We've yet to see a grounding in the technology and economics of Bitcoin that a layperson can grasp, so this is our explanation of what all the fuss is about, and why you are looking at one big, US$2.6bn, 275 megawatt bubble that will likely go to zero. Even if it succeeds in becoming an accepted transaction currency, there is a second flaw that will destroy its original purpose.

The hole in Bitcoin
4 November 2013

updated 15-Nov-2013

Over the past few weeks, our more observant readers may have noticed increasing media coverage of Bitcoin, the decentralised cryptocurrency designed (or should we say, "coined") by a clever developer known pseudonymously as Satoshi Nakamoto (anagram solutions welcome). We've yet to find an article which combines a grounding in the technology and economic analysis that a layperson can grasp, so this is our attempt to explain what all the fuss is about, and why you are probably looking at one big, energy-consuming bubble.

History

The domain bitcoin.org was registered on 18-Aug-2008. According to the history on the Bitcoin wiki, the original paper proposing Bitcoin was published on 31-Oct-2008. The first chunk of Bitcoins (the "genesis block") was "mined" on 3-Jan-2009. The earliest capture of the bitcoin.org web site in the internet archive is on 31-Jan-2009. It contains fluent English text written in the first person, indicating this is likely the work of a single developer rather than a group, and probably a native-English speaker.

Concept & method

The concept of Bitcoin is to create a digital currency not issued by any Government, and with no central registrar to authorise its issuance or keep track of transactions - both of those functions are distributed across a network of computers. The key features are:

An attacker could try to alter the history, retrieving his spent Bitcoins by altering the blockchain and paying the Bitcoins to himself. However, to do this, he would need enough processing power to extend the blockchain faster than the rest of the network and, in the case of older transactions, to catch up with the growth of the blockchain. This is commonly known as a "51% attack", because if you have over 50% of the power then you can certainly do this given enough time. However, the attacker would still stand a chance of achieving dominance with a smaller share of global processing power, if his machines solved the problems faster than average. As the network grows, it becomes more expensive to achieve this, unless he is able to somehow hijack other machines.

Addendum, 6-Nov-2013: when we said that an attacker could achieve dominance with less than 50%, this was a reference to the Byzantine Generals' Problem, which says that a group of N separate generals who communicate by messages that may be corrupted by treacherous generals, can only agree on when to attack the fort if the number of traitors T among them is less than one third, that is, N > 3T+1. This problem was explained in a 1982 paper by Leslie Lamport, Robert Shostak and Marshall Pease. The problem was actually mentioned on the original Bitcoin site. Coincidentally on the day this article was published two professors published an article noting, via a different approach, the same vulnerability, which can only be mitigated by tweeks, not removed. Also, with reference to Robert Shostak, who is now CEO of Vocera Communications, we note that Satoshi Nakamoto is an anagram of "I am onto a Shostak". Make of that what you will, if anything.

Addendum, 15-Nov-2013: Robert Shostak kindly responded to a Webb-site query as follows: "The relationship of Bitcoin to the original Byzantine problem is very cool. That paper, incidentally, recently won the Jean-Claude Laprie Award in dependable computing - unfortunately, Marshall Pease, a colleague of mine at SRI who co-authored the paper and proved the hard direction of the main result, passed away long before he received any recognition for it... your anagram is brilliant, even if totally coincidental." So the hunt for Satoshi Nakamoto continues.

The proof-of-work

What the mining machines are doing is performing a "hash" calculation with a block of transaction data (including the coinbase transaction) plus a chosen number as the input. For a given block, the result of that calculation depends on the chosen number, and the chosen number cannot be found from the result without a "brute force" trial-and-error effort, rather like trying to guess the combination number of a safe by trying repeatedly. Bitcoin uses SHA-256, a "Secure Hash Algorithm" designed by our friends at the NSA, which produces a 256-bit result. In decimal, that is a range from zero up to about a 1 followed by 77 zeroes. There are only about 10^80 atoms in the universe, to give you some idea of how big that number is.

The "difficulty" in Bitcoin mining is set by requiring that the hash result be below a certain "target" threshold in the range of possible results. The lower the threshold, the lower the chance of any given input producing a hash below that threshold, so the more hashes you have to try before you find an input that works. Difficulty is expressed as the ratio of the maximum target to the current target. In the early days, these were the same, so the "difficulty" was 1. The maximum target has 32 leading zeroes in binary, and so on average it required 2^32 or about 4.3 billion hashes to find a winning solution. That was probably chosen based on the estimated hashing power of the developer's single PC over 10 minutes.

The difficulty did not begin to increase until block 32256 on 30-Dec-2009, so it is fair to assume that until the middle of December 2009, there was only one miner mining, probably the founder. Up to that point, 1,612,800 Bitcoins had been mined. The latest adjustment to difficulty was on 26-Oct-2013, when the difficulty was set at 390,928,787.64. That, plus the fact that each block only earns coins at half the original rate, means that it now takes about 782 million times more hashes to produce a Bitcoin than it originally did.

