Tag: bitcoin

Bitcoin's Secret Sauce

or: How I Learned to Stop Worrying and Love Nation State Attacks.

Bitcoin’s secret sauce, and how it works, was on full display these last few weeks. Bitcoin was designed to work against the most powerful of adversaries, and boy – did the adversary show up!

batman-v-superman-dawn-of-justice_bb788b6f

The China Syndrome

A few months ago, 45% to 75% of Bitcoin mining happened inside China. Then the Chinese government banned it.

There are anecdotal accounts from people on the ground are seeing Bitcoin mining operations being shut down by law enforcement agents. And there are similar accounts from people on the ground elsewhere in the world where containers full of mining hardware are being shipped to, lock, stock and barrel.

And then there is the Bitcoin blockchain – the source of absolute truth.

I have a copy of the Bitcoin blockchain on my computer, and could actually run the numbers myself and see that the production of Bitcoin blocks slowed down dramatically. Here’s a plot of how long it took, on average, to find 2016 blocks from 12-May-2014 to 18-July-2021.

Bitcoin blocks, on an average, are supposed to be generated once every 600 seconds. But you can see the spike in this number on the graph towards the end, going all the way up to 832 seconds. This means that during that period, the total number of active miners went down dramatically, and that led to the inter-block average-gap increasing equally dramatically from 600 seconds to 832 seconds.

Putting the anecdotal and canonical sources of data together, we can be reasonably certain that the Chinese mining ban lead to a global drop in Bitcoin mining.

Does it matter?

Not really. Miners come, miners go – Bitcoin chugs along. That is what it is designed to do. Bitcoin targets a block production rate of 600 seconds per block. If Bitcoin’s design had been naïve, whenever its dollar value went up, more miners would enter the system to make more money, and blocks would arrive faster than 600 seconds. Similarly, if its value went down (or if governments kicked them out), miners would leave the system, and blocks would arrive much slower than 600 seconds. The block production rate on either side of 600 would persist, and reflect the total number of miners in the system.

But no, that’s not what happens. No matter how many miners are in the system, it always takes around 600 seconds to mine a block. This is done through the difficulty adjustment algorithm, also known as Satoshi’s stroke of genius.

Difficulty Adjustment a.k.a Bitcoin’s Secret Sauce

Before we get to the difficulty adjustment algorithm, we have to first understand why keeping the inter-block interval of 600 seconds is important. Bitcoin works because everyone can check whether their perceived ownership of their own Bitcoin is fact or fiction. To check this, you need access to Bitcoin’s data? Where is this data? How big is it? How do I access it? Bitcoin’s data is not held by some central custodian, or a bank. It’s held by everyone who is interested. It includes all transaction from the genesis block onwards – from January 2009. But storing everything with everyone sounds crazy – and to be honest, it is crazy. But the more you think about it, the more you realize that there are no other easier ways of doing self-validation, other than offloading the “do I control my money or not?” question to someone else – and trusting them. Bitcoin prefers the opposite: self-validation.

So, if we accept the crazy idea that everyone stores a copy of the blockchain, we have a fundamental tradeoff – the blockchain cannot get very big (by growing very fast). It also cannot stay static: new transactions need to be added every so often to facilitate economic activity. Currently, the blockchain is around 377 GB, and growing at around 50 GB per year. If it grows too fast, not everyone will be able to hold their own copy. If it doesn’t grow fast enough, there is not enough transaction space to accommodate the demand for transactions. Under these constraints, Satoshi decided that a 1MB block every 10 minutes is a good tradeoff. To keep this tradeoff constant, blocks cannot be generated slower or faster.

What happens if Bitcoin’s value skyrockets and everyone wants to be a miner? Remember that a miner who generates a new block gets to keep the newly minted Bitcoin that comes out of each block. So, if the value of Bitcoin goes up, expect more miners to materialize. To accommodate this, Satoshi designed a simple algorithm that makes mining harder or easier depending on how long it takes to generate the previous 2016 blocks.

