236 to her. If she now wants to buy a coffee from Alice for 1 |
236 to her. If she now wants to buy a coffee from Alice for 1 |
237 Bitcoin, she has two possibilities: She could just forward the |
237 Bitcoin, she has two possibilities: She could just forward the |
238 transaction from Charles over 4 Bitcoins to Alice split in |
238 transaction from Charles over 4 Bitcoins to Alice split in |
239 such a way that Alice receives 1 Bitcoin and Emily sends the |
239 such a way that Alice receives 1 Bitcoin and Emily sends the |
240 remaining 3 Bitcoins ``back'' to herself. In this case she |
240 remaining 3 Bitcoins ``back'' to herself. In this case she |
241 would now be in the ``posession'' of two unspend Bitcoin |
241 would now be in the ``possession'' of two unspend Bitcoin |
242 transactions, one over 3 Bitcoins and the independent one over |
242 transactions, one over 3 Bitcoins and the independent one over |
243 6 Bitcoins. Or, Emily could combine both transactions (one |
243 6 Bitcoins. Or, Emily could combine both transactions (one |
244 over 4 Bitcoins from Charles and the independent one over 6 |
244 over 4 Bitcoins from Charles and the independent one over 6 |
245 Bitcoins) and then split this amount with 1 Bitcoin going to |
245 Bitcoins) and then split this amount with 1 Bitcoin going to |
246 Alice and 9 Bitcoins going back to herself. |
246 Alice and 9 Bitcoins going back to herself. |
514 blocks in a row. Otherwise this would undermine the trust in |
514 blocks in a row. Otherwise this would undermine the trust in |
515 Bitcoins, which is also not in the interest of BTC, I guess. |
515 Bitcoins, which is also not in the interest of BTC, I guess. |
516 |
516 |
517 \subsubsection*{Bitcoins for Real} |
517 \subsubsection*{Bitcoins for Real} |
518 |
518 |
519 |
519 \ldots |
|
520 |
|
521 \lstinputlisting[language=Scala]{../slides/msg} |
|
522 |
|
523 \noindent |
|
524 The hash in Line 1 is the has of all the data that follows. It |
|
525 is a kind of serial number for the transaction. Line 2 |
|
526 contains a version number. Line 3 and 4 specify how many |
|
527 incoming transactions are combined and how many outgoing |
|
528 transactions there are. In our example there are 1 each. Line |
|
529 5 specifies a lock time for when the transaction is supposed |
|
530 to become active---this is usually set to 0 to become active |
|
531 immediately. Line 6 specifies the size of the message; it has |
|
532 nothing to do with the Bitcoins that are transferred. Lines 7 |
|
533 to 11 specify where the Bitcoins in the transaction are coming |
|
534 from. The has in line 9 specifies the incoming transaction and |
|
535 the \pcode{n} in Line 10 specifies which output of the |
|
536 transaction is referred to. The signature in line 11 specifies |
|
537 the address (public key $K^{pub}$) from where the Bitcoins are |
|
538 taken and the digital signature of the address, that is |
|
539 $\{K^{pub}\}_{K^{priv}}$. Lines 12 to 15 specify the value of |
|
540 the first outgoing transaction. In this case 0.319 Bitcoins. |
|
541 The hash in Line 14 specifies the address to where the |
|
542 Bitcoins are transferred. |
|
543 |
|
544 \ldots |
|
545 |
|
546 \subsubsection*{Anonymity and Government Meddling} |
|
547 |
|
548 One question one often hears is how anonymous is it actually |
|
549 to pay with Bitcoins? Paying with paper money in the past was |
|
550 quite an anonymous act (unlike paying with creditcards), but |
|
551 this has changed nowadays. You cannot come to a bank anymore |
|
552 with a suitcase full of money and try to open a bank account. |
|
553 Strict money laundering and taxation laws mean that not even |
|
554 Swiss banks are prepared to take such money and open a bank |
|
555 account. With Bitcoins the situation is different, but I fully |
|
556 agree with the statement by Nielsen from the blog article I |
|
557 referenced at the beginning: |
|
558 |
|
559 \begin{quote}\it{}``Many people claim that Bitcoin can be used |
|
560 anonymously. This claim has led to the formation of |
|
561 marketplaces such as Silk Road (and various successors), which |
