If bitcoin circulation is, in practice, much lower than it's generally believed to be -
“We isolated all the large (≥ 50,000 Bitcoins) transactions which were ever recorded in the system, and analyzed how these amounts were accumulated and then spent. We discovered that almost all these large transactions were the descendants of a single large transaction involving 90,000 Bitcoins which took place on November 8th 2010, and that the subgraph of these transactions contains many strange looking chains and fork-merge structures, in which a large balance is either transferred within a few hours through hundreds of temporary intermediate accounts, or split into many small amounts which are sent to different accounts only in order to be recombined shortly afterwards into essentially the same amount in a new account.”
- Dorit Ron and Adi Shamir, Quantitative Analysis of the Full Bitcoin Transaction Graph.
Then the perceived value and the actual value would be off significantly.
So, while I might not phrase it in quite as strong terms as the person you're responding to does, I do find reason to be somewhat cautious about the whole enterprise.
Don't recall who said it, but powerful disruptive innovations are overhyped in the short term but under-hyped in the long term.
That's how I feel about Bitcoin. Circulation might not be a lot, and signs probably show that is not a lot, but it is disruptive. You also have to consider that perceived value is always reckoned into the 'actual' price. It depends on what market theories you ascribe to, but it is generally accepted that current prices reflect the market's capability to guess (and judge) futuer value. So, perceived value is often difficult to 'divorce' from the actual value, especially in the case with something like Bitcoin, where it is seen as both an asset and currency.
Another thing is the continuing trend of providing off-chain transactions (through companies such as Coinbase en Inputs.io).
Study wasn't done in 2010. That's just when that transaction shell game showed up from the perspective of the study. Do you have an up to date statistical analysis of the bitcoin transaction record to share?
2. Bitcoin can be "attacked" (for some vague notion of what it means to attack a system that has no security definition) in polynomial time.
3. The economics of Bitcoin are extremely suspect and based on a poorly developed economic model, supported by neither the Austrian school nor by modern monetary theory. This is probably the underlying cause of the lack of a security definition, as the security definition of a digital cash system will almost certainly be driven by the system's economic model.
These issues have been covered ad nauseam by many people, and have been largely dismissed by the Bitcoin community. All the while we have seen increasing amounts of energy sunk into Bitcoin mining, we have seen a major block chain fork that left transactions in question, and we have seen wild fluctuations in the value of Bitcoin currency.
It's hard to downvote a thoughtful comment from a smart person, but you're just plain, flat out wrong.
Bitcoin is a heuristic for Byzantine concensus that requires 50% + epsilon of mining hash power to subvert.
This is not explicitly stated in the original paper, but the original paper comes very close.
I don't know what else you would want.
Regarding economics: All you need for a functioning currency is a supply of speculators who will bet on its future value and thus prop it up. That is only sustainable if the currency is the best at what it does for some meaningful niche (e.g. untrusted digital transactions). This is not part of any proir school of economics, but it's close to common sense, and is strongly supported by the success of bitcoin thus far.
You are already giving an unclear definition when you use terms like "mining hash power." What rigorous definition can you give for that term? What sort of model of computation are we working with (or is the definition based on information theory?)?
For comparison, consider the definition of security used in this recently published paper:
The definition is long, but very clear. Probabilistic polynomial time Turing machines are used as a model of computation; the adversary is given more power by being allowed to be non-uniform (i.e. the adversary can be a different machine for different security parameters). The security properties are clearly defined in terms of this model of computation, and a construction is given and proved to meet the properties (under certain hardness assumptions).
Note that there is no possible way that Bitcoin could meet the security definition given in that paper, because that definition requires the existence of a bank that issues the cash. This is true of previous work on digital cash as well, including the work that preceded Bitcoin. That is why it is necessary to develop a security definition that makes sense for systems like Bitcoin -- digital cash systems in which there is no bank. That is the complaint I have: no satisfactory definition has been given.
"This is not part of any proir school of economics, but it's close to common sense, and is strongly supported by the success of bitcoin thus far."
Economics often defies common sense, so I would be wary of using common sense as the basis for a currency.
2. Countries can be attacked too. I don't know what your point is here. If bitcoin survives its infancy, it could become more resilient than any other currency.
3. Could you explain it in practical terms? Because as long as it works, why should I care about what theorists say? Bitcoin's creator said himself that it was an experiment, and rightly so, we have never seen anything like Bitcoin taking off before. Seems like he nailed it on his design.
