Brian from Coinbase here. We're obviously very excited here to do our best in fostering Bitcoin's growth towards mass adoption.
To those who have seen our growing pains - the full intention of raising money is to address those pain points. We look forward to doing our best to eliminate each of them one by one.
- There is a finite number of Bitcoins, and they can effectively be lost forever if private keys are lost. This has led to people doing things like leaving tips in BTC which expire (https://www.bctip.org/).
This is disregarding the volatility of the price and the fact that it seems to behave like a speculative commodity rather than a real currency -- what is your vision of "mass adoption" of Bitcoin?
1) From your link "Today the Bitcoin network is restricted to a sustained rate of 7 tps by some artificial limits. These were put in place to stop people from ballooning the size of the block chain before the network and community was ready for it. Once those limits are lifted, the maximum transaction rate will go up significantly."
2) Bitcoin money supply is currently INFLATING at fast clip of over 10%/year. Refer to nobel economist Milton Friedman and others to read about a constant-supply currency.[1]
The volatility is because the sum(bids+asks) on the exchanges is small relative to speculator's pockets. This is getting better with time.
The transaction volume is currently limited by two things. (1) The number of transactions that can be included within each block by miners. (2) The bandwidth required to keep up with the blockchain.
The block transaction cap is just a hardcoded value in the client. Like many things that change on a monthly basis in the reference client, it can and will be changed when the time is right. There are lots of variables which are being adjusted as Bitcoin grows, such as the recommended minimum fee for small transactions.
As for the bandwidth, there are a few options: First part is to only require clients to maintain a tiny summary of each block, rather than the full ledger. This will reduce the sync bandwidth required by at least two orders of magnitude. This solution only applies to clients, not miners. The second less popular plan is to encourage networks of "green addresses" (kind of like trusted banks that don't need to verify transactions between each other) as well as super-nodes which delegate trust by layers. And finally, there is always methods for pruning the Merkle tree to remove unnecessary history, or introduce periodic genesis blocks which put down the current state in stone without requiring the history before it. These are just off the top of my head, there are likely more initiatives in the works, maybe of which have been planned for from the first day that the Bitcoin whitepaper was published.
> - There is a finite number of Bitcoins, and they can effectively be lost forever if private keys are lost. This has led to people doing things like leaving tips in BTC which expire (https://www.bctip.org/).
Both of these things are true.
Keep in mind, a bitcoin can be divided into units of 0.00000001 (what we call a satoshi). That is to say, the finite number of satoshis is 2,100,000,000,000,000 which should be more than enough for a long long time. (More on that here: https://en.bitcoin.it/wiki/Bitcoin)
As for the question of Bitcoin being lost forever, all this means is that everyone else's Bitcoins rise in value slightly (since you're reducing supply).
> The block transaction cap is just a hardcoded value in the client. Like many things that change on a monthly basis in the reference client, it can and will be changed when the time is right.
No, the block size is a validation rule. Changing it will require a hard-fork. That must happen if bitcoin is to scale. But it's not an easy change.
I recall reading a discussion on the forums about doubling the value of MAX_BLOCK_SIZE in the near-term. I didn't realize that old clients would outright reject larger blocks.
Either way, sounds like everyone is in agreement that this will have to happen inevitably.
It's not that difficult, as long as the vast majority of users agree to upgrade by a certain date. New versions of clients are coded to switch the parameter after a certain block number, far enough in the future to give everyone plenty of time to upgrade.
"The block transaction cap is just a hardcoded value in the client"
Why is these even a value? Why does the protocol limit how many transactions can be performed in a given period of time? This seems like an extreme deficiency to me...
Many reasons are outlined in the link of the grandparent's post. https://en.bitcoin.it/wiki/Scalability (Check out the rest of the wiki, it's quite informative.)
To summarize: It helps reduce some DoS attack vectors and helps encourage the use of transaction fees early on.
The fact that there is a risk of a DoS attack without hard-coded limits on global transaction volume sounds like a much deeper flaw in the design of Bitcoin. It is particularly troublesome given the existence of protocols that do not have this problem, like Chaum's offline digital cash systems (which have been extensively researched by cryptographers).
What is Bitcoin's excuse for this problem? Surely it cannot be that a goal of Bitcoin is to remove central authorities, if some central team of developers has the power to change this system parameter at will. I suppose the only real excuse is that Satoshi was not even aware of that body of work, which would not be all that shocking given the fact that it is not even cited in the Bitcoin paper.