The arms race

Originally, miners were using the CPUs in normal PCs, but it wasn't long before they were overtaken by Graphics Processing Units running the same algorithms much faster. Then they moved on to Field Programmable Gate Arrays, which can be configured to run the algorithm, and recently, these are being overtaken by Application Specific Integrated Circuits which are hardwired in the foundry to carry out the algorithm, and so are even faster. Such is the state of this crypto-arms race that firms are taking pre-orders of products they cannot yet ship. Brands include Avalon, Bitmine, Butterfly Labs, CoinTerra, Hashfast, KnCminer, Terrahash and Virtual Mining Corp.

The key point to note on this is that the more machines are plugged into the network, the greater the competition to win the next block, and therefore the higher the difficulty must be set, and the more hashes it will take (on average) to discover a solution to each block. At a given level of technology, each hash will take a certain amount of energy to calculate, and as the technology improves, the difficulty will also be raised to ensure that steady output of 1 block every 10 minutes. There is a virtual gold rush going on for people to plug in mining machines and grab a diminishing share of the return.

To spread their risk, rather like groups of people entering a lottery by sharing tickets, there are mining pools, where miners share the reward if one of them comes up with a solution to the next block.

Energy consumption

Rationally, however much money you have spent on your mining equipment, you are not going to run it if your energy cost is greater than the market value of Bitcoins you expect to produce. Some people are getting "free" electricity from their parent's home, their college dorms or their office, and therefore can run obsolete mining machines without caring about the energy consumption, but they probably only have a small share of the overall hashing capacity. Currently the global capacity is about 4 petahashes per second (4 x 10^15), and it has been growing exponentially as new machines come online.

At 6 blocks, or 150 Bitcoins, per hour, with a current exchange value of about US$220 per Bitcoin, the hourly supply is worth about US$33,000. If the mining market is rational, people will keep adding capacity until the energy cost is that much. Some will continue beyond the point when their machines are uneconomic, because they haven't seen the size of their bill yet, or because they are gambling on winning the block lottery for the next 25 Bitcoins (currently worth about US$5500), even though they have a negative expected return. That's the nature of lottery tickets.

If energy in the cheapest parts of the world (particularly the USA) is about $0.12 per kWh, then a breakeven mining market would imply a power load of about 275MW. That's enough to power about 214,000 average US households, or about two-thirds of households in San Francisco City & County. The annual energy use would be 2.409 billion kWh, equivalent to about 0.06% of US electricity consumption. That compares with about 1.5%-2% for data centres, so it is equivalent to about 3-4% of data centre usage.

Of course, if you live in a cold climate and were going to heat your home anyway this winter, then at least for the next few months you could substitute the heating by running Bitcoin mining machines, if you can tolerate the noise.

If (or rather, when) the value of Bitcoins collapses, miners will have to switch off their machines and there will be a lot of redundant hardware around, custom built with ASICs to do only one thing. At least those with GPUs can do something more useful to society, like protein-folding or running the SETI app to keep you warm at night.

Losing Bitcoins

You can't lose digital Bitcoins down the back of your sofa or drop them through a hole in your pocket, but if you lose your private keys, or forget the password to access them, then you've achieved the same thing. The holder will be unable to spend or transfer them. So people who rely on their hard drives or their memory and don't have backups will gradually take some Bitcoins out of circulation forever. Similarly, people who die with Bitcoins in their digital wallet without divulging the password will also lose them. For that reason, if Bitcoin survives, then the number of outstanding BTC will not reach 21 million, but will start to decline when at some point they are being lost faster than they are mined.

Bitcoin banking

If Bitcoin survives, then virtual banks could be established which would borrow your Bitcoins as "deposits", and lend them, at risk, to other people or businesses, increasing the velocity of circulation of Bitcoins and broadening the amount of economic activity that can be handled without necessarily inflating the value of BTC. In the quantity theory of money, the amount of money (M) multiplied by the number of times it changes hands in a period (the velocity, V) is equal to the value of all transactions T at their price P, that is MV=PT. So increasing V allows more T. Indeed, one simulation of a BTC bank is already online at coinlenders.com.

For BTC banks to work, depositors (lenders) would have to transfer BTC to the bank with no guarantee that they would get it back. BTC banks could credit interest on deposits and charge it on loans, keeping a spread to cover loan losses and profits. BTC banks could make bad loans, and BTC banks could go bust - particularly if there is no oversight, no capital adequacy regime.

Banks could self-regulate and promise to keep a certain proportion of Bitcoins on hand to cope with withdrawals, having their accounts audited regularly and stacking up the virtual cash in their virtual window by displaying an amount of BTC that bears their digital signature to deter bank runs. In the real world, this is known as a "reserve" and the system is called fractional reserve banking, as a fraction of all deposits is kept in reserve rather than lent out.

