Illustration: T.A. Gruneisen/WIRED
The price of a bitcoin topped $900 last week, an enormous surge in value that arrived amidst Congressional hearings where top U.S. financial regulators
took a surprisingly rosy view of digital currency. Just 10 months ago, a bitcoin sold for a measly $13.
The spike was big news across the globe, from Washington to Tokyo to China, and it left many asking themselves: “What the hell is a bitcoin?” It’s a good question — not only for those with little understanding of the modern financial system and how it intersects with modern technology, but also for those steeped in the new internet-driven economy that has so quickly remade our world over the last 20 years.
The spike was big news across the globe, from Washington to Tokyo to China, and it left many asking themselves: ‘What the hell is a bitcoin?’
Bitcoin is a digital currency, meaning it’s money controlled and stored entirely by computers spread across the internet, and this money is finding its way to more and more people and businesses around the world. But it’s much more than that, and many people — including the sharpest of internet pioneers as well as seasoned economists — are still struggling to come to terms with its many identities.
With that in mind, we give you this: an idiot’s guide to bitcoin. And there’s no shame in reading. Nowadays, as bitcoin is just beginning to show what it’s capable of, we’re all neophytes.
Bitcoin isn’t just a currency, like dollars or euros or yen. It’s a way of making payments, like PayPal or the Visa credit card network. It lets you hold money, but it also lets you spend it and trade it and move it from place to place, almost as cheaply and easily as you’d send an email.
As the press so often points out, Bitcoin lets you do all this without revealing your identity, a phenomenon that drove its use on The Silk Road, an online marketplace for illegal drugs. But at the same time, it’s a system that operates completely in the public view. All Bitcoin transactions are recorded online for anyone to see, lending a certain transparency to the system, a transparency that can drive a new trust in the economy and subvert the anonymity sought by those on The Silk Road, which
the feds shut down last month.
Bitcoin is much more than a money service for illegal operations. It’s a re-imagining of international finance, something that breaks down barriers between countries and frees currency from the control of federal governments. Bitcoin is controlled by open source software that operates according to the laws of mathematics — and by the people who collectively oversee this software. The software runs on thousands of machines across the globe, but it can be changed. It’s just that a majority of those overseeing the software must agree to the change.
Birth of the Bitcoin
Click to enlarge. Illustration: T.A. Gruneisen/WIRED
What does that mean, specifically?
About five years ago, using the pseudonym Satoshi Nakamoto, an anonymous computer programmer or group of programmers built the Bitcoin software system and released it onto the internet. This was something that was designed to run across a large network of machines — called bitcoin miners — and anyone on earth could operate one of these machines.
This distributed software seeded the new currency, creating a small number of bitcoins. Basically, bitcoins are just long digital addresses and balances, stored in an online ledger called the “blockchain.” But the system was also designed so that the currency would slowly expand, and so that people would be encouraged to operate bitcoin miners and keep the system itself growing.
When the system creates new bitcoins, you see, it gives them to the miners. Miners keep track of all the bitcoin transactions and add them to the blockchain ledger, and in exchange, they get the privilege of, every so often, awarding themselves a few extra bitcoins. Right now, 25 bitcoins are paid out to the world’s miners about six times per hour, but that rate changes over time.
Why do these bitcoins have value? It’s pretty simple. They’ve evolved into something that a lot of people want — like a dollar or a yen or the cowry shells swapped for goods on the coast of Africa over 3,000 years ago — and they’re in limited supply. Though the system continues to crank out bitcoins, this will stop when it reaches 21 million, which was designed to happen in about the year 2140.
The idea was to create a currency whose value couldn’t be watered down by some central authority, like the Federal Reserve.
When the system quits making new money, the value of each bitcoin will necessarily rise as demand rises —
it’s what’s called a deflationary currency — but although the supply of coins will stop expanding, it will be still be relatively easy to spend. Bitcoins can be broken into tiny pieces. Each bitcoin can be divided into one hundred million units, called Satoshis, after the currency’s founder.
The Key to the System
How do you spend bitcoins? Trade them? Keep people from stealing them? Bitcoin is a math-based currency. That means that the rules that govern bitcoin’s accounting are controlled by cryptography. Basically, if you own some bitcoins, you own a private cryptography key that’s associated with an address on the internet that contains a balance in the public ledger. The address and the private key let you make transactions.