I don't think Bitcoin is even trying to solve the same problem Chaum's ecash was. Bitcoin is about creating a distributed, consistent transaction ledger; ecash is more like a conditionally anonymized electronic certified check.
One of the main concerns around exchanges is security. And for obvious reasons.
I'm interested to guess at what kind of chunk of this $5mil goes to corporate-level capital concerns like infosec vs. the regular startup sinkholes. Can you colorize for me what kind of chunk of your operating expenses goes toward security in one form or another?
Key quote from Fred Wilson: “If Bitcoin really becomes the global currency that every country and every business accepts, and Coinbase becomes the JP Morgan Chase of Bitcoin, that could be worth a lot of money.”
The JP Morgan Chase of Bitcoin could also become the single largest target of technical and crypto attacks that the technology industry has ever seen. Ever.
Advances in cryptography which once were targeted to breaking encrypted messages could be focused on breaking the entire world economy in one fell swoop (provided Bitcoin gets real market traction)
It's highly unlikely that high-profile Bitcoin busts will require meaningful advances in cryptography: they're far, far more likely to be appsec work -- perhaps inspired appsec work -- of the kind routinely conducted by intermediate programmers with weeks of specialized training.
Let me put some round numbers on the cost of various attacks:
Major result in cryptography: $X0 million to $X00 million+ (nation-state adversary)
Subtle bug in the Satoshi client C code: $100,000 (trivially within the reach of organized crime or a single highly motivated attacker)
Bust any Bitcoin-using Ruby on Rails (&tc) application: $20k probably, upper bounded by $100k where you'd produce (as an industrial biproduct) a RCE on any arbitrary Rails site
Compromise the security of a non-trivial number of Bitcoin users via spearphishing / targeted malware / etc: $1,000
If you're a thief who doesn't have access to any computer skills or the above sums of money, have no fear, it is likely that the Bitcoin economy still has multiple options for you to get in on the ground floor of exciting new ways to steal things.
[P.S. I'm routinely pessimistic about Bitcoins for a lot of reasons, but the software security angle keeps coming back to me because it's so easy to explain. If you think I'm overly pessimistic, consider the track record on HN of "people who know what the threat environment banks operate in looks like" versus "Bitcoin advocates" has been in predicting observable future outcomes of e.g. Bitcoin bucket shops in advance.]
"If you're a thief who doesn't have access to any computer skills or the above sums of money, have no fear, it is likely that the Bitcoin economy still has multiple options for you to get in on the ground floor of exciting new ways to steal things."
Exactly. Low-tech ways of stealing bitcoins is precisely what we are seeing the most in the community right now. Thieves who merely sweet-talk people on the forum and convince them to invest in their "businesses" (ponzi schemes, fake ASIC preorders, etc), then receiving the money, and running away.
Cost for the thief: at most $100 (setting up a website to advertise the fake business).
For example just 2 months ago, a fraudster advertised his company selling Bitcoin ASIC mining hardware (www.labsnovo.com, now taken down) by posting a comment to my blog... This is very sad to see because every freaking time, some people fall for it. You may have 4 out of 5 posts on the forums reporting one of these scheme as a "LIKELY FRAUD" in all caps, yet there are always a few people who ignore these warnings and just try to invest anyway. sigh
If so, why ? And how is it different (at least in the eyes of the law) than stealing a wand from someone in Ultima Online ?
In fact, let me go further - does not a "real" currency issuer have a vested interest in not judging bitcoin theft to be illegal ? If it's illegal, that bestows a certain legitimacy ...
If you were to hack into someones account and take it, I would think that is illegal.
Obviously if you were to steal it ingame that would not be illegal.
It's almost certainly illegal to steal bitcoins.
I guess I'm referring to US law here, but I would expect it to be illegal in any country that has computer crime laws.
And sure it is in the currency issuer's interest to do do that, if think in strict terms of maximising the value of the issued currency. But that doesn't mean the currency issuer will take every action available to do so. The bigger picture is much more complicated than that.
Recently I've read an article that Belorusian police investigated stealing of a virtual tank from "World of Tanks", found it and returned it to the original owner.
> the software security angle keeps coming back to me because it's so easy to explain
Or, to rephrase the standard pitch for Bitcoin: a bitcoin is as easy to steal as a credit card number, and as untraceable when it disappears as cash. ;)
Not quite. Credit card numbers can be (and mostly are) stolen from websites that accepts them. That's not true for Bitcoin - you have to gain access to the customers computers that stores the private keys. In that regard, Bitcoin is actually much more secure.
