The Satoshi Revolution: A Revolution of Rising Expectations.
Section 1: The Trusted Third Party Problem
Chapter 2: Monetary Theory
by Wendy McElroy
Cautionary Tales From Earlier Digital Cash (Chapter 2, Part 3)
There are 3 eras of currency: commodity based, politically based, and now, math based. — Chris Dixon
Cautionary Tales From Earlier Digital Cash
Versions of digital cash and online transfer systems existed before Bitcoin. DigiCash and e-gold are among the better-known ones, but neither could shake the dogged trusted third party problem. Both lacked the essential vehicle of privacy and self-banking created by Satoshi Nakamoto: the blockchain. The early systems are useful as cautionary tales, however, and they spotlight the elegance of Bitcoin.
In 1983, the renowned cryptographer David Chaum introduced the idea of digital cash in a path-breaking research paper. In 1989, he founded an electronic money corporation named DigiCash, Inc. which in turn established the electronic payment system e-cash; the actual currency or “coin” was DigiCash. E-cash has been called “technically perfect.” It built upon an earlier system designed by Chaum: Blind Signature. This is a digital signature in which the content of a message from one person is disguised and so it is not seen by a second person who signs off on the message as authentic.
The process is often illustrated by an analogy. A voter wants his ballot to remain secret but, to be counted, it must be signed by an election official who verifies the voter’s eligibility. The solution: the voter writes his credentials on the outside of an envelope, wraps the marked ballot in carbon paper and places it inside the envelope. The official verifies the credentials and signs the envelope, thereby transferring his signature to the ballot inside; he verifies the ballot without knowing its contents. The voter puts the now-authorized ballot into a new unmarked envelope which is slipped into a box of ballots waiting to be counted. The vote counter verifies the validity of the signature and the vote is recorded. But the vote counter has no idea who cast that particular ballot. Neither the content of the vote nor the ballot itself can be linked back to the individual voter. This is the essence of a blind signature and its unlinkability.
In simplistic terms, the Chaumian e-cash uses blind signatures as follows: At a bank that handles e-cash, you have an account with $20 to which a password offers access. To withdraw e-cash in sums of $1 each, you use software to generate 20 unique, random numbers of sufficient length that makes it unlikely anyone else will also produce them. The problem: you need the bank to verify that each serial number is worth $1, but you don’t want the bank to know which $1 “coin” is which because then the coins could be tracked. If nothing else, the bank could match outgoing and incoming data. This would provide the bank with information about where you shop, what you buy, your lifestyle and other aspects of life that you wish to remain private.
You “blind” each request and serial number with a special kind of encryption. The bank then receives a scrambled request on which it signs off with a private key for $1 – which affirms both the value and the authenticity of each coin. (The bank has different keys for different amounts.) The addition of the bank’s stamp converts the serial number into a $1 coin that can be used only by you. It is anonymous; the bank knows how many $1 units it stamped for you, but it cannot distinguish between those units, nor can it recognize them from any other $1 coin it has ever authenticated.
You “unblind” or decrypt the serial number with the bank’s signature, which results in a valid signed message that can be verified by the bank’s public key. The $1 coins are stored on your computer, waiting to be sent to anyone who accepts e-cash. To do so, you send someone a decrypted, signed serial number and they take it to the bank. The signature is verified, the serial number is recorded, and the amount is redeemed. Recording the number allows the bank to reject any attempt at double-spending. The bank cannot connect the transaction to your account; the recipient of a $1 coin has no idea who you are unless you choose to reveal that information.
This process is as anonymous as cash. It stands in stark contrast to online credit-card use, which involves telling a credit-card company and a recipient who you are, where you are and what you are purchasing. DigiCash is also safe from malicious people who like to steal identities.
DigiCash had an extra advantage. Because it was highly divisible, it accommodated micro-payments – payments under $10 – for which transaction costs made credit cards impractical. E-cash was perfect for transferring e-quarters and e-nickels over the Internet.
DigiCash Inc. made quite an impact on the financial community. The first bank to implement e-cash was the Mark Twain Bank in St. Louis, Missouri, but others soon followed. By 1998, e-cash was available through Deutsche Bank in Germany, Credit Suisse in Switzerland, and several other powerful outlets. But in 1998, DigiCash Inc. filed for Chapter 11 bankruptcy and subsequently sold its assets, including patents.
What happened? Explanations vary, and all may be partially true.
In a 1999 interview, Chaum claimed DigiCash was an idea before its time because e-commerce had not been firmly established. Forbes (11/01/1999) offered another explanation: “A brave new currency for a brave new world, with only one problem: No one wanted it–not banks, not merchants and, most important, not consumers. Electronic commerce is flourishing, but it turns out Visa and MasterCard–not digital cash–are the currency of choice.” Governments are in the list of those who did not like the untraceable money. It could be used to avoid taxes and commit other “crimes” – victimless or not.