Yeah, I have seen a lot of people raging. How is that evidence of anything, other than fear of the unknown?
Typically cryptographers will define a security goal in rigorous terms, then prove that their system meets that goal (at least for "cryptomania" type applications like digital cash). There are good reasons for doing this:
1. It makes proofs of security possible, which make us a lot more confident about cryptosystems.
2. It allows us to be clear about what it means to "break" a system. If we are not clear about this, someone could claim that their system cannot be attacked by simply defining security to be the exact behavior of whatever they created. This is analogous to having a falsifiable hypothesis in a scientific experiment.
The original Bitcoin paper did not have such a definition. I am aware of one attempt at making such a definition, but it resulted in a very weak notion of security that placed unrealistic restrictions on what an attacker could do (basically, the authors were trying to find some definition that Bitcoin could satisfy; see point 2 above). In general, Bitcoin's security is highly suspicious, since by design the honest parties must scale their work in proportion with the work done by the attacker.
"Countries can be attacked too. I don't know what your point is here. If bitcoin survives its infancy, it could become more resilient than any other currency."
If you are admitting the possibility that an army might attack a country, then you are allowing Bitcoin to be fractured by an army destroying the outgoing Internet connections of a country. In the past, countries have been cut off from the Internet by accident (e.g. anchors being dropped on undersea cables). You could keep an attacking army outside of your territory and still wind up unable to communicate with the rest of the Bitcoin network. This is not a highly convincing argument.
Of course, this is all irrelevant, because a polynomial time attack is not the same as an act of war. There are a lot of organizations with the resources needed to perform the "51% attack" on Bitcoin and no compelling reason to think that a faster attack is not possible. You could attack Bitcoin by performing a lot of computation locally, without ever needing to step foot out the door. Bitcoin also does little to prevent attacks based on sending malicious messages into the network, despite the fact that cryptographers began developing techniques for dealing with that decades ago and despite the fact that almost all that work is freely available.
"3. Could you explain it in practical terms?"
Sure. Let's start with a thought experiment: I have something very rare, which has no practical uses but which is easy to give to others. Will you give me your car for a big pile of it?
Unless you are crazy you would not give up your car. The reason is that you are receiving something that is useless in exchange, and that you would have to go find some other person willing to take a pile of useless (but rare) items. Would your landlord accept some of these rare items as a rent payment? Would the bank accept some as loan repayment? Would the government accept it as a tax payment (let's just pretend that you are a law-abiding citizen who pays their taxes)?
How is Bitcoin any different? A lot of hype was generated about it, but at the end of the day you will not be able to pay your taxes with it, banks are unlikely to accept it for loan payments, and the majority of businesses that claim to accept Bitcoin payments actually accept payments in fiat currency via a Bitcoin exchange. Bitcoin currency has no practical uses (it is basically an energy sink) so the Austrian school does not support it, and it is not legal tender nor is it accepted for tax purposes by the government so modern monetary theory does not support it either.
"why should I care about what theorists say?"
For the same reason you should care about what cryptography theorists, physicists, and doctors have to say.
"we have never seen anything like Bitcoin taking off before."
That is because Bitcoin is the first of its kind. It is the first attempt to create a currency without a legal system. Even gold had value as currency because of a legal system.
"Yeah, I have seen a lot of people raging. How is that evidence of anything, other than fear of the unknown?"
You are calling the informed opinions of dozens of experts in cryptography and economics "raging" because they are saying that the system you love and support is based on dubious technical and economic ideas. It sounds more like you started out believing that Bitcoin is the future and are not willing to accept any argument that concludes anything else.
> There are a lot of organizations with the resources needed to perform the "51% attack" on Bitcoin and no compelling reason to think that a faster attack is not possible.
I'm aware of that. There are also lots of organizations with the power to kill you, yet you won't lose your sleep, because they have nothing to gain from that, so you are pretty sure that it won't happen. It could be argued that the central banks have a lot to lose to Bitcoin, so they should attack it. But after giving it a bit of thought, I remembered that most people just try to pass the current problems to the next guy (think of presidents, bankers, etc), so why would they bother? Right now, Bitcoin is not big enough to be a threat to anyone. It will keep growing as a threat, but everyone will pass the problem to the next guy, until Bitcoin becomes too big to be stopped. If there is a future that makes sense, this is it. Bitcoin takes over because lazy politicians don't do what they have to (in this crazy world, where their function seem to be to ruin everything), and ironically, that will be the best for everyone.