Edit: I just want to add that I think its really silly that most of the online transactions are still done by a series of numbers that can be easily copied and re-used by whoever gets them. We should have much better solutions by now.
The financial system bears much of the cost of fraud, and avoids externalizing the cost of poor security. That's not true of Bitcoin, where losses are for the most part irrevocable. Bitcoin might be more "secure" in some fiddly sense, but the credit card system is much safer for normal people.
> ...and avoids externalizing the cost of poor security.
This is not true in the case of at least one major brokerage firm in the United States for account thefts via cyber-attack (I know this through first-hand experience helping the victim file reports with various LE and regulatory agencies), and all brokerage firms if my read of the regulatory requirements is correct. As the regulatory environment stands today in the United States, if your account is broken into via computer hacking and drained, then you have no recourse other than to appeal to the brokerage institution. It is completely up to the institution whether or not to engage restitution, when (in the case I'm familiar with, no word other than "we're still investigating" for the past five months), and in what manner they treat the case and communicate with you.
Elsewhere in this thread, patio11 already pointed out the cost to mount various attacks. After some quiet questions around some Wall Street contacts confirmed other accounts (but not a massive number of accounts) were also drained at the same institution, I'm reasonably convinced that at least one black hat or black hat team has figured out to use this regulatory hole to their advantage, to wit:
Drain only a few accounts, and the institutions externalize the cost of the poor security upon the account holders themselves.
This points out an interesting problem: apart from sheer trust in traditions of financial institutions, how does an account holder prove that they themselves did not drain their own account, when the financial institution's own computer systems and potentially even their logs have been subverted?
If you are a tech journalist that wants to research this story, I'm happy to respond to questions over PM, and direct you to the actual victim.
Bitcoin might be more "secure" in some fiddly sense, but the credit card system is much safer for normal people.
A chargeback system is a protocol requiring centralized trust. A company will no doubt implement this.
Centralized trust is of course necessary. One could argue that it defeats the point of bitcoin. Yet that's not true, if you think of bitcoin as being a currency (rather than a "secure" currency, or any other label). If it's a currency, then a chargeback protocol is simply a company waiting to happen. And the company would necessarily have to be large, because it has to bear the cost of fraud. Luckily, PayPal has already done a lot of the homework necessary to pull off such an endeavor.
Lastly, it doesn't matter what normal people use. It matters what will become convenient for normal people to use. That's a subtle distinction, because it means as soon as infrastructure is built then people may start using it by default.
For the case of buyer-seller disputes, Bitcoin has a really neat way of handling escrow with its m-of-n transactions [1]. You can make a payment that requires 2 of 3 public keys (the 3 keys being the buyer's, the seller's, and a trusted third party) to be redeemed. If the buyer/seller agree, they can move the money on their own. If they don't, they can go the the third party and solve it with them. Yet, the third party never controls the money and can't take it without one of the buyer/seller signing the transaction. Indeed, all is needed is some trusted company to start doing that.
With Paypal you get one option for dispute resolution: Paypal. With Bitcoin, you can have any number of companies compete to be the arbitrator for your transactions. May the most even handed one win.
How? By paying higher APRs for their credit cards? It's a competitive market. If companies are going to guard their margins by passing fraud costs to users, the companies that do a better job of mitigating fraud will capture market share by offering lower rates.
I submit that that hasn't happened because financial institutions don't in fact pass these costs straight back to consumers.
Really? I think it's more subtle - fraud detection is big business (Palantir et al) and presumably companies have to find a cost / benefit compromise between building their own solutions vs. contracting it out to experts. It might well end up cheaper and easier to add a .5% APR penalty to all their customers and take the hit on retention; it's not THAT competitive out there (at least here in the UK) IMO.
Plus, even though credit card companies compete individually, as an industry they all have a strong incentive to work together to prevent fraud. Loss of trust in Visa/Mastercard as a brand would be catastrophic to all issuing banks.
> as an industry they all have a strong incentive to work together to prevent fraud.
Do they? It looks to me like the industry has treated the fraud problem (which they created) as an opportunity to sell more services (credit monitoring, fraud protection, etc.) without addressing the security problems with their antiquated technology.