The internet address is something everyone can see. Think of it like a really complicated email address for online payments. Something like this: 1DTAXPKS1Sz7a5hL2Skp8bykwGaEL5JyrZ. If someone wants to send you bitcoins, they need your address.
If you own some bitcoins, what you really own is a private cryptography key that’s associated with an address on the internet
If you want to send your bitcoins to someone else, you need your address and their address — but you also need your private cryptography key. This is an even more complicated string that you use to authorize a payment.
Using the math associated with these keys and addresses, the system’s public network of peer-to-peer computers — the bitcoin miners — check every transaction that happens on the network. If the math doesn’t add up, the transaction is rejected.
Crypto systems like this do get cracked, and the software behind Bitcoin could have flaws in it. But at this point, Bitcoin has been tested pretty thoroughly, and it seems to be pretty darned secure.
For the ordinary people who use this network — the people who do the buying and the selling and the transferring — managing addresses and keys can be a bit of a hassle. But there are many different types of programs — called wallets — that keep track of these numbers for you. You can install a wallet on your computer or your mobile phone, or use one that sits on a website.
With these wallets, you can easily send and receive bitcoins via the net. You can, say, buy a pizza on a site that’s set up to take bitcoin payments. You can donate money to a church. You can even pay for plastic surgery. The number of online merchants accepting bitcoins grows with each passing day.
But you can also make transactions here in the real world. That’s what a mobile wallet is good for. The Pink Cow, a restaurant in Tokyo, plugs into
the Bitcoin system via a tablet PC sitting beside its cash register. If you want to pay for your dinner in bitcoins, you hold up your phone and scan a QR code — a kind of bar code — that pops up on the tablet.
How to Get a Bitcoin
If all that makes sense and you wanna give it try, the first thing you do is get a wallet. We like blockchain.info, which offers an app that you can download to your phone. Then, once you have a wallet, you need some bitcoins.
In the U.S., the easiest way to buy and sell bitcoins is via a website called Coinbase. For a one percent fee, Coinbase links to your bank account and then acts as a proxy for you, buying and selling bitcoins on an exchange. Coinbase also offers an easy-to-use wallet. You can also make much larger bitcoin purchases on big exchanges like Mt. Gox or Bitstamp, but to trade on these exchanges, you need to first send them cash using costly and time-consuming international wire transfers.
Ironically, the best way to keep bitcoin purchases anonymous is to meet up with someone here in the real world and make a trade.
Yes, you can keep your purchases anonymous — or at least mostly anonymous. If you use a service like Coinbase or Mt. Gox, you’ll have to provide a bank account and identification. But other services, such as
LocalBitcoins, let you buy bitcoins without providing personal information. Ironically, the best way to do this is to meet up with someone here in the real world and make the trade in-person.
LocalBitcoins will facilitate such meetups, where one person provides cash and the other then sends bitcoins over the net. Or you can attend a regular
Bitcoin meetup in your part the world. Because credit card and bank transactions are reversible and bitcoin transactions are not, you need to be very careful if you’re ever selling bitcoins to an individual. That’s one reason why many sellers like to trade bitcoins for cash.
The old-school way of getting new bitcoins is mining. That means turning your computer into a bitcoin miner, one of those nodes on Bitcoin’s peer-to-peer network. Your machine would run the open source Bitcoin software.
Back in the day, you could do bitcoin mining on your home PC. But as the price of bitcoins has shot up, the mining game has morphed into a bit of a space-race — with professional players, custom-designed hardware, and rapidly expanding processing power.
Today, all of the computers vying for those 25 bitcoins perform 5 quintillion mathematical calculations per second. To put it in perspective, that’s about 150 times as many mathematical operations as the world’s most powerful supercomputer.
And mining can be pretty risky. Companies that build these custom machines typically charge you for the hardware upfront, and every day you wait for delivery is a day when it becomes harder to mine bitcoins. That reduces the amount of money you can earn.
We hooked it up to a network of mining computers that pool together computing resources and share bitcoin profits. And in six months, it has earned more than 13 bitcoins. That’s more than $10,000 at today’s bitcoin prices. But people who got the machine later than we did (and there were plenty of them) didn’t make quite so much money.