We doubt that the world's governments would allow Bitcoin banks to evolve without bringing them under supervision to try to protect depositors, and they would develop the same regulatory overhead costs as existing banks. If Bitcoin survived, existing banks would also get in on the act, as they have well-established infrastructures for assessing credit and making loans, which start-up BTC banks would lack.

But, given a fixed supply of Bitcoins, and a given reserve ratio, there is still a limit on the amount of Bitcoins plus deposits that can be created - for example, at a 5% reserve ratio, the deposit base could not exceed 420m BTC, 20 times the maximum number of Bitcoins. And that brings us on to...

The hole in Bitcoin

We love the science behind Bitcoin (your editor is a mathematician and programmer of the 1980s era, so it brings out his inner geek), but here is the biggest flaw: the economics of it. For Bitcoin to succeed, it has to become a transaction currency, widely-accepted by the real world for goods and services. With a cap of 21 million Bitcoins, the accepted wisdom driving prices is that spreading the limited supply of Bitcoins over all these real-world transactions, even with fractional reserve banking, would necessitate a high valuation per Bitcoin.

Unfortunately, most of the people getting into Bitcoin, either with cash, goods and services or by buying and running mining rigs, are just hoarding the Bitcoins, either expecting the price to go up because they believe in this transactional utility, or expecting the price to go up because other people will - people like the Winklevoss twins, who proposed setting up an ETF to hoard Bitcoins (SEC filing), rather like the SPDR Gold Trust.

The flaw then is that most Bitcoin owners are hoarding something which they expect to become a widely-used transaction currency, and if everyone holds on to their Bitcoins, then it won't become a transaction currency. Eventually, enough participants will look around the room, see that nobody is spending anything, and head for the exit, seeking to cash out. This will crash the price of BTC, and destroy any confidence in it as a transactional currency, taking it to zero - worthless bits on a disk. At least with Gold you can turn it into jewellery or use it in electrical contacts, and it is shiny. Don't ask us to predict the timing of this; avalanches cannot be predicted, but right now, the entire stock of Bitcoins is valued at about US$2.6bn - that's an awful lot of snow on the mountain.

Very few vendors are accepting Bitcoins for real goods or services, other than as promotional gimmicks. Those who sell mining rigs for BTC are converting the cash it cost to build the rigs into Bitcoins. Those who run the mining rigs are converting the cost of energy into Bitcoins. A certain amount of real cash is exchanged for Bitcoins outside of traditional payment networks, by people meeting offline (see LocalBitcoins.com for example), sucking people into the scheme,  but that could be brought to a near-halt if governments start applying existing legislation governing money-changing to individuals who are doing this as a business.

In the US, the Treasury's Financial Crimes Enforcement Network (FinCEN) issued a Guidance Note on 18-Mar-2013 warning that exchange services such as MtGox, a Japan-based firm which was accepting real money in the US, are Money Services Businesses. This was followed in May by the seizure of US$5m of balances held by a subsidiary of MtGox in the US banking system. MtGox, you should note, claims to be "the world's largest Bitcoin exchange!" so goodness knows what the others are like.

There are so many well-established and potential future ways to pay for things online. Paypal lets you send money to pals without charge, although they charge fees to merchants. Outfits like Amazon, Apple, Google and Microsoft all have the capacity to set up payment networks between users, denominated in real-world currencies such as the US dollar, and linked to bank accounts. Google has done this for the USA with Google Wallet.

Transaction fees - the second hole

Even if we are wrong and Bitcoin becomes a widely-accepted transaction currency, the second flaw in Bitcoin is this: when the rate of coin production is reduced towards zero, the only economic incentive the nodes will have to convert electricity into blocks (and heat and noise) is the transaction fees. So far, these are very low, but if the people who control the Bitcoin specification don't increase the fees to a commercial level then the amount of machines running the algorithm will plunge for lack of reward, and it will become much less expensive to take control of the network by holding more than 50% of the hashing power. However, if fees become a significant part of transaction values, then a lot of users (not seeking illegal goods and services) will wonder why they don't just use traditional payment networks denominated in real currencies. So there's the conundrum: charge too little, and someone will put in enough capital to take over the network and turn it, in effect, into just another MasterCard, Paypal or Visa. Charge too much, and people will use other payment networks.

This problem is inherent in Bitcoin's design to use a proof-of-work distributed system rather than a central registrar. The system depends on the proof being expensive enough, and hence the fees being high enough, that nobody will find it worthwhile to take control.

Miners are currently generating about US$33k per hour in value of new Bitcoins; that's US$289m per year. Is the world willing to pay that much per year, or more, to settle Bitcoin transactions?

© Webb-site.com, 2013

Topics in this story

Sign up for our free newsletter

Recommend Webb-site to a friend

Copyright & disclaimer, Privacy policy

Back to top