|
562 specialize in illegal goods. However, the claim that Bitcoin |
|
563 is anonymous is a myth. The block chain is public, meaning |
|
564 that it’s possible for anyone to see every Bitcoin transaction |
|
565 ever. Although Bitcoin addresses aren't immediately associated |
|
566 to real-world identities, computer scientists have done a |
|
567 great deal of work figuring out how to de-anonymise |
|
568 `anonymous' social networks. The block chain is a marvellous |
|
569 target for these techniques. I will be extremely surprised if |
|
570 the great majority of Bitcoin users are not identified with |
|
571 relatively high confidence and ease in the near future.'' |
|
572 \end{quote} |
|
573 |
|
574 \noindent The only thing I can add is that with Bitcoins we |
|
575 will have even more fun with many more confessions like the |
|
576 infamous ``I did not |
|
577 inhale''.\footnote{\url{www.youtube.com/watch?v=Bktd_Pi4YJw}} |
|
578 The whole point of the blockchain is that it public and will |
|
579 always be. There are some precautions that are suggested, like |
|
580 to use a new public-private key pair for every new transaction |
|
581 or access Bitcoin only through the Tor network. But the |
|
582 transactions in Bitcoins are designed such that they allow one |
|
583 to combine incoming transactions. In such cases we know they |
|
584 must have been made by the single person who new the |
|
585 corresponding private keys. So using different public-private |
|
586 keys for each transaction, might not make the de-anonymisation |
|
587 task much harder. And the point about de-anonymising |
|
588 `anonymous' social networks is that the information is |
|
589 embedded into the structure of the transition graph. And this |
|
590 cannot be erased with Bitcoins. |
|
591 |
|
592 Finally, what are the options for a typical western government |
|
593 to meddle with Bitcoins? This is of course one feature the |
|
594 proponents of Bitcoins tout: namely that there aren't any |
|
595 options. In my opinion this is too naive and far from the |
|
596 truth. Let us assume some law enforcement agencies would not |
|
597 have been able to uncover the baddies from Silk Road 2.0 (they |
|
598 have done so by uncovering the Tor network, and incredible |
|
599 feat on its own). Would a government have stopped? |
|
600 |
|
601 \begin{itemize} |
|
602 \item The government could compel ``mayor players'' to |
|
603 blacklist Bitcoins (for example at exchanges). This |
|
604 would impinge on what is called \emph{fungibility} of |
|
605 Bitcoins and make them much less attractive to baddies. |
|
606 This blacklisting can be easily done ``whole-sale'' and |
|
607 therefore be really be an attractive target for |
|
608 governments \& Co. |
|
609 \item They could attempt to coerce developer community of the |
|
610 Bitcoin tools. While this might be a bit harder, we know |
|
611 certain governments are ready to take such actions (we |
|
612 have seen this with Lavabit, just that the developers |
|
613 there refused to play ball and shut down their complete |
|
614 operation). |
|
615 \item The government could also put pressure on mining pools |
|
616 in order to blacklist transactions from baddies. Or be |
|
617 big a miner itself. Given the gigantic facilities that |
|
618 are built for institutions like the NSA |
|
619 |
|
620 \begin{center} |
|
621 \includegraphics[scale=0.04]{../pics/nsautah1.jpg} |
|
622 \hspace{3mm} |
|
623 \includegraphics[scale=0.031]{../pics/nsautah2.jpg} |
|
624 \end{center} |
|
625 |
|
626 this would not be such a high bar to jump over. |
|
627 \end{itemize} |
|
628 |
|
629 \noindent Finally the government would potentially not need to |
|
630 follow up with such threads. Just the rumour that it would, |
|
631 could be enough to get the Bitcoin-house-of-cards to tumble. |
|
632 Because of all this I would not have too much hope that |
|
633 Bitcoins are free from government \& Co interference when it |
|
634 will stand in its way. |
520 |
635 |
521 |
636 |
522 \end{document} |
637 \end{document} |
523 |
638 |
524 bit coin |
639 bit coin |