Online Thievery
Once you get your hands on some bitcoins, be careful. If somebody gets access to your Bitcoin wallet or that private key, they can take your money. And in the Bitcoin world, when money is gone, it’s gone for good.
This can be a problem whether you’re running a wallet on your own machine or on a website run by a third party. Recently, hackers busted into a site called inputs.io — which stores bitcoins in digital wallets for people across the globe — and
they made off with about $1.2 million in bitcoins.
In the bitcoin world, when money is gone, it’s pretty much gone for good.
So, as their bitcoins start to add up, many pros move their wallets off of their computers. For instance, they’ll save them on a thumb drive that’s not connected to the internet.
Some people will even move their bitcoins into a real physical wallet or onto something else that’s completely separate from the computer world. How is that possible? Basically, they’ll write their private key on a piece of paper. Others will engrave their crypto key on a
ring or even on a metal coin.
Sure, you could lose this. But the same goes for a $100 bill.
The good news is that the public nature of the bitcoin ledger may make it theoretically possible to figure out who has stolen your bitcoins. You can always see the address that they were shipped off to, and if you ever link that address to a specific person, then you’ve found your thief.
But don’t count on it. This is an extremely complex process, and researchers are only just beginning to explore the possibilities.
Bitcoin vs. the U.S.A.
Bitcoin is starting to work as a currency, but because of the way it’s built, it also operates as an extremely low-cost money-moving platform. In theory, it could be a threat to PayPal, to Western Union, even to Visa and Mastercard. With Bitcoin, you can move money anywhere in the world without paying the fees.
The process isn’t instant. The miners bundle up those transactions every 10 minutes or so. But today, payment processors like BitPay have stepped in to smooth things out and speed them up.
The feds have stopped short of trying to kill Bitcoin, but they’ve created an atmosphere where anybody who wants to link the U.S. financial system to Bitcoin is going to have to proceed with extreme caution
The trouble is that federal regulators still haven’t quite figured out how to deal with Bitcoin.
The currency is doing OK in China, Japan, parts of Europe, and Canada, but it’s getting its bumpiest ride in the U.S., where authorities are worried about the very features that make Bitcoin so exciting to merchants and entrepreneurs. Here, the feds have stopped short of trying to kill Bitcoin, but they’ve created an atmosphere where anybody who wants to link the U.S. financial system to Bitcoin is going to have to proceed with extreme caution.
Earlier this year, the U.S. Department of Homeland Security closed the U.S. bank accounts belonging to Mt. Gox, which has generally been the world’s largest Bitcoin exchange. Mt. Gox, based in Japan, let U.S. residents trade bitcoins for cash, but it hadn’t registered with the federal government as a money transmitter, and it hadn’t registered in the nearly 50 U.S. states that also require this.
The Homeland Security action against Mt. Gox had an immediate chilling effect in the U.S. Soon, American Bitcoin companies started reporting that their banks were dropping them, but not because they had done anything illegal. The banks simply don’t want the risk.
Now, other Bitcoin companies that have moved fast to operate within the U.S. are facing the possibility of being shut down if they’re not following state and federal guidelines.
Even if the feds were interested in shutting down Bitcoin, they probably couldn’t if they tried, and now, they seem to understand its promise. In
testimony on Capitol hill earlier this week, Jennifer Shasky Calvery, the director of the Treasury Department’s Financial Crimes Enforcement Network, said that Bitcoin poses problems, but she also said that it’s a bit like the internet in its earliest days.
“So often, when there is a new type of financial service or a new player in the financial industry, the first reaction by those of us who are concerned about money laundering or terrorist finance is to think about the gaps and the vulnerabilities that it creates in the financial system,” she said. “But it’s also important that we step back and recognize that innovation is a very important part of our economy.”
It is. And Bitcoin richly provides that innovation. It just may take a while for the world to completely catch on.
---------
Once You Use Bitcoin You Can’t Go ‘Back’ — And That’s Its Fatal Flaw
Photo: Ariel Zambelich / WIRED
Bitcoin is the world’s most popular digital currency — not just a form of money, but a way of
moving money around — and the darling topic
du jour of the tech industry right now. [WIRED has its primer on what bitcoin is and how it works
here.]