Lots of different cards! Blue ones, red ones, green ones, silver ones, ones with kittens on them, ones with a picture of my choosing. None of them have much in the way of material differences though.
And where do you think that money comes from? The financial system bears the cost of fraud by taking more money from everyone. That's an horrible replacement for proper security.
I'd much rather to simply pay insurance to cover for fraud, or avoid paying that if I know that I'm storing my money securely - mostly offline and encrypted with a password that only exists in my head, and small amounts for day-to-day usage somewhere more accessible.
Facile. Where do you think security comes from? It comes from money: engineering interlocking distributing systems to be free of vulnerabilities is extraordinarily expensive.
The question isn't whether systems are or aren't secure. Security is a function of the capital invested in making systems secure. The question is who bears the cost of securing systems. The financial system puts much of the burden of that cost onto the financial system itself; it is thus incentivized to mitigate fraud.
What is a better way to maintain a distributed ledger? Also, is it even theoretically possible to get bitcoin security right in your opinion? Is it practical?
This first question comes up all the time in security threads and you should know the answer is "it doesn't matter". If the threat/concern/flaw/whatever is valid, the person who raises it doesn't need to have a better alternative.
His points are valid not only against Bitcoin, but against a large set of existing e-commerce sites and technologies. I think he would be more convincing if he could come up with some attacks that were unique to Bitcoin and would justify the undercurrent of his comment -- that Bitcoin is bound to fail, and fail badly enough that it will be of no use to anyone except scammers.
I think he would be more convincing if he could come up with some attacks that were unique to Bitcoin
"Find any combination of inputs (say, of the executable script that Bitcoin runs by design) which gives you an RCE on one instance of the satoshi client, fan out the attacker-chosen code to the entire network, root (a large percentage of) the network at once." is my usual example of a hypothetical attack. People keep telling me that this can't happen. Your call on whether you find them or me more credible. I have no particular dog in that fight -- no change in the Bitcoin price affects my net worth. (If Bitcoin imploding would cause me to be impoverished, I might buy a pair of the rose-tinted lenses that some folks seem to be wearing.)
Touche. The attack you mention could happen. In fact it's impossible for anyone to to prove that it can't, other than by removing the script running capability. I suppose I should be more convinced now. I guess what I would really need to be convinced is to be shown a flaw in the fundamental idea of Bitcoin that could not be fixed, rather than in specific features of it's current implementation that can probably be fixed. Is it worth throwing the baby out with the bathwater for something fixable like this?
Wouldn't it be great if Bitcoin worked? Wouldn't it be great if it didn't take several days to move a few grand from one account to another? Wouldn't it be great if no one could take your money without your permission? Wouldn't it be great if you never had to touch physical currency again? Wouldn't it be great if you didn't have to fill out a piece of paper and sign it to give someone else a significant amount of money? And then they didn't have to scan it into their phone, or shove it in an ATM or wait in line to deposit it? Why do I still have to do that? Wouldn't it be great if it wasn't so expensive to send money with Paypal?
Bitcoin has a sordid history of theft and fraud -- not more sordid than any other currency/commodity I can think of though. There will continue to be thefts and fraud. People will probably pay for better security. Who knows maybe people will end up paying as much for bitcoin security as they do now for the privilege of using visa/mastercard/etc.
Let people play with their Bitcoins -- the results might not be all bad.
I know nothing about Bitcoin, but here are some questions I can answer!
Wouldn't it be great if it didn't take several days to move a few grand from one account to another?
Absolutely not! I want the bulk of my life savings kept in an asset that is only liquid on the timescale of days, or even longer. I have seriously contemplated trying to find a broker that has no web presence at all, one that would refuse to execute a trade unless I turn up in person - ideally with three forms of ID and a DNA sample.
I'm not a criminal, I don't live in a failed state and the odds that I'll need to flee the country on 24 hours notice are very low. So I want my retirement money to be hard to move.
If one day I decide otherwise - perhaps taking up high-stakes casino gambling, or day trading - I'll withdraw a bunch of cash and bury it in the backyard or something. This will take considerable time and preparation, making it very hard for me to take up high-stakes gambling on a whim at 3am late one night, but that is not a bug but a feature.
Wouldn't it be great if no one could take your money without your permission?
What defines "my permission"? Is Bitcoin a mindreading technology? If someone steals and/or cracks my computer with my Bitcoins on it, they don't get my Bitcoins? Or, rather, deprive me of my Bitcoins, which is exactly as bad from my perspective?