The Bitcoin protocol contains a positive number called “difficulty”, whose value is currently 13,672,594,272,814. This number controls how hard or easy it is to mine a block. Let’s say the total time taken to mine the previous 2016 blocks was greater than 2016 times 600 seconds, by a factor of X. This difficulty number is then adjusted lower by the same factor X. If the time taken to mine the previous 2016 blocks was lower, the difficulty number is adjusted upwards – again by the factor X. That’s it.

As far as “algorithms” go, this is as simple as it gets. It’s middle school level arithmetic. Other than combining existing ideas from cryptography and distributed systems, Satoshi’s only novel contribution was this middle school level formula. The genius, as they say, is in the simplicity of it.

When these erstwhile Chinese miners turned down their mining hardware around end of June/beginning of July 2021, Bitcoin’s mining difficulty dropped from 19 trillion to 14 trillion, by around 5 trillion – which is around 28%. The reduced difficulty made it easier for the remaining online Bitcoin miners to start generating blocks every 10 minutes again. The next 2016 block average was 630 seconds. Voila!

As Bitcoin’s value increased from 0 to wherever it is today, miners have only entered the system – and have rarely left. Difficulty has always gone up – to accommodate this increase in value. So, how does this difficulty number actually make it easier or harder to mine a Bitcoin block?

The Proof of Work Function

Bitcoin, famously, relies the “partial hash-preimage puzzle” to build its Proof of Work function:

You double hash data from the block you want to generate, and check if that hash value is less than the target on the right hand side of the equation. If it’s not, you change the block data, and try again, and again, and again, and again.

For example, if I double hash make-believe block-data, say the string “Bitcoin forever!”, I get the number:

99399038078883646938846821706752581723151100264172406332358249387420489004987.

The current value of the target is:

1971823790658122626473078926498088015421759366553927680.

So, it doesn’t work. I need to keep trying the function again and again with different block-data to hit gold. The actual previous Bitcoin block’s hash was 888160945014446794317532755205888398236464272495427689, which is under the required target, and that miner struck gold – so to speak.

If the difficulty number goes up, the mining target goes down, and finding block-data that double-hashes to a number lower than that target gets harder. It’s like tossing a 6 sided dice and wanting to hit a number less than or equal to 1. It happens only once every 6 times. If difficulty were to reduce, the target would move to a number less than or equal to 2. That happens every 3 times – mining just got easier.

Why go into the nitty gritty details of this function, with all the associated arithmetic and probability? I want to get into the properties that this unique function has, that makes it ideal for Bitcoin mining – and resisting nation state attacks.

Parameterizability: The function provides very fine degree of control over how much harder or easier we want the function evaluation to be. If you increase or decrease the difficulty number, the function becomes easier or harder to evaluate, respectively.

Memorylessness or Progress-free ness: Even if you have already run the function a million times, it still doesn’t give you any advantage over the next run. Each run of the function is what is called a Bernoulli trial – with the odds of hitting gold the same no matter how many times you have tried in the past. This makes sure that larger miners have no other advantage than just the larger chance of producing a block. If this property weren’t there, the largest miner would *always* win, even if they had just 0.0001% more power than the next largest miner.

The other incredible advantage of Memorylessness is that a miner can be turned off, put in a container, shipped elsewhere and plugged back in. The only loss the miner incurs is the Bitcoin that could have been mined in that interim time when the machine was turned off. Most physical objects being built, or even computations that are being performed on computers rely on previous data or “progress” that has been done, stored and retrieved, so that we can continue the process further. Shutting down something abruptly, without needing to store any state of progress, and starting elsewhere without any extraneous loss is not that common. This allows Bitcoin miners to be incredibly mobile and seek out the cheapest electricity wherever it exists. They are, in the true sense, plug-and-play.

Hard to compute, but easy to verify: To get the double-hash value which is under the target needs millions of trials of the function. But once someone finds it, the rest of us can verify it immediately with just a single iteration of the function. This, again, makes decentralization possible – where all of us can run the Bitcoin software on our computers and check that the miners are doing the right thing.