As a security researcher, I admire bitcoin-the-protocol. But I believe bitcoin-the-currency contains a fatal flaw.
As a security researcher, I admire bitcoin-the-protocol. It’s an incredibly clever piece of cryptographic engineering, especially the proof-of-work as a way of maintaining an indelible history and a signature scheme which, when properly used, can limit the damage that might be done by an adversary with a
quantum computer. But I believe bitcoin-the-currency contains a fatal flaw, one that ensures that bitcoin won’t ever achieve widespread adoption as a currency.
The flaw? That bitcoin transactions are irreversible. That is, they can never be undone: Once committed, there is no “oops”, no “takeback”, no “control-Z”. Combined with bitcoin’s independence — it is a separate currency with a floating exchange rate — this flaw is arguably lethal to money systems.
Once committed, there is no ‘oops’, ‘takeback’, or ‘control-Z’.
Bitcoin advocates will argue that both its
irreversibility and independence are benefits. That they were explicit design decisions to defy control by governments or banks. But to me these features are flaws, because a tenet of modern finance asserts that anything electronic must be reversible. If bitcoin really is the
internet applied to money … then it, too, should have a “back” button.
Without an undo/ back button, it’s only possible to prevent fraud. With an undo, it would also be possible to detect and mitigatefraud; to see that something bad happened and then actually do something about it. Credit cards, bank account transfers, and all other electronic transactions involving a bank all have an “undo” button.
Banks rely on the reversibility feature every day to stop fraudulent activities. Bitcoin robbery
casesaren’t just rising because of interest in the currency — the most recent is a European bitcoin payment processor
losing $1M after a DDoS attack — they’re rising because robbing a bank online involves much less friction than doing so in person.
Nicholas Weaver
Nicholas Weaver is a researcher at the International Computer Science Institute in Berkeley and U.C. San Diego (though this opinion is his own). He focuses on network security as well as network intrusion detection, defenses for DNS resolvers, and tools for detecting ISP-introduced manipulations of a user’s network connection. Weaver received his Ph.D. in Computer Science from U.C. Berkeley.
In the current financial system, the only major irreversible transactions involve withdrawing cash. This is a process that must happen in person and therefore naturally imposes substantial limits; in-person requirements provide attribution, keep an attacker from automating the process, and limit the “attack surface”. For example:
- To steal a million dollars hidden under mattresses, a thief needs to break into thousands of homes.
- To steal a million dollars from a typical business’s bank account, thieves need to transfer it to a network of roughly 100 money mules.
- Each mule must then withdraw less than $10,000 from their account within a short period of time, take the cash to Western Union, and wire the money to the thieves. (This is why those running the mules can claim up to 40-50 percent of the take!)
To steal a million dollars worth of bitcoins stored by a
business, however, a thief only needs the private key. Likewise, to steal $1000 worth of bitcoins each from 1000 people, the thief only needs to have his or her bot software running on enough victims with enough bitcoins to automate the process.
This means bitcoins
should never be “stored” on an internet-connected device. That includes our computers and our smartphones. (And have you heard the one about the guy who keeps his key
on his finger?) Let’s pause for a moment to reflect on that: What sort of online currency requires using offline computers and objects for all storage?
Now, it is theoretically true that stolen coins could be
blocked. If a portion of the network blocks stolen bitcoins today, then the same mechanism could block bitcoins that passed through black markets or offshore exchanges (such as BTC-e) that don’t implement anti-money-laundering protections. Yet the bitcoin community strongly resists the idea of blacklists, because it eliminates
fungibility — the notion that all bitcoins are identical — which is essential for a currency. If every dollar used in a drug deal couldn’t be used again, would dollars work as currency? Especially if, sometime after acceptance, a dollar becomes void and blacklisted after the fact because of its previous involvement in a crime?
Bitcoins should never be stored on an internet-connected device. But what sort of online currency requires using offline computers for all storage?
