Many of the multitudes of problems surrounding the implementation of Bitcoin come from my failure to explain things to people. In part, I did not realise the difference in individuals who might want to jump on board with Bitcoin in the early days. Bitcoin implements what is known as traceable pseudonymity [1]. In particular, the proof-of-work algorithm in Bitcoin acts to associate nodes (miners) and their facilities. One of the problems that have come about stems from the line in my paper referencing proof-of-work and explaining that an alteration of the database (blockchain) “quickly becomes computationally impractical for an attacker to change if honest nodes control a majority of CPU power”.
The erroneous understanding of the white paper has led to many problems. Firstly, a node is defined in the white paper as what is now commonly defined as a miner. A separate layer sits above such supernode peers, running an SPV connection. Miners do not secure the network using hash power. Here lies a critical difference; hash power presents a limited subset of what nodes must achieve in order to be a part of the network.
The steps to run the network are as follows:
1) New transactions are broadcast to all nodes.
2) Each node collects new transactions into a block.
3) Each node works on finding a difficult proof-of-work for its block.
4) When a node finds a proof-of-work, it broadcasts the block to all nodes.
5) Nodes accept the block only if all transactions in it are valid and not already spent.
6) Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash.
Hash power presents a limited aspect of the process. Hash power involves each node working on a difficult proof-of-work that is associated with an individual block. It is not the most important and critical aspect of Bitcoin. One of the aspects expressed by people who oppose my vision of Bitcoin and ones who have sought to change it since I first started talking about it in 2008 comes from the fact that they seek a system that cannot be controlled through law and legal processes. The white paper explains that it is impractical for an attacker to change the blockchain, which is not the same as saying that the blockchain cannot be changed. Importantly, the blockchain can be changed when honest nodes agree on the changes. Nodes (miners) who are subject to a court order could, for instance, write a change to the blockchain and reallocate the proceeds of crime to another address when it comes to either freezing or seizing bitcoin.
The possibility of doing so is not something that people associated with Bitcoin Core want governments to know. I developed a distributed proof-of-work system as the core or giant node of Bitcoin as it will always aggregate into large corporate entities as such. That is, Bitcoin always ends with competing organisations that hold information in data centres. The economic nature of Bitcoin is such that even if a proof-of-work system could be developed that was ultimately ASIC-proof, it would always lead to the formation of large corporate entities that would compete to validate transactions into blocks.
In the USA, under the Computer Fraud and Abuse Act (CFAA), we can easily show how “51% attacks” and other consensus attacks violate criminal law. Similar laws apply in most other countries. The CFAA is “principally a criminal statute prohibiting ‘fraud and related activity in connection with computers’” [2].
Under the CFAA, a malfeasor would be acting criminally (is committing a crime) where they “knowingly cause… the transmission of a program, information, code, or command, and as a result of such conduct, intentionally cause[] damage without authorization, to a protected computer” [18 U.S.C. § 1030(a)(5)(A) (emphasis added)].
Any conspiracy to commit or an “attempt to commit” such an act would be equally classified as a crime [18 U.S.C. § 1030(b)].
In order to criminally violate the CFAA, a node that is defined as an attacker, such as one instigating a “51% attack”, would need to satisfy the following:
(1) knowingly
(2) [sending or broadcasting] a transmission
(3) of some […] information, code, or command [that]
(4) intentionally
(5) causes damage without authorization,
(6) to a protected computer
[18 U.S.C. § 1030(a)(5)(A)].
In presenting the white paper, I believed the scenario would be obvious. But, I never anticipated people taking over my creation and turning it into an anti-government, anti-bank, anarchist system. I did not anticipate that they would go so far as to even attempt to do so, for indeed their attempt has so far luckily proved unsuccessful. Where they have been successful lay in the social engineering of false narratives around Bitcoin.
Changing Records
Nodes don’t change records, which doesn’t mean that transactions cannot be seized by government. Bitcoin is a form of write once read many database or what is known as a WORM storage system. When I was at BDO, I used to talk about such a system quite a lot, as under the Sarbanes-Oxley Act, section 302 and 404, many financial and other public entities are required to store their records on the same form of system. It does not mean that you cannot change records that are written in error. When a financial database is connected to something like an Oracle system in WORM mode, any error needs to be reversed. To do so, the original record remains unaltered, while a new record, showing what has changed and why something has changed, is created.
Bitcoin is analogous to the same form of system. In the advent that a valid court order was issued, such as one resulting in the seizure of the proceeds of crime, miners would need to enforce the change. It remains within the consensus mechanism of Bitcoin. Nodes are pseudonymous. It is only the largest nodes that need to be contacted to enforce such a change. Other miners then follow the majority. In such a scenario, a group of miners seeking to oppose a set of validly issued court orders would then be intentionally violating the terms of the CFAA.
Interestingly, the US Act (CFAA) provides a private right of action [CFAA violations. Id., § 1030(g) citing § 1030(c)(4)(A)(i)(I)].
Other nodes, users of the network, whether merchants or simply SPV users, and the providers of other services who suffer because of attacks of such nature may take private actions under the CFAA against nodes (miners) that act in a manner causing the corresponding loss.
Mistakes
Some of the things I allowed in the early days came from not understanding the people I was dealing with. More, I didn’t explain things terribly well. I thought it would be clear and obvious that attacking the network would be an action that would be punishable by law. Bitcoin was designed to work within existing legislative boundaries and frameworks. My biggest error was assuming that people would understand it so. The people who took control of Bitcoin Core have had different agendas, and one such agenda includes an anarchist view where government is not involved. The error they make is to assume that Bitcoin can ever be made to run on millions of nodes that all connect outside of the reach of government. Most of the work that went into the building of Bitcoin lay in architecting a system that could not be subverted in such a manner.
Bitcoin is not secure because of hash power. Bitcoin is secured as the message digests or hashes from each block are publicly available. The public record can be disputed and viewed by all parties involved in the system — not just the nodes (miners), but all other users and even government officials and external auditors. It’s time for government and law enforcement to start understanding that Bitcoin is not a system designed to act as a distributed ‘free-for-all’. It doesn’t mirror an uncontrollable mass of anonymous nodes, it forms a global supernode of highly interconnected commercial nodes (mining systems) that act to protect the transactions within the network. Such nodes are pseudonymous, but if they attack the network, there is enough information to trace them back and for law enforcement and private individuals to take action.
Bitcoin is not a cypherpunk creation. The references to timestamping and other systems are not cypherpunk in nature, and the system is designed to be extremely resilient to such attacks. My biggest mistake was believing that people would understand that Bitcoin would not subvert the government but rather act within the law.
References
[1] A. Michael Froomkin, Flood Control on the Information Ocean: Living With Anonymity, Digital Cash, and Distributed Databases, 15 J.L. & Com. 395 (1996).
[2] LivePerson, Inc. v. 24/7 Customer, Inc., 83 F. Supp. 3d 501, 511 (S.D.N.Y. 2015).