> For the same reason you should care about what cryptography theorists, physicists, and doctors have to say.
I was thinking about economists mostly (which in many cases will have vested interests), but still, if it works it works. Many theorists have spoken against the phone, the internet, the email, the aeroplanes, etc, and see what happened. I'm no cryptographer, but Bitcoin doesn't seem like something that would require one to begin with since all its crypto was done at the user level, it's pretty simple. Satoshi didn't try to create his own hashing algorithm or anything like that.
> You are calling the informed opinions of dozens of experts in cryptography and economics "raging" because they are saying that the system you love and support is based on dubious technical and economic ideas. It sounds more like you started out believing that Bitcoin is the future and are not willing to accept any argument that concludes anything else.
There are quite informed people on the other side too. So what do we do about them? Ignore them? I said raging, because Bitcoin has this crazy effect on a lot of people. They will hate Bitcoin for no reason, spread outright lies, and try to convince everyone that it is a scam. Why? We still don't know what causes it, so we just call it fear of the unknown.
"Satoshi didn't try to create his own hashing algorithm or anything like that."
No, he tried to create his own digital cash system, and digital cash is a cryptography problem that has been extensively studied by cryptographers (and had been studied for decades prior to Bitcoin). Bitcoin is also a system that involves multiparty computation, and secure multiparty computation has also been studied extensively by cryptographers, also going back decades. It is a mistake to think that the only relevant cryptography in Bitcoin are digital signatures and hash functions.
This is really the crux of the issue here. Bitcoin is not a hash function. It is not a digital signature system. The security of hash functions and digital signatures is not in question here; Bitcoin could be vulnerable to attack even if it is built using secure hash functions and secure signature systems. The point of having a security definition is to be clear about these things. We need to be clear about what the meaning of "security" is in the case of Bitcoin if we want to make any statements about whether or not Bitcoin actually achieves that security goal. It is not hard to see that the definition of security for a hash function or a digital signature system is not what we want for Bitcoin; what is not so clear is what we actually do want.
> Sure. Let's start with a thought experiment: I have something very rare, which has no practical uses but which is easy to give to others. Will you give me your car for a big pile of it?
How does the success/value of gold not completely destroy this line of reasoning?
I'm not saying it is destined for success or failure, just that this is not a coherent argument against Bitcoin.
This line of reasoning is inane, and comes up every time gold or Bitcoin is mentioned.
Gold and Bitcoin are merely stores of value. Just like your paper bills with dead presidents on them. Or stocks or bonds. Which has next to nothing to do with how you pay for something. You can easily barter for an item, or pay with credit cards. Some places still do not accept American Express. Some places don't accept any credit cards. That doesn't take away from the fact that they are convenient. Likewise, I can see that Bitcoin could eventually become very convenient for micropayments, since credit cards charge merchants a fee. AFAIK, Bitcoin transfers are cheap or entirely free, thus making micropayments possible.
4. Last time I checked, gold was still very valuable. And it has been used for what... Thousands of years? The economies of the world did just fine without forced inflation and consumerism.
5. Printing paper money wastes way more resources. And how is using energy to create something of value a bad idea anyway? Bitcoin doesn't even require that you use a contaminating type of energy, for all I know you could be hashing with solar energy.
Most transactions now do not involve cash, and credit card transactions are in fact far more energy-efficient than bitcoin transactions. And it is not just using energy to "create something of value"--it is an artificial waste of energy barrier.
Furthermore, there will be an energy cost to transactions even after no substantial number of bitcoins are mined, since just verifying transactions requires wasteful hashing.
The solar energy part is totally irrelevant--if you happen to have a solar panel sitting around, you could just as easily use it for actual work (and offset coal burning) rather than computing hashes.
> credit card transactions are in fact far more energy-efficient than bitcoin transactions
Huh? You seriously think Visa/Mastercard are using less energy than Bitcoin?
> Furthermore, there will be an energy cost to transactions even after no substantial number of bitcoins are mined, since just verifying transactions requires wasteful hashing.
You can call it wasteful all you want, but if you don't see the value in creating/maintaining a global framework for storing and exchanging value, then I don't know what to tell you. Besides, you are comparing apples to oranges. Bitcoin is a currency. You can build things like Visa around Bitcoin.