Replacing this function is not that easy. Most attempts have kept the general idea, and have tinkered with the specifics.

Conclusion

A nation state the size of China attacked Bitcoin where it’s supposed to hurt: Bitcoin Mining and all they managed to get in return was a giant shrug of indifference by the protocol. Yet another instance of Bitcoin living up to its promise of being designed to last forever. This self-adjusting nature of Bitcoin – that makes it change itself based on market conditions, with no one central entity being in charge – separates it from all other forms of money. Fiat money always has a central planner. Bitcoin has a protocol.


Our crypto series in reverse-chronological order:


Bitcoin is Forever

💎👐♾

The nature of Bitcoin is such that once version 0.1 was released, the core design was set in stone for the rest of its lifetime – Satoshi Nakamoto, creator of Bitcoin

This goes against the more well understood motto of technology startups: “move fast and break things.” Unlike a startup, or even a big company, Bitcoin doesn’t move fast, or break things. Of course, I am not talking about its price as measured in USD or INR. I am talking about the entire Bitcoin system, or Bitcoin, the protocol. Bitcoin is stagnant, ossified, set-in-stone, resistant-to-change, and any number of such synonyms you can look up in a thesaurus. There are a few obvious questions that come out of this:

  • Why is ossification preferred over, say, innovation?

  • How do you achieve ossification in software?

  • Does it matter?

If you sit back and think, the answers to these questions are not obvious. Let’s address them.

Why?

It seems obvious that innovation is good, innovation is right, and innovation works. Maybe it even captures the essence of the evolutionary spirit. So, why does Bitcoin not want to innovate? The answer lies in layers. By layers, I mean – in layers of abstraction. In any system, the base layer has to be set in stone for the layers above it to work. Think of civil engineering: it works because the laws of physics are set in stone. The value of the gravitational constant doesn’t change over time, thankfully, just because nature wants to innovate. 

Having an “innovative” base layer comes at a high cost to systems being built above it. Bitcoin was designed as a base layer for the world’s financial system. We can argue that that’s a stupidly ambitious goal, and is most likely not going to happen. That might very well be. Given the goal (stupid as it might be), innovation goes against Bitcoin’s purpose. An unchanging base layer of money allows innovation in layers above because a predictable foundation is a good foundation. Change-resistance tells its users that their initial trust in the system will not have to be recalibrated every now and then. A user’s understanding of Bitcoin doesn’t have to be updated after every recession. Money should be independent of booms and busts in the real economy. 

On the flip side, change-resistance resists all changes, good and bad. This is a philosophical preference, and reasonable sides have disagreed about this. Ethereum, the second most popular cryptocurrency, has argued that good changes are worth the cost, and is going ahead with radical changes to its base layer as we speak. And has done sweeping changes in the past.

How?

Software is just text interpreted by a computer to perform some actions. How do you design a software system that cannot be changed easily? This goes into the weeds of decentralized distributed peer-to-peer systems, and a bit of the mechanics of how Bitcoin works. 

Bitcoin, the system, is made of tens of thousands of computers that run a specific piece of software. Each computer runs its own local copy of the software and maintains its own local copy of the so-called “coin-ownership database.” Satoshi released the first version of this software after 2 years of working on it (or so he/she claimed). This software’s source code is open, and anyone can modify it, or run it as it is. Many groups of people have modified this software as per their own vision. Each group has their own version of the software, which they hope users will run. 

