbases themselves are just the first transactions of every block whose amount is a mathematical function of the block number; a consensus rule easy to publicly check for violations.
In contrast, a central bank, who must mint new coins at will, cannot rely on a consensus rule. Presumably there must be some “secret” that can be used to prove that an “e-coin” is valid. No matter what that is, it is open for attacks. Note that even if the “e-coin” itself does not carry a signature, the central bank can still not ensure the integrity of their own systems: how do you know that the “money at the servers” are not being tampered with?
This is yet not an ironclad argument. There’s one more possibility. What if the central bank would publicly announce every time it changed the money supply? This means the consensus rules are changed at every such instant (this would correspond to a hard fork.) However, there are multiple problems with such an approach:
When changing the money supply, you still need to tell where the money should go. If the central bank is using it to buy bonds (a.k.a. “quantitative easing”) then those funds can also be stolen by an insider, or the buyers must be part of the consensus rule changes.
Base money supply is changed w.r.t. interest rates if the base money is kept at the central bank. Every day the base money supply (M0) is changed.
If we need to change the consensus rules every time (with (1) & (2)) it yields “consensus rules breaking fatigue;” it just becomes too difficult to keep track. If the rules keep changing they aren’t rules.
Full Independent Validation
The only foolproof mechanism is the ability to do full independent validation. Something which is only possible to do if there are no secrets protecting the system itself. It is the only known mechanism that is secure enough. It was invented 2008-2009 by Satoshi Nakamoto. Before that, it was largely believed that it was a problem that could not be solved. This is also why I was very dismissive towards bitcoin when I first heard about it. I was utterly shocked when I realized that Satoshi had solved this problem.
Any attempt to modify this setup by adding “private keys for controlling something” essentially destroys network security. It’s like the Born rule in quantum mechanics; the interference pattern is lost and there’s no way around it.
Bitcoin Block Size Debate
This is the same reason why the block size debate of bitcoin is so contentious. If the ability of “full independent validation” is lost, for example, only a small number of resourceful entities can “verify the rules,” then those can be bribed and/or coerced. I have no idea what block size should be considered safe. As technology progresses in both hardware and software bigger block sizes can be tolerated, but it is a delicate issue that shouldn’t be taken lightly. I hope that all participators of the bitcoin community can sit together and reason sensibly about these matters. Personally, I’m very neutral to the “bigger blocks” debate.
Once upon a time, rich people and the government joined forces for the regulatory capture of money. It happened in 1694 when the Central Bank of England was created. Let’s ensure this does not happen with bitcoin. It’s such a masterpiece of technology, which happens maybe only every 10th generation. I’m forever grateful that it happened during my lifetime.
Do you think central banks will be able to issue and manage e-currencies successfully? Let us know in the comments section below.
Images via Shutterstock.
This is an Op-ed article. The opinions expressed in this article are the author’s own. Bitcoin.com does not endorse nor support views, opinions or conclusions drawn in this post. Bitcoin.com is not responsible for or liable for any content, accuracy or quality within the Op-ed article. Readers should do their own due diligence before taking any actions related to the content. Bitcoin.com is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any information in this Op-ed article.