If Bitcoin were a mindreading technology, even that would only go so far. We don't even need to invoke wacky movie-plot truth-serum scenarios, or torturers armed with five-dollar wrenches, to see the problem: I have, alas, extensive life experience with Alzheimer's patients who slowly but surely stopped being "themselves". There's a large and evil cottage industry built around bilking such people. As someone with no kids and no plans to have any, this is actually an important practical issue in my life: I'm going to grow old (hopefully!), I may well become senile, and the day may come when the safest place for my money is in a trust, where even I can't give permission to spend it without first convincing an independent trustee.
@patio11: So, your attack basically amounts to "find RCE, then use RCE to gain control of whole network at once".
Okay, the problem with this argument is that it is technically valid on any network of any kind. If I invent magic exploit that lets me execute any code I choose, then I can gain control of entire network because I now can execute any code I choose on it. Sure. That much is obvious, but not specific to Bitcoin.
You originally put the price of "Subtle bug in the Satoshi client C code: $100,000" but without giving any meaningful reason behind this number. You know that throwing money at finding bugs doesn't actually find them, right? If the bug does not exist, then it cannot be exploited, no matter how much money is thrown at the problem.
Now, I'm not saying that there is no such bug, because I have no idea whether there is or not. However, when the existence of said bug translates directly into a money-stealing opportunity, in the most literal possible way I can imagine, then there is a rather large incentive amongst those concerned to make sure no such bug exists. I wouldn't be particularly surprised if that particular piece of code wasn't the most ridiculously oversecured thing you can imagine.
Now, obviously flaws can exist elsewhere, and often do. But you're pointing to something that is fundamental to the network and saying "what if it has a flaw", and that seems too obvious to actually be meaningful or insightful to me. Anything can have flaws. The useful question is not "what if there's a flaw?", but "does it have a flaw?".
This is obviously just one example of a link in Bitcoin that is weaker than SHA2. An even weaker link would be the appsec quality of the largest Bitcoin transacting sites.
Sorry, I don't understand your reasoning. What is the difference of running a bitcoin app to, say, a forex site in terms of security? and what do you mean with major result in cryptography? Other cryptographic protocols can be broken too. What makes bitcoin special?
What is the difference of running a bitcoin app to, say, a forex site in terms of security?
It depends on what you mean by "forex site". If you mean "a bucket shop, which uses as its source of random numbers currency fluctuations", then a forex site is approximately as risky as a bitcoin exchange, modulo the fact that the forex frontend almost certainly has no lever on it which will actually cause outgoing wires and the bitcoin exchange almost certainly does. That's actually a pretty big modulo, come to think of it. [Edit to add: This is just talking about software security. Bitcoin exchanges have a legal security problem which forex sites don't, because you can use Bitcoin exchanges to move money and you can't conveniently do that with forex sites.] If by "forex site" you mean e.g. a bank's foreign currency trading desk, you're asking me to compare the US Army and the Boy Scouts in terms of potential to conquer arbitrary nations.
what do you mean with major result in cryptography?
SHA-256 has some time complexity associated with it. A major result in cryptography gives some variant of attack against it with radically lower time complexity than we currently think attacking it requires: say, it allows a speedup of 2X, 4X, etc etc. (It is unlikely, but conceivable, that it would go to O(1) all at once.) This is like every other cryptographic algorithm. Producing major cryptographic results is hard. Weaponizing them is harder, still: 2X improvement probably doesn't make any attacks practical which weren't practical before, it just posts a "Warning: this algorithm will die in the foreseeable future, transition off at the earliest convenience" notice to all interested parties.
But, again, Bitcoin advocates love wrapping themselves up in crypto because it makes them feel secure. Crypto is one teeny tiny little bit of their systemic security. It isn't the important bit. That's a very impressive looking deadbolt you have, there, and defeating it would probably be pretty difficult, but the pane of unreinforced glass right next to it looks a little promising and, if you check with your 17-year old architect who is doing this in his spare time, he might be able to confirm that your house only has two walls and no ceiling.
The biggest difference is that in forex there is a clear distinction between trading and "clearing." Trading occurs when two people agree to trade (SURPRISE!) a specified amount of two (or more) currencies for a given rate of exchange at some point in the future. Clearing is the part where the money actually changes hands. You're probably asking yourself, "But what happens when someone agrees to a trade but the transaction doesn't clear?" This is referred to as counterparty risk. Counterparty risk is pretty self explanatory: the risk that the other person doesn't pay you.