The key thing to understand is that users decide what version of the software they want to run. All these users’ software together makes up the Bitcoin network. These users are not in a central database somewhere, with phone numbers or email addresses on which they can be contacted and asked to upgrade their software. They are not in a single country or jurisdiction where they can be coerced to upgrade their software, or else. They are spread all over the world in a loosely coordinated arrangement, interacting only through their already installed software. These could have been installed anytime over the last 11 years, and getting them all to agree on what software to run – is a coordination problem of mammoth proportions. Software that runs by itself on a device, while talking to a central server is reasonably easy to upgrade (like a gaming app on a phone). Software that only talks to peers will need other peers to also upgrade and follow the upgraded protocol for things to work. This kind of “protocol upgrade” is much harder to coordinate and enact. Cases in point: (a) the move from IPV4 addresses to IPV6 addresses on the Internet. (b) the disastrous set of upgrades from SSL 1.0->2.0->3.0->TLS 1.0->1.1->1.2->1.3 (SSL and TLS protocols enable the “S” in HTTPS).

The Bitcoin network agrees on a shared coin-ownership database despite every user running their own version of the software. If one user’s coin-ownership database differed from another user, Bitcoin would cease to work. So, how does it work then? This is where the idea of distributed consensus through proof of work comes in. Bitcoin nodes (each computer running the Bitcoin software is abstractly called a “node”) that also validate transactions and assign coin-ownership to users are called mining nodes, and these nodes have to burn enough electrical power to qualify every 10 minutes to propose valid transactions (a “block” of transactions) that the rest of the network accepts. The network rejects this block if it contains invalid transactions. What is valid/invalid was written in software by Satoshi in the first version of Bitcoin, and changing that requires the collective software upgrade that we encountered earlier. Additionally, this notion of what constitutes burnt electrical power is universal in nature, and all nodes can agree on this without relying on any trusted third party. This is the reason Bitcoin burns more power than your friendly neighboring country – to trustlessly determine who owns what through the universal physics of electricity.

But let’s say that some mining node decides to make a block with a transaction that allocates itself some additional money. An invalid transaction, so to speak. Let’s say this mining node can convince half the nodes in the network to change their software and accept that this block is valid. This half would accept this invalid block as valid and update their local copy of the coin-ownership database. The rest of the network would reject this block, and would have a different coin-ownership database. We have what is called a hard fork.

Bitcoin has had many hard forks in its history – almost all of them by design. And none of them with a 50-50 split; all of them were lopsided splits. A few people wanted to change the rules of the game over the years, got a few more people to agree with them, and decided to have different versions of the coin-ownership database. Think of how, before the partition of India in 1947 – there was one Rupee, and a database of who owns how many rupees. This database was, of course, not maintained on a computer – but through ownership of bearer notes. After partition, there were two versions of the Rupee, with two databases of who owns what. Each Bitcoin hard-fork can be thought of as a similar partition of a currency with separate coin-ownership databases going their own way after partition. The fork with the largest set of miners, users, economic value, and other intangible metrics takes the moniker of “Bitcoin.” Others call themselves “Bitcoin Cash,” “Bitcoin Cash SV,”, “Bitcoin Cash ABC” and so forth.

There is also a softer notion of partition called the “soft-fork”, which is a bit more technical and nuanced. Soft-forks do change the notion of what Bitcoin means, but affecting these soft-forks over the entire network takes many years of coordination, and can only be done for the least controversial changes. And there is no guarantee that they might ever see the light of the day. The last successful Bitcoin soft-fork (fork-name: SegWit) was in 2017 and the forking/upgrade process left such a scar on the system that the next fork/upgrade (fork-name: Taproot) though code-complete, and almost entirely uncontroversial, might take years to roll out – if at all.

If they are so hard, how does Ethereum pull off forks? These are some of my reasons (ranked in order of how controversial they could be):

  • Ethereum’s BDFL is well known in real life, very active, and has strong opinions on how Ethereum should evolve. His word commands respect in the community, and is able to affect change. Bitcoin’s creator disappeared in 2010, and has not been heard of since.

  • Ethereum’s nodes are comparatively harder to run, and are thus run by fewer people – who can coordinate upgrades more easily. Bitcoin nodes have a lighter CPU, memory, and network footprint, and can be run by more people.

  • Ethereum’s users want newer features and are willing to upgrade more easily. Bitcoin users are more resistant to change.

What now?

