A Bitcoin Analogy
Bitcoin is having its first "15 minutes" with the recent bubble and crash, but Bitcoin is pretty hard to understand, so I've produced this analogy to give people a deeper understanding of what's going on.
It begins with a group of folks who take a different view on several attributes of conventional "fiat" money. It's not backed by any physical commodity, just faith in the government and central bank which issues it. In fact, it's really backed by the fact that other people believe it's valuable, and you can trade reliably with them using it. You can't go to the US treasury with your dollars and get very much directly, though you must pay your US tax bill with them. If a "fiat" currency faces trouble, you are depending on the strength of the backing government to do "stuff" to prevent that collapse. Central banks in turn get a lot of control over the currency, and in particular they can print more of it any time they think the market will stomach such printing -- and sometimes even when it can't -- and they can regulate commerce and invade privacy on large transactions. Their ability to set interest rates and print more money is both a bug (that has sometimes caused horrible inflation) and a feature, as that inflation can be brought under control and deflation can be prevented.
The creators of Bitcoin wanted to build a system without many of these flaws of fiat money, without central control, without anybody who could control the currency or print it as they wish. They wanted an anonymous, privacy protecting currency. In addition, they knew an open digital currency would be very efficient, with transactions costing effectively nothing -- which is a pretty big deal when you see Visa and Mastercard able to sustain taking 2% of transactions, and banks taking a smaller but still real cut.
With those goals in mind, they considered the fact that even the fiat currencies largely have value because everybody agrees they have value, and the value of the government backing is at the very least, debatable. They suggested that one might make a currency whose only value came from that group consensus and its useful technical features. That's still a very debatable topic, but for now there are enough people willing to support it that the experiment is underway. Most are aware there is considerable risk.
Update: I've grown less fond of this analogy and am working up a superior one, closer to the reality but still easy to understand.
Bitcoins -- the digital money that has value only because enough people agree it does -- are themselves just very large special numbers. To explain this I am going to lay out an imperfect analogy using words and describe "wordcoin" as it might exist in the pre-computer era. The goal is to help the less technical understand some of the mechanisms of a digital crypto-based currency, and thus be better able to join the debate about them. With wordcoin, it is agreed that the coins will be 10 word long phrases. To be a wordcoin, a phrase has to be fond in a book in the Library of Congress published prior to the computer age, and the sentence has to meet a special mathematical test. To test it, you need to convert all the letters to digits and perform some complex math on them. This math takes about a minute for a person to do -- there are no computers around to speed it up. The formula has been calculated so that only a small fraction of phrases pass the test -- thousands have to be tried before you will find one. However, once you find one, anybody can confirm that it passes the test in a minute or two if in the Library.
To generate these wordcoins, people toil for long periods going through books, pulling out phrases and doing the calculations on them. It takes many hours to find one. This is called "mining."
The second component is a special "magic" scroll in the grand hall of the library. What's magic about it is that you can only add new lines to it, you can never erase or change earlier lines. The grand hall is always busy and open 24 hours and the scroll is always being watched by many different parties, so it's tamper-proof. If you are the first to find a wordcoin, you can go to the scroll and record the coin, and your name, to declare you own it. If you are the first, that confirms your ownership. Somebody who comes along after you could only add a claim after yours, and your precedence is clear.
You don't have to put down your real name. You can use an alias that can't be traced to you. However in another bit of magic, when you sign the alias, or your real name, nobody else can forge your signature. That wordcoin is yours. Let's imagine, in a bit of luck that the phrase "It was the best of times, it was the worst of" is a phrase that passes the wordcoin test, and your alias is "Dickie." You write down the phrase (citing the book) and sign "Dickie" as the miner. Now IWTBOTIWTWO is yours and all can see that.
To transfer wordcoins, or parts of them, you also use the scroll. Others, even if they have not mined wordcoins, have recorded their unforgeable signatures on the scroll. If you wish to pay one of them, you go to the scroll (possibly wearing a mask and cape) and write down, "I transfer the first 10th of the wordcoin IWTBOTIWTWO to Doyle-- signed Dickie." The whole world can see the scroll, and they now know that you, Dickie, only own the last 9/10ths of your coin, and that Doyle owns the first 10th. They don't know who you or Doyle are. Doyle can now go and make payments using that 10th coin to others, or even back to you.
