The BitCoin Game
Mining starts with incoming Bitcoin transactions, which are continuously broadcast to every computer on the network. These are collected by the groups or individuals who choose to participate — who start competing for the right to bundle transactions into a new block. The winner is the first to broadcast a 'proof of work' — a solution showing that he or she has solved an otherwise meaningless mathematical puzzle that involves encrypted data from the previous block, and lots of computerized trial and error. The winning block is broadcast through the Bitcoin network and added to the blockchain, with the proof of work providing an all but unbreakable link. The block chain is currently almost 400,000 blocks long.
In principle, this competition keeps the blockchain secure because the puzzle is too hard for anyone miner to solve every time. This means that no one will ever gain access to the encrypted links in the block chain and the ability to rewrite the ledger.
Mining is also a way to steadily increase the bitcoin supply: the miner who wins each block gets a reward, currently 25 new bitcoins. That is worth almost $6,000 at today's prices. Nakamoto's design controls the supply increase by automatically adjusting the difficulty of the puzzle so that a new block is added roughly every ten minutes. In addition, the reward for creating a block decreases by half roughly every four years. The goal is to limit the supply to a maximum of 21 million bitcoins.
The network cannot determine the value of bitcoins relative to standard currencies, or real-world goods and services. That has been left to market forces, with people trading bitcoins on online exchanges. One result is that the market price has gyrated spectacularly — especially in 2013, when the asking price soared from $13 per bitcoin in January to around $1,200 in December. That would have made the first real-world products ever paid for with the cryptocurrency — a pair of Papa John's pizzas, purchased for 10,000 bitcoins on 22 May 2010 — worth almost $12 million.
It did not take long for the problems with Bitcoin to become apparent. For example, because users are allowed to mask their identity with pseudonyms, the currency is perfect for screening criminal activity. That was behind the success of the online black market Silk Road, which the FBI shut down in 2013; its founder was sentenced to life in prison in May this year. But Bitcoin also had a key role in funding the whistle-blowing website WikiLeaks — an outcome that some would call beneficial. It is difficult for society to work out a legal framework to differentiate between good and bad uses of this technology, says Arvind Narayanan, a computer scientist at Princeton University in New Jersey. “How do you regulate around Bitcoin without banning the technology itself?” he asks.
Intensified Bitcoin mining has also led individual miners to pool their computational resources. Last year, the largest mining pool, GHash.IO, briefly exceeded 50% of total Bitcoin mining power — which is problematic because anyone who controls more than half of the mining power could start beating everyone else in the race to add blocks. This would effectively give them control of the transaction ledger and allow them to spend the same bitcoins over and over again. This is not just a theoretical possibility. Successful '51% attacks' — efforts to dominate mining power — have already been mounted against smaller cryptocurrencies such as Terracoin and Coiledcoin; the latter was so badly damaged that it ceased operation.
To reduce the threat from mining pools, some existing cryptocurrencies, such as Litecoin, use puzzles that call more on computer memory than on processing power — a shift that tends to make it more costly to build the kind of specialized computers that the pools favor. Another approach, developed by IC3 co-director Elaine Shi and her collaborators4, enlists a helpful kind of theft. “We are cryptographically ensuring that pool members can always steal the reward for themselves without being detected,” explains Shi. Their supposition is that miners would not trust each other enough to form into pools if their fellow pool members could easily waltz off with the rewards without sharing. They have built a prototype of the algorithm, and are hoping to see it tested in Bitcoin and other cryptocurrencies.
Another problem is the profligate amount of electricity used in Bitcoin mining. To reduce wastage, researchers including Shi and Juels have proposed a currency called Permacoin5. It's proof of work would require miners to create a distributed archive for valuable data such as medical records, or the output of a gene-sequencing center. This would not save energy, but would at least put it to better use.
The security of cryptocurrencies is another huge concern. The many thefts of bitcoins do not result from the block-chain structure, says Narayanan, but from Bitcoin's use of standard digital signature technology. In digital signatures, he explains, people have two numeric keys: a public one that they give to others as an address to send money to, and a private one that they use to approve transactions. But the security of that private key is only as good as the security of the machine that stores it, he says. “If somebody hacks your computer, for example, and steals your private keys, then essentially all of your bitcoins are lost.”
Security is such a concern for consumers that Narayanan thinks Bitcoin is unlikely to find widespread use. So his team is working on a better security scheme that splits private keys across several different devices, such as an individual's desktop computer and smartphone, and requires a certain proportion of the fragments to approve a payment6. “Neither reveals their share of the key to each other,” says Narayanan. “If one machine gets hacked, you're still OK because the hacker would need to hack the others to steal your private key. You'll hopefully notice the hack happened before they have the chance.”
Other thefts have occurred because the private key needs to be combined with a random number to create a transaction signature. Some software — such as Bitcoin apps developed for Android smartphones — has generated random numbers improperly, making them easier to guess. This has allowed hackers to steal somewhere between several thousand and several million dollars worth of bitcoins, says Courtois, who has been investigating such vulnerabilities7. “It's embarrassing,” admits David Schwartz, a chief cryptographer at cryptocurrency developer Ripple Labs in San Francisco, California. “We as an industry just seem to keep screwing up.”
Into the ether
The block chain is a remarkably powerful idea that could be applied to much more than just transaction records, says Gavin Wood, co-founder of Ethereum and chief technology officer of its foundation. One use might be to develop computerized, self-enforcing contracts that make a payment automatically when a task is complete. Others might include voting systems, crowdfunding platforms, and even other cryptocurrencies. Wood says that Ethereum is best used in situations for which central control is a weakness — for example when users do not necessarily trust one another. In 2014, to make it easier to develop such applications, Wood, and fellow programmer Vitalik Buterin devised a way to combine the block chain with a programming language. Ethereum raised 30,000 bitcoins through crowdfunding to commercialize this system.
To prevent the basic cryptography-related mistakes that have plagued Bitcoin, Ethereum has recruited academic experts to audit its protocol. Shi and Juels are looking for ways that Ethereum could be abused by criminals8. “The technology itself is morally neutral, but we should figure out how to shape it so that it can support policies designed to limit the amount of harm it can do,” says Juels.
Like Bitcoin, Ethereum is not under anyone's direct control, so it operates outside national laws, says Wood. However, he adds that technologies such as music taping and the Internet were also considered extralegal at first, and seemed threatening to the status quo. How Bitcoin, Ethereum, and their successors sit legally is therefore “something that, as a culture and society, we're going to have to come together to deal with”, he says.
Juels suspects that Bitcoin, at least, will not last as an independent, decentralized entity. He points out how music streaming has moved from the decentralized model of peer-to-peer file-sharing service Napster to commercial operations such as Spotify and Apple Music. “One could imagine a similar trajectory for cryptocurrencies: when banks see they're successful, they'll want to create their own,” he says.
Courtois disagrees. He calls Bitcoin “the Microsoft of cryptocurrency”, and maintains that its size and dominance mean that it is here to stay. As soon as any new innovations come along, he suggests, Bitcoin can adopt them and retain its leading position. Whatever the future holds for Bitcoin, Narayanan emphasizes that the community of developers and academics behind it is unique. “It's a remarkable body of knowledge, and we're going to be teaching this in computer science classes in 20 years, I'm certain of that.”