I claim that Bitcoin’s resistance to change is one of its biggest value propositions, and gives us a form of money whose monetary policy, rules of the game, and general contract with the outside world are almost set in stone. You can buy bitcoin, bury the private key, come back to it in 50 years, and it will still be valid, and perhaps, more valuable.



Previously, our intro to crypto:

define: bitcoin

define: ethereum

define: bitcoin

an infinitely divisible digital collectible

The Problem

When faced with a cash-crunch, whether due to wars or natural calamities, the first instinct of governments since time immemorial has been to debase their currency.

Take the Roman empire, for example. The major silver coin used during the first 220 years of the empire was the denarius. During the first days of the Empire, these coins were of high purity, holding about 4.5 grams of pure silver.

However, with a finite supply of silver and gold entering the empire, Roman spending was limited by the amount of denarii that could be minted.

This made financing the pet-projects of emperors challenging. How was the newest war, thermae, palace, or circus to be paid for?

Roman officials found a way to work around this. By decreasing the purity of their coinage, they were able to make more “silver” coins with the same face value. With more coins in circulation, the government could spend more. And so, the content of silver dropped over the years.

By the time of Marcus Aurelius, the denarius was only about 75% silver. Caracalla tried a different method of debasement. He introduced the “double denarius”, which was worth 2x the denarius in face value. However, it had only the weight of 1.5 denarii. By the time of Gallienus, the coins had barely 5% silver. Each coin was a bronze core with a thin coating of silver. The shine quickly wore off to reveal the poor quality underneath.

By 265 AD, when there was only 0.5% silver left in a denarius, prices skyrocketed 1,000% across the Roman Empire.

Traditionally, citizens of a country have limited options to escape a government hell bent on debasing their own currency. They could buy gold, but the government can find ways to restrict how much gold one could own. For instance, the US restricted gold ownership for over 40 years claiming that “hoarding” of gold was stalling economic growth and worsened the depression. In some left-leaning countries, people default to using the US Dollar as a store of value. But often, like in the case of Argentina in 2001, the government can freeze bank accounts and restrict withdrawal of hard currency. One could try to accumulate hard assets, like land, for example. However, real-estate is not portable and can always be sized by the government, like India in the 1950’s and South Africa in the mid-2000’s.

Each of these traditional assets have trade-offs.

  • Gold: cannot be used for electronic payments. But everybody knows its price and is a trusted store of value.

  • US Dollar: centralized clearing either through SWIFT or ACH means the US Government can shut you off at any time. But it is a widely accepted medium of exchange (world trade is denominated in it.)

  • Hard assets: not portable, one-of-a-kind, tough to value and transact with a high liquidity premium. But is known to hold its value through inflationary environments.

Bitcoin was designed to overcome most of these problems.

The Solution

Bitcoin is meant to be a decentralized, fixed-supply, infinitely divisible, digital currency.

Decentralized: there is no central ledger or clearing-house for bitcoin transactions. All bitcoin transactions are written on a blockchain. To win the right to write to the blockchain, miners compete and if they win, are awarded bitcoins. Anyone can become a miner, so transactions are settled by a distributed network of miners that does not require a central authority.

Fixed-supply: there can be only 21 million bitcoins in total. This makes it impossible to be debased like regular currencies.

Infinitely divisible: bitcoin’s smallest unit is called a “satoshi.” It represents one hundred millionth of a bitcoin, or 0.00000001 BTC ($0.00035 USD, at current price.)

Digital: you access your bitcoins through a unique 34-character key. There is no other identifier tying you to your bitcoins. You can use many such keys to send, accept, and store your bitcoins anywhere in the world.

A shared illusion

As far as I can tell, money is a shared illusion. We have a lot of beliefs in various systems, whether it’s the universe or government or organized religion, that serve more of an existential function to give us a sense that there is some order in the world. A big part of money’s function is the ability to help us measure things in an understandable way. – Adam Waytz, Kellogg School of Management

Money is whatever a group of people can agree on that is

  1. a store of value

  2. a medium of exchange

  3. a unit of account

It is not necessary to use a government-issued currency (fiat) to achieve these ends. However, since taxes can only be paid in fiat and the government can use violence to extract the taxes owed, it is often convenient to keep using it.