Therefore, compromising the exchange doesn't necessarily mean the end of the world since the "front office" (place where trading happens) is logically separated from the "back office" (place where money changes hands etc). As an aside, this is why France is in the process of regulating the movement of employees between the back office and the front office. If you are familiar with how both systems work then it becomes trivial to start hiding your trading activities and positions. The most damning part about compromising, say, a forex exchange, is that you get to take a peek at everyones trading history and hidden orders. So if you compromise the exchange and see that fund X has an open resting order for 20b EUR/USD @ some price you can then use this information to profit from. Or alternatively based upon the data you abscond with, it then becomes possible to reverse engineer their trading strategies.
This is a bit different than a bitcoin exchange as my understanding is that the clearing and trading occur all at once and there is no separation. E.g. the exchange occurs as soon as the two parties agree. Although this eliminates counterparty risk it poses significant (insurmountable?) problems for the way automated trading currently works today.
Another difference is that the vast majority of forex trading volume happens between institutional investors (usually on behalf of a corporate which is just trying to pay workers in another country) or other hedge funds. This makes security vastly easier since all of these servers are walled off from the public internet and the traffic they exchange never hits the public internet. Additionally it is also reasonable to expect that the system administrators of the end users understand how to operate a computer and keep it relatively secure :). Not always the case, but the assumption.
Edit: Additionally, the clearing is handled by the counterparties themselves and not the exchange. With bitcoin the exchange handles everything and thus is the central point of failure.
> E.g. the exchange occurs as soon as the two parties agree. Although this eliminates counterparty risk it poses significant (insurmountable?) problems for the way automated trading currently works today.
Could you elaborate on this? I'm interested to understand why this presents a problem. Isn't it a good thing for both parties?
Break SHA256, and you can cause hash collisions that allows you to easily mine blocks until 51% of the network switches to a better hashing algorithm (which should happen pretty quick, because it'll be obvious that someone broke it). To steal users money, you'd have to break ECDSA.
Edit: I wasn't 100% exact. It gives you more [1] than easily mining blocks, but still not that much power so that I would call it "Winning".
Compute hashes faster than the rest of the network and you win. The "51% attack" is a polynomial time attack, which is not an acceptable security margin in cryptography.
It seems the "51% attack" can be mitigated simply by waiting for 6 or more confirmations before sending off merchandise or in the case of an exchange, allowing withdrawal of funds. Those who can't wait that long can rely on 3rd parties who attempt to take on fraud in exchange for transaction fees, similar to the current credit card system.
2) Attacker sends payment to merchant but does not include payment in fork in (1)
3) Attacker waits 6 confirmations then receives goods.
4) Attacker double spends the money in the fork (1).
5) Attacker releases fork when it is longer than the main chain.
If they have greater than 51% they will always be able to do (5) because at some point they'll be longer than the main chain. It doesn't matter how many confirmations the merchant waits for.
How so? Isn't a double spend only possible if the attacker's blockchain fork endures for the customary 6 blocks it takes to confirm a transaction? A single block fork would be ignored by the majority chain and thus the attacker's chain transactions would be useless.
I'm not sure why people think that the only possible compromise is breaking SHA256 or other algirithm. It's perfectly possible to create trivially breakable cryptosystems using these algorithms.
Not saying that the bitcoin blockchain or protocol suffers from this, but implementation and protocol flaws are often a far more fruitful source of compromises. If BTC has none of those then colour me impressed because at some point or other most of the big name systems (OpenSSH and OpenSSL spring to mind) have had revisions for various exploit-related reasons. We won't know for some years of course.
You can argue, even without Bitcoin, the motivation still equally exists for breaking cryto algorithms. Break SHA256 for example, and now the attacker can potentially break into many high-profile systems. So, bitcoin doesn't really change the potential risk that much. Unless, one can suddenly solve NP-complete problems, I don't think that's gonna happen.
Well, that's part of the risk-reward calculation, right?
In Founders at Work Max Levchin talks at length about how Paypal essentially had to become a fraud detection company disguised as a payment processing company.
Best of luck to Brian & Coinbase in cracking a very tough nut. Would love to see them succeed.
Edit: This also fits Anderson's quasi-thesis around investing in laughable ideas.