A fascinating anonymous article in Next! magazine advanced an entirely different theory. Cryptographers, it explained, are generally paranoid. And Chaum was a GREAT cryptographer. The inside workings of DigiCash Inc. depicted in the article sound like a psychiatric ward rather than a tech company. Apparently, Chaum was also an abysmal businessman. One example of the article’s many stories of commercial self-sabotage: “A little later ING Investment Management was interested. This deal was about twenty million guilders [$10 million US at the time]. The plans were all laid out. ING Barings together with Goldman Sachs would also bring DigiCash to the stockmarket [sic] within two years. ‘The day we were all set to sign, David didn’t want to’, tells Stofberg [the man responsible for DigiCash’s financial affairs until August 1996]. ‘He was so paranoid, that he always thought something was wrong. There were 8 people from ING, including the CEO, and David simply refused to sign‘!”
A more interesting approach than psychologizing is to look at flaws in the e-cash and DigiCash system which contributed to its failure, and then to contrast them with the success of bitcoin and blockchain.
• Chaum believed in patent and copyright – both of which he applied to his designs. This restricted access and co-operative development by a global community of brilliant minds. Putting a price-tag on the product hindered broad public acceptance. By contrast, Bitcoin is patent-free and open-source, which gives unrestricted access and allows development to sprint forward. There is no charge for its use.
• E-cash could not get around the trusted third party problem because it needed an authorizing blind signature from a financial institution. Peer-to-peer bitcoin eliminates trusted third parties because acceptance by the blockchain is the authorization and each participant is a self-banker.
• E-cash required a centralized issuer, such as a bank. Bitcoin is decentralized down to the individual level.
• E-cash preserved the existing banking system and currency. Peer-to-peer bitcoin renders the current system irrelevant, and it menaces the existing currency.
• E-cash was vulnerable to the personality flaws of one man. Bitcoin is haunted by internal conflicts, to be sure, but no one personality can rule or wreck it because no one owns it.
• E-cash was not designed for financial freedom. The essay, “Untraceable Electronic Cash,” co-authored by Chaum, stated, “Generating an electronic cash should be difficult for anyone, unless it is done in cooperation with the bank.” The anarchists and idealists who sculpted Bitcoin wanted to empower the individual against the state and needed no one’s permission to do so.
No wonder corporations showed immediate interest in e-cash, but only recently showed interest in Bitcoin, which they now hope to patent, dominate and tame for their own purposes.
Lessons Taught By Earlier Digital Cash: E-gold
E-gold was a digital gold currency that was operated between 1996 and 2009 by Gold & Silver Reserve, Inc. In 2000, G&SR restructured and a new company, e-gold Ltd., assumed the administration of e-metal issuance and transfers. The digital currency was linked to gold – with the typical unit of account being grams or troy ounces. Like early U.S. gold certificates, e-gold represented the units of gold for which it could be redeemed on demand from stored metal. Customers with accounts on the e-gold website could make instant transfers of precious metals to other accounts. It was one of the first payment systems to allow complex global exchanges outside the traditional banking system. A critic of fiat currency and conventional banking, co-founder and libertarian Douglas Jackson had a mission: he was determined to forge a private alternative to the financial mire caused by governments. In the book “A History of Digital Currency in the United States: New Technology in an Unregulated Market” (2016), the publisher of Digital Gold magazine, P. Carl Mullan, quoted Jackson as saying that such a “task required large-scale computational capacity, data storage and secure global means of communication.” The costs were prohibitive except for national governments. That is, they were until the Internet.
With the Internet, e-gold pioneered several breakthroughs. In 1999, for example, the company introduced wireless mobile payments using a web-enabled cellphone. This was seven years before PayPal offered a similar service. A less laudable innovation came in 2000 when the company required customers who wished to add value to their accounts to have a trusted and independent third party who would exchange e-gold for national fiat currencies and vice versa. Within a year, several dozen businesses and individuals filled that niche; a new industry was born.
According to e-gold Ltd., the number of accounts grew from 1 million in 2003 to 5 million in 2008. E-gold users had a variety of motives. Some were gold bugs who devoutly believed e-gold was superior to fiat. Others were economic anarchists who thought government had no proper role to play in money. Still others wanted to evade taxes or participate in other victimless crimes.
Many more were attracted by the emergence of High Yield Investment Programs, some of which used e-gold as a payment platform. These programs offered unrealistically high returns that could be maintained only by redirecting the wealth of new investors; these Ponzi schemes led to an e-gold rush on an international level. Fraud artists took advantage of e-gold features such as the fact that all transactions were final and never charged back, with no exceptions. The scammers opened e-gold accounts and urged prospective investors to do the same. Then they milked investors and buyers for all they could.