Bitcoin advocates insist that the theft problem is solvable. For the sake of argument, let’s assume that some bitcoin-centric hardware company deploys completely secure and free hardware bitcoin wallets for anyone to use. And let’s also assume consumers are happy with such an unregulatable model and don’t care that merchants can now rip them off with near impunity. Immunity from theft is not enough. Irreversibility, combined with volatility, ensures that bitcoin still will never see wide adoption.
Bitcoin’s irreversibility means that a bitcoin exchange can
never accept credit cards or wire transfers to quickly provide bitcoins in significant quantities. These agencies must carefully audit customers, wait on any large purchases, and assign blame when attackers breach accounts. Any exchange that does not follow such precautions would be a magnet for fraud, and cease to exist once they start
receiving chargebacks.
As a consequence, the only ways to
quickly buy bitcoins require cash — again, I’m talking about convenience here which surely should be a feature of internet applied to money. This convenience can happen via a
cash drop at a drugstore; a cash deposit into the
exchange’s bank account; a
face-to-face meetup; or at an actual ATM, complete with cameras and withdrawal limits. (The
world’s first bitcoin ATM just went live a month ago in Canada. Incidentally, it takes cash, not ATM cards.)
Blacklists eliminate fungibility, which is essential for a currency.
And almost every bitcoin purchase needs to start with such a consuming, hastle-prone step if the buyer is unwilling to risk the wild swings in value that bitcoin experiences on a day-to-day basis. Since bitcoin has no stable value, the recipient should immediately go the other way. After all, if bitcoin’s volatility is desired by the merchant, they can just buy bitcoins independently. Instead, any sensible merchant receiving them will immediately turn them back into Dollars, Euros, or whatever local currency they need at a cost of roughly 1 percent. Which means the buyer first had to go the other way, turning dollars into bitcoins. Otherwise, the system would be out of balance.
Thus to actually buy something with the “digital currency of the future” — without having to wait, have funds predeposited at an exchange, or risk that one’s bitcoins drop in value — the buyer has to go to the bank, withdraw cash, turn it into bitcoins, and then spend it quickly.
The only way to quickly buy bitcoins requires cash: a consuming, hastle-prone step.
The need to go in person and withdraw cash conservatively costs the buyer 2 percent, as gas stations can charge over 2 percent to accept credit cards (and yet, people regularly use credit over cash). For reference, compare this to Square, which charges 2.75 percent to process credit cards. So even if you canconveniently get bitcoins from your local ATM — though we’re nowhere near there yet — a bitcoin transaction will cost the buyer and seller a combined 3 percent or more.
Even the much-vaunted international transfer use case doesn’t make sense here: A bitcoin transaction may be cheaper than a SWIFT wire transfer, but the cash requirement means it is not necessarily cheaper than Western Union. (To Mexico, it’s $8 plus a currency exchange fee. Europe is far more expensive, but that’s due to a lack of competition rather than something intrinsic.) If Western Union charges nearly double the currency conversion fee of a bitcoin exchange, it still comes out approximately the same since a foreign bitcoin transaction involves two currency exchanges rather than one.
Even at a 10 billion dollar market cap — the peak achieved by Beanie Babies in 1999 — bitcoin is almost irrelevant in financial terms.
Bitcoin therefore only works for merchants who face substantial chargebacks but who can’t say “pay cash”, are selling to bitcoin believers willing to pay the premium price to use bitcoins, or want to conduct business that the credit card system blocks. Yet many of the transactions blocked by the credit card system — namely
gambling,
drugs, and
crypto-extortion — are themselves illegal. In those cases, does it really make sense to use such an
innately traceable currency with a permanent record? I think not. (You can bet that
redandwhite, the “hitman”
Dread Pirate Roberts allegedly hired, is going to be asking himself that question over the coming months.)
This is not to say that bitcoin won’t retain its price. After all, the greater-sucker theory of speculation can ensure a large price for a long period. As long as bitcoin believers can recruit enough new money to balance the newly mined-for-sale coins, the price may sustain itself indefinitely. And, in the greater scheme of things, bitcoin is small: even at a roughly 10 billion dollar market capitalization it is almost irrelevant in financial terms. This is probably roughly the peak market capitalization achieved by
Beanie Babies in 1999.
There are indeed important and valuable ideas that exist in bitcoin’s design. But bitcoin itself? Its volatility and built-in irreversibility will doom it to the ash-heap of history.