It is no wonder that even though the technical pieces of bitcoin have been around since the mid 90’s, it took the shock of the 2008 Global Financial Crisis to breathe life into it. With widespread panic, bank runs, countries at the brink of default, and evaporating faith in the global financial system, the time was ripe for an alternative to emerge.

An elegant solution to a well defined problem… with trade-offs

From a technical point of view, bitcoin does what it says on the tin. And the code that drives all of it is public. There are no surprises. But every solution has tradeoffs. Bitcoin’s biggest trade-off is that settling transactions is extremely slow and expensive.

There is no hard limit to how long bitcoin transactions can take to be confirmed. It can take anywhere between 10 minutes and over a day. The two biggest influences on the confirmation time are the amount of transaction fees and the activity on the network. This is not something that can be used for micro-payments, like buying a cup of coffee. But this is only one part of the problem.

New bitcoins enter circulation as block rewards, produced by miners who use expensive electronic equipment to earn or mine them. Every 210,000 blocks, or roughly every four years, the total number of bitcoin that miners can potentially win is halved. But the consequence of this dropping block reward is that eventually, it will dwindle to nothing.

In a few decades when the reward gets too small, the transaction fee will become the main compensation for nodes. I’m sure that in 20 years there will either be very large transaction volume or no volume. – Nakamoto

When you learn that the total annual energy consumption of the Bitcoin network is comparable to the power consumption of Chile, you’ll immediately understand why this is a problem.

This makes #2 of what makes something money questionable in the context of bitcoin. If you can’t use something to transact for everyday needs, is it really money?

Volatility kills accountants

The volatility of Bitcoin is roughly three times higher than that of most country currencies. Compared to a currency pair like USDCAD or USDEUR, which barely breaches 2% (10-Day) volatility even during the Great Financial Crisis, Bitcoin at its lowest volatility is lucky to be below 2%. And this is true even if you compare it with other least-developed country currencies.

The problem with this kind of volatility is that if you own bitcoin denominated assets, what is it worth? This makes the #3 reason of using something as money questionable in the context of bitcoin.

Bitcoin is more like art, less like money

Picasso’s Les femmes d’Alger was sold for $179.4 million in May 2015.

What makes a piece of art valuable? It just sits there and does nothing. So, like bitcoin, it obviously has no intrinsic value. And, like bitcoin, supply is usually capped because the artist is usually long gone. Also, like bitcoin, there is an ecosystem around art comprising of auction houses, galleries and museums that promote a shared myth.

The #2 and #3 use-cases of money is barely met by bitcoin. But bitcoin fits nicely into the art metaphor. With two big differences.

  1. Art, unlike bitcoin, is not divisible. This means that the price of a piece of art is capped by how much someone is willing and able to pay for it. Bitcoin has no such constraint. If someone with $10 buys a fraction of bitcoin for $50,000, then that price gets printed.

  2. Bitcoin is completely digital. Bitcoin represents digital scarcity, which, before Bitcoin, had almost no solutions. Before bitcoin, only things in the real-world were not “copy-pasteable.”

This makes bitcoin an infinitely divisible digital collectible.

We leave you, dear reader, with these thoughts and a recording of our fascinating conversation with someone who is working on a PhD in crypto-currencies and who also happens to be a dear friend of mine. Enjoy!


Sources:

Currency and the Collapse of the Roman Empire

Executive Order 6102

Corralito

Zamindar

Land reform in South Africa

Money: The myth we all believe in

Crypto Assets

How Long Do Bitcoin Transactions Take?

Bitcoin Halving, Explained

Bitcoin Energy Consumption Index

Why Bitcoin Has a Volatile Value

Evolution of bitcoin: Volatility comparisons with least developed countries’ currencies

The Value of Art: Money, Power, Beauty