Gold being valuable isn't the point. In fact, I think calling bitcoin deflationary indicates the belief it will actually be more valuable in the future.
Question for you regarding your reference to forced inflation and consumerism: Do you believe there would be even a temporary economic collapse if the world were to suddenly move to a deflationary currency? If so, how many months/years would the collapse have to last before you would say that the transition to a deflationary currency isn't worth it?
The reason I ask is because while fundamentally I have a lot of problems with our financial system, I've come to the conclusion that historically there were periods of recession that lasted hundreds of years. I just don't feel that my lifetime in a bad transition economy is worth the sacrifice of moving to a "better" financial system. I'd rather just keep the status quo as it slowly degrades to something worse and worse since I think that's the best outcome for me. It's a selfish outlook, but I have to believe it's the outlook of most people and that's why we are where we are right now.
re: 4. Deflation is bad for the asset rich, but good for the asset poor. Inflation is good for the rich and bad for the poor. Those who usually spout the 'inflation is better than deflation' argument are the rich.
The argument that inflationary expectation is better than deflationary expectation because during period of deflation purchasing stops because 'it will be cheaper tomorrow' is flawed because such periods of deflation are short lived, and the market returns to a price where people are willing to re-enter the market and purchase to gain utility from the goods and services.
Just be careful believing people who "know anything about money" without thinking it through.
No, deflation is bad, period, for the economic actors who depend on deflationary currencies, and this is verified simply by looking at pretty much any historical instance of deflation.
I'm not against Bitcoin per se, but all this anti-inflation crap is, quite simply, at odds with historical data to the point that it has become essentially "views differ on shape of planet". If economics is to be useful at all, it has no choice but to be empirical, and everything we've ever measured has always told us that deflation is bad.
Perhaps Satoshi simply felt it was easier to implement finite Bitcoins than a constantly increasing supply. I don't think he can be blamed for that. Bitcoin is, if nothing else, certainly intriguing.
You are confusing the short lived deflation that could be caused by a deflationary currency, with the deflation caused by all the other problems mentioned in the wikipedia article, like "technological progress that created significant economic growth", "great advances in productivity", etc. Apparently the only problem brought by gold and silver was that there was a scarcity of coins (a physical problem), which would never happen with Bitcoin (a digital currency).
> Perhaps Satoshi simply felt it was easier to implement finite Bitcoins than a constantly increasing supply. I don't think he can be blamed for that. Bitcoin is, if nothing else, certainly intriguing.
No, he was against inflation. In the first block of the blockchain, he added a message; it was something about Bernake approving a new bailout for the banks.
> No, deflation is bad, period, for the economic actors who depend on deflationary currencies,
USD (or GBP or AUD etc) are deflationary relative to technological items, such as computers. By your theory, no-one should buy such items. In reality, they do.
You absolutely have 4 backwards. Deflation is good for those rich enough to have money sitting around, and who can make money just by sitting on it and not investing it. Inflation is bad for the rich because suddenly they have to DO something with the money, or it disappears.
Inflation is good for the rich's income. Deflation is good for the rich's savings. Seems like they win in both cases? Though I would argue they win more in the first case, since inflation don't necessarily force them to do something with the money. Eg: They could just sit on gold or real estate if they wanted to. But most rich people didn't get there by doing nothing, so they tend to do something anyway, no need to force them.
A deflationary currency can be a bad idea as a monopolistic currency.
But adding a deflationary currency to an ecosystem that also contains inflationary currencies isn't the same thing as having a deflationary currency be the only currency available.
“We isolated all the large (≥ 50,000 Bitcoins) transactions which were ever recorded in the system, and analyzed how these amounts were accumulated and then spent. We discovered that almost all these large transactions were the descendants of a single large transaction involving 90,000 Bitcoins which took place on November 8th 2010, and that the subgraph of these transactions contains many strange looking chains and fork-merge structures, in which a large balance is either transferred within a few hours through hundreds of temporary intermediate accounts, or split into many small amounts which are sent to different accounts only in order to be recombined shortly afterwards into essentially the same amount in a new account.”
- Dorit Ron and Adi Shamir, Quantitative Analysis of the Full Bitcoin Transaction Graph.
Then the perceived value and the actual value would be off significantly.
So, while I might not phrase it in quite as strong terms as the person you're responding to does, I do find reason to be somewhat cautious about the whole enterprise.