A final important component is that math has shown that there will never be more than 21 million wordcoins in the books. It's going to take a lot of time and work to find them, though eventually they all will be found. For wordcoin, that would be a prediction based on probability, but for bitcoin it's more certain. Because wordcoin is a pre-computer analogy, I have left out the fact that bitcoins are designed to be harder to mine as computers get faster, and also glossed over the fact that you need computers to be able to quickly be able to access all the lines in what will become a very long magic scroll.
The computers make all this secure and quick, and distributed around the world. Everybody can have a copy of the scroll and verify its correctness, and it's all very cheap to operate. And in reality, while the mining seems silly, the mining process is what's making the magic scroll magic, generating a majority consensus on what gets added to the scroll.
So now you have these wordcoins, or bitcoins, and you must convince people they have value -- ie. convince them to give you things, including fiat money, for them. That took a long time but is now happening in a not entirely stable way. Unlike the scroll above which seems cumbersome, one big attraction of the digital version -- bitcoin -- is that now all sorts of financial things can be done easily and cheaply over networks.
What it means
Bitcoin is controversial for a variety of reasons
- The principle of currency with no backing is still untested and frightening. Holding bitcoins offers considerable risk, as well as reward
- While anonymous money is a useful and valuable thing for society, the people who want it most of all are the underground. As such the first people willing to take the risk of making significant use of bitcoin are doing things like selling drugs. This is not great for bitcoin's reputation or legal status, though the system survived and thrived after shutdown of the largest illegal operation.
- Further, there are types of illegal transactions bitcoin makes possible that almost all agree the world could do without, such as easy, irrevocable and secure payment to anonymous extortionists and kidnappers.
- The anonymity and irrevocability of transactions is a boon to thieves and people who find flaws in the system. There is, by and large, no "undo"
- The mining is controversial. It's led some to wonder if this isn't just a way for the geeks to have all the "gold," and then convince the world that gold should be used as money. The problem in any currency over "who gets the first money?" is never an easy one, and the answer "the government" has never been that great an answer either.
- Bitcoin is probably either a currency (what it claims to be) or a security. But there's a lot of law around those things. Many nations forbid non-government currencies, and all of them regulate selling securities, especially securities backed by nothing.
- The fixed number of bitcoins assures massive deflation if bitcoin is a success. We have little experience with this and how it affects economics. How do loans and banking work? What stops hoarding during the deflation, and the extra deflation that causes?
- Bitcoin is still a work in progress, very much beta. This suggests that even if the world does get a working crypto-currency, it may well be the successor to the successor to bitcoin. This in turn adds more risk.
- As a beta, it has had, and will continue to have bugs. Anonymity has been weakened at times. Thefts have taken place. Odd things are going on behind the veil.
- All money that can be spent by typing on your computer is at risk from attacks, but bitcoin is particularly vulnerable because of the lack of undo, unless special care is taken. If somebody gets into your Paypal account and transfers all your money away, Paypal often can fix that using their undo. With bitcoin, you can't.
- Bitcoin is a threat to several established powers -- the governments and central banks, and the world's other banking and transaction institutions. These are very, very powerful.
What might be improved
As suggested, bitcoin may not be the "final" crypto-currency, though that doesn't mean that if a successor appears, there will not be an exchange rate unless the predecessor is seriously broken.
Here are some options that might improve a crypto-currency
A De-Central Bank
A key purpose of bitcoin is to have no central bank which can print money or control how it's used. But to many this is a bug as well as a feature. Bitcoin has a very extreme "undo" which involves every single bitcoin user unwinding their peer copy of the log, erasing the end of the scroll. There has to be near universal agreement, so universal that those who don't agree have no choice -- they either have to sign on or fork the currency into two worlds where different people own the same money, and that's not really a choice if you are in the minority.
Imagine a system where a very large number of participants are recorded as de-central bankers. Any 75% (to use an example fraction) could enter a signed note of agreement to a proposal to make a major change in the system. All peers would accept it if they see approval over the threshold -- a form of democracy with no central counting or verification. The bankers could be given different powers with different thresholds. Powers might include:
- Unwinding transactions of different sizes
- Creating new coins and controlling deflation and inflation.