To the naysayers- there are 100 potential problems with Bitcoin. All reasons why it can "never" work.
Yet, I can also list 100 problems with all sorts of things that we use on a daily basis: cash currency, vehicles, firearms, libraries, etc....
- Cash can be stolen, destroyed, counterfeited. It isn't easy to divide (I need quarters at the laundry machine, but I have a $5 bill). Cash is dirty. Do you know how many people have touched that dollar bill?
- People could drive in the wrong lane, drive drunk, ignore all rules of the law. People might get killed!
- People could do incredibly stupid things with guns. They might misfire or jam. You can miss and hit the wrong target easily.
- People could steal books from libraries. They could burn. They cost money and make no money.
Despite these problems- all of these things more or less work. Yes, Bitcoin has problems. Yet, I don't see any of them as being actually bigger than the potential problems with things we use daily anyway.
Shouldn't the goal be for Bitcoin to have reduced problems compared to the systems it is meant to replace? Why should we go from one problematic system to another equally problematic system?
I think it just has different problems. I don't think there's any way to create a perfect system, which is what many people seem to expect. It does solve several problems that no other currencies have managed to solve, but has cropped up some new potential issues in the meantime.
While I think the problems inherent to current currencies are well known, I think some of the problems with Bitcoin still remain theoretical, with at least 50% of them being due to misunderstanding of the system or that its very early and we still lack some infrastructure (enough exchanges, etc)
Difference is that a bunch of bad economic decisions were built into bitcoin from the word go (IMHO, I know you're going to disagree). It doesn't have potential downsides like the things you list, it has built-in definite downsides.
Coinbase is by far the easiest service to use (something that I think is vastly undervalued from the complaints on HN). As long as bitcoin continues to do well I think they have a good chance of being very successful. Congratulations on the funding.
“We need 10 people yesterday,” said Ehrsam, a 24-year-old former Goldman Sachs trader.
"10 People" in this case == security and crypto engineers - like the best the world can get.
If you want to lead the largest exchange for a decentralized, anonymous currency, you better have an NSA quality-type security team that can address the intricate mathematics of the problems they will certainly face. I'd suggest they hire a very senior and experienced economist as well.
$5m of funding? 500K per hire. Sounds about right.
"If you want to lead the largest exchange for a decentralized, anonymous currency, you better have an NSA quality-type security team that can address the intricate mathematics of the problems they will certainly face"
Their first question would be, "What is the formal definition of Bitcoin's security?" Then they would notice that polynomial time attackers can double spend Bitcoin currency and stop bothering with the entire system.
This is the sort of work in this field that top-notch crypto people create:
Chaumian cash requires a central trusted authority just like every other non-bitcoin scheme anyone has ever come up with. The success of bitcoin and the repeated failure of "better" systems shows that your analysis of which properties people care about is wrong.
The central authority in Chaumiam systems only issues the currency and accepts deposits. It is not required to process transactions.
It is worth pointing out that Digicash survived longer than Bitcoin has even been around -- twice as long, in fact. The reasons for its failure are not as simple as "people just did not care." There were forces in the US government actively working against all civilian use of cryptography, especially those systems that might thwart law enforcement investigations. Patents on cryptography (ironically, this includes patents held by Chaum himself) did what they typically do: prevent systems from being deployed on a large scale. There were bad management decisions, like Chaum's refusal to accept a huge monetary offer from Microsoft to integrate his system with Windows 95 and another large offer from Visa.
Yes, there was a general lack of concern on the part of credit card users about the security of their card data. That lack of concern is largely fueled by all the legal protections bank customers get -- nobody actually feels the pain of credit card fraud, except for the money mules:
That lack of concern is equally challenging for Bitcoin. I suspect that most people do not really care about any of the issues Bitcoin is trying to solve. Few people are seriously worried about runaway inflation of the US Dollar or of the Euro. Bank fees aggravate merchants, but those same merchants are generally unwilling to accept anything other than their nation's currency, and deal in Bitcoin only through intermediaries that perform currency exchange.
In another four years, if the news about Bitcoin is something other than, "Bitcoin trading at all-time lows," or "Analyzing the failure of cryptocurrencies," you can at least claim that Bitcoin fared better than Chaum's systems.
This is not an "only". The central issuer also apparently makes management decisions that lead to the success or failure of the scheme, as the anecdote about Chaum relates.