By this time, e-gold offered a wide range of services from online casinos and auctions to metals trading and donations to non-profits. The company was rife with possibilities for scams. Unfortunately, defrauded customers often made no distinction between e-gold itself and the individual scammers who ripped them off with faux investments or non-existent goods. Some disillusioned users complained to government authorities.
In 2007, the U.S. Federal Government accused e-gold of money laundering and of violating 18 U.S. Code § 1960, which prohibits businesses from transmitting money without a license. Several exchanges attached to e-gold were closed down. The publicity and disrupted exchanges caused a steep drop in the number of e-gold customers; the difficulty of exchanging e-gold for fiat caused potential recipients of e-gold to shy away. Many customers were trapped with accounts they could not liquidate.
E-gold vigorously fought the charges, to no avail. In April 2008, the judge in United States of America v. E-gold, Ltd. ruled against e-gold and, in doing so, dramatically increased the Treasury Department’s range of authority. The law now defined a “money transmitter” as a business that transferred any stored value from one person to another, whether or not the transfer involved cash or a national currency. The definition gave the Treasury Department a de facto blank check on future prosecutions.
The company’s three directors pled guilty and entered into an agreement by which e-gold would come into compliance with the legal requirements for a money-transmitting business, including obtaining a license. Jackson received 300 hours of community service, 3 years of supervision and a $200 fine. He could have received 20 years in prison and a $500,000 fine. The two other directors received the same sentence, with heavier fines.
Then came a bitter irony. The guilty pleas precluded the directors from acquiring a license anywhere in the U.S. This put all of e-gold in lock-down because returning money to customers would involve transmitting money without a license and violating the plea agreement. In 2010, the government finally allowed e-gold to return the monetized value of their accounts to customers.
The Treasury Department’s expanded and vague definition of “money transmitter” has clear implications for bitcoin. The success of e-gold, and the court case that quashed it, changed the way government handled online payment systems. And, now, it had the legal precedent to act against cryptocurrencies.
The parallels between Bitcoin and e-gold are also clear. E-gold was highly divisible and allowed micropayments as tiny as one ten-thousandth of a gram. It maintained an open ledger in which daily transactions were published live and in transparent form. Like bitcoin, e-gold was not a complementary currency – at least not to begin with. A complementary currency is one that supplements a national currency without competing with it; an example would be private “money” issued by a business to customers as a promotion. E-gold was intended as a replacement for fiat and for the banking system, with the added advantage of hedging against inflation.
The differences between bitcoin and e-gold are as important as the parallels:
• E-gold embodied the trusted third party problem, as the customers stranded by legal proceedings found out. It is difficult to blame e-gold for the circumstances, of course, but dishonesty or inefficiency are not the only risks of trusting others with your money. Again, Bitcoin eliminates this problem.
• Arguably, e-gold introduced a trusted-fourth-party problem when it insisted customers use exchanges to convert into and out of fiat.
• E-gold and the exchanges were points of centralization that were easy targets for regulation or prohibition. They were also choke points at which to gather customer information. When e-gold restructured in 2000, OmniPay was formed as the company’s exchange system. In his previously mentioned book, Mullan explained, “OmniPay quickly became the largest e-gold exchange in the world. It served as the primary dealer exclusively working between the issuer, e-gold Ltd., and all other third-party independent exchange agents around the world.” OmniPay used three methods to verify the identities of customers: universal postal verification; payment by bank wire only; and, safeguards to detect incoming third-party payments. In e-gold’s plea agreement years later, the government almost certainly gained access to that information. Peer-to-peer bitcoin is pseudonymous.
• E-gold’s insistence on “membership for use” restricted the spread of its services. Bitcoin is open to all.
The riskiness of a trusted-third-party exchange like OmniPay is a warning bell in the night to bitcoin users. A centralized exchange is usually the first target of government regulation because it is visible and vulnerable, and because it comprises a cache of valuable data on individual users who are otherwise elusive. Exchange owners are likely to comply with government demands because non-compliance means being closed down, imprisoned, or both. In short, centralization encourages third parties to obey laws and regulations, such as I.D. verification – which harm customers.
At every financial turn, the trusted third party problem works for government control and against personal freedom. It would still be that way, only worse, if lightbulbs had not gone off in Satoshi Nakamoto’s brain.
[To be continued next week.]
Thanks to editor/novelist Peri Dwyer Worrell for proofreading assistance.
Reprints of this article should credit bitcoin.com and include a link back to the original.
Wendy McElroy has agreed to ”live-publish” her new book The Satoshi Revolution exclusively with Bitcoin.com. Every Saturday you’ll find another installment in a series of posts planned to conclude after about 18 months. Altogether they’ll make up her new book ”The Satoshi Revolution”. Read it here first.