- Tuning mining algorithms in response to new technology, or developing other methods for proof of majority participation.
- Enforcing new revisions of the protocols
Awards and prizes instead of mining
How money is initially distributed is controversial. With central banking, the government gets all the money at first, a form of taxation. People have tended to like this because they accept taxation already. With gold, it's distributed to whoever can find it and get it out of the ground. With bitcoin, it's based on who wants to spend lots of computer processing.
Instead of these forms, why not allocate the new money to people who have done great works for society. In this case, computer society, which is to say those who have built all the great open source software the world runs on. (Selfishly, I would suggest one class of recipient might be official charities which do work in the area, like the EFF which I am a director of. However, EFF was actually getting a lot of donated bitcoins from miners but decided to re-gift them due to legal concerns.) Ripple (a different digital currency) has taken an approach akin to this.
Some democratic group might assign the first block of coins to popular open source projects. The leaders of those projects could distribute the money within them.
The second block of money could be granted through accredited prizes for great achievement in important fields. Analogs to the Nobel prizes. This could be both existing prizes (I am also involved with the Feynman prizes in nanotechnology, and the EFF pioneer awards but there are many such prizes) or they could be newly created prizes for both historical and new contributions in technology, internet, software, science and more. Indeed, the old prizes like the Nobel cover old fields, and while there are efforts, like the Queen Elizabeth prizes, to expand to more fields, this could go further.
There could also be prize contests, similar to the X prizes or Darpa Grand Challenges, with the purse in the new crypto-currency. While the currency is young and of questionable value these might just be a bonus on top of the bragging rights, but later it could be much more.
Of course, allocating all this prize money, via a group delegated by the de-central bankers, would be contentious and political. Is Stallman more worthy than Torvalds? Wikileaks better than EFF? There is also the chance for corruption. But it seems a more useful approach than just giving the coins to whoever is willing to burn up the most computer time.
Choice of anonymous or identified money
It might make sense to create a type of transaction which is not anonymous. Sometimes I want to write a cheque and know to whom I am writing it. (Less often do I need to know who is paying me.) I might even wish to constrain myself so that all my money is money that can't be given to anonymous recipients, protecting me from theft. (Generally it would be possible to convert such money to anonymous money through 1 or more levels of exchange: Buy dollars with the identified money, then buy anonymous money with the dollars, but it's hard for thieves to do this.)
I will note that the ability to put special attributes on transactions using a simple programming language called "Script" is already part of bitcoin system, including IP-address based destination addresses, but as far as I know there is no way to constrain that my coins can only be sent to a special class of addresses. In addition, the ledger is inherently public in Bitcoin, so transactions with identified parties are fully public.
There is a risk that governments, who hate anonymous money, might try to force all crypto-currency use in their jurisdiction into this model, but it would be extremely hard to enforce.
Most people here would not want fully public money, where it is known by all who owns what money. In bitcoin at least, all transactions are inherently public even if the identities of the parties are not. Most people would want a money where they know the identity of the recipient, but the public does not, but where the sender can later track down (or prove to others) who the recipient was. This has to be safe against money moving through a chain of recipients whose wallets have been compromised, which is difficult.
Other variations might also be interesting, like money which takes some longer amount of time before the transaction is finalized, or which can be force-refunded (and thus not re-spent) within a certain period of time.
It should be noted that the suggestions here will be clearly disagreed with by some bitcoin advocates for they weaken, or possibly undo, some of the things felt most essential in the bitcoin design. The question is whether a crypto-currency true to all those ideals can become mainstream or will remain marginal (while another crypto-currency becomes mainstream.) A currency whose primary use is payment for illegal activity will always be under attack, and has far less utility for those who wish to use it as ordinary money. A currency where theft is common to those who don't practice excellent personal computer security will also not see wide use.
Another issue with mining? Today, according to blockchain each bitcoin mined is using up about 240kwh of electricity. At the national average, that's 2.4 million BTUs at the power plant (the energy of 21 gallons of gasoline) and around 140kg of CO2 -- this varies depending on the electricity source being used. It seems like there must be some better way to do it, and indeed there are younger crtypo-currencies that use other systems besides the proof-of-work mining of bitcoin.