There is a difference between the design of the protocol, and the realities of deploying it. Bitcoin is not immune to this: despite its supposedly "decentralized" protocol, the Bitcoin developers have enormous power over the system. A bad decision by the Bitcoin developers could kill Bitcoin, and inaction by those developers could also kill Bitcoin. Were it not for the early efforts of the developers, Bitcoin would never have received any attention at all.
It is also important to remember that Chaum's poor management of Digicash did not exist in a vacuum; the patents on the digital cash concepts and protocol designs were key in ensuring that only Chaum could deploy the system. Were there no patents, Microsoft might not have bothered to make an offer; they could have just implemented a digital cash protocol themselves. There is no single reason for the Digicash failure, but rather a list of reasons that collectively doomed the system.
These are not existential risks, they are real security issues. If there is not even a meaningful definition of Bitcoin's security -- a definition that can be used in a mathematical proof, without circular logic -- then how can Coinbase make any kind of claim about the security of their own system? To put it another way, suppose Bitcoin is inherently insecure -- suppose that nothing you do can prevent a polynomial time attack (this is not unheard of in crypto; see Merkle Puzzles) -- can you even claim that Coinbase is secure?
When I first heard that VCs were putting money into Bitcoin companies, frankly, I balked. Then I realized that I felt the exact same way years ago when I first saw one of those companies selling gold at inflated prices to people.
There is clearly a market for Bitcoin. Between the large black markets, the anti-government libertarians/anarchists and the speculative traders, there is little doubt there are fortunes to be made.
I just don't know if I'd care to be in such a business.
It is largely used in black market transactions, it exists without any regulations at all, and there are almost no mainstream businesses that actually deal in it (and even those that do are doing so through an intermediary service that is giving them dollars/etc.). For most people, it sounds more like a scam than something they can trust their money with.
It is largely used in black market transactions, it exists without any regulations at all, and there are almost no mainstream businesses that actually deal in it (and even those that do are doing so through an intermediary service that is giving them dollars/etc.).
Please provide citation that silk road and other black markets are the majority of bitcoin's economy.
My guess is that "black market" transactions make up the vast, vast majority of the economy (as in 80%, 90% or more on a txn basis and probably even on a volume basis) (assuming trading is not included). Is there any other use case for Bitcoin?
It is largely used in black market transactions, it exists without any regulations at all, and there are almost no mainstream businesses that actually deal in it
As we used to say back in the day, “don’t believe the hype.”
On a recent podcast of Lets Talk Bitcoin (http://letstalkbitcoin.com), it was mentioned that donations to projects, websites, etc. were the majority of Bitcoin transactions, not black market ones.
It’s not a coincidence that Bitcoin first appeared in 2009, after the world economy was nearly destroyed by regulated financial institutions and government-controlled central banks.
There’s certainly nothing shady about wanting a way of exchanging and storing value (i.e. money) that’s unencumbered with the legacy of how we’ve handled transactions in the past.
I think people aren't comfortable with the anonymity associated with Bitcoin yet. Plus it's only heavily exercised use case is in buying shit you can't purchase with regular currency :)
They're not sneakily grabbing; investors know what they're getting into. Furthermore, Coinbase makes real money on every trade.
In a gold prospecting rush, it's good to be in the shovel and provisions business. Even better if people will pay you to take the shovel back if they decide to stop prospecting.
Sorry, my comment was misleading. This is exactly my point--it just seems like the author has a nieve view of investing if they think Coinbase "nabbed" their round.
So are most of these bitcoin startups just banks/exchanges? Is there anyone doing anything more unique with bitcoin?
Since it is hard to judge the true value of a bitcoin since it fluctuates so much, perhaps bitcoins would be best suited to pay for services and goods that are hard to judge in value?
Someone should create a bitcoin based fiverr or mechanical turk.
It would also be interesting to see something completely close the loop when it comes to bitcoins. For example, raise bitcoins to pay for the production costs of a movie, pay actors and staff in bitcoins, charge bitcoins for movie download, and repay investors in bitcoins.
Quote from the article: “Hackers are the animals that can detect a storm coming or an earthquake,” he said. “They just know, even though they don’t know why, and there are two big things hackers are excited about now and can’t articulate why–Bitcoin and 3D printing.”
But from reading HN it seems that there is a lot more controversy about bitcoin than about 3D printing.
To those who have seen our growing pains - the full intention of raising money is to address those pain points. We look forward to doing our best to eliminate each of them one by one.