By Cayle Sharrock (original post on Medium.com)

in which we talk about the four core properties of Bitcoin and discover that blockchains are but one of them.

Blockchains. They’re all the rage. Blockchain technology has been touted as the magic bullet for everything from money to medicine to political regime change. The fervour of blockchain believers has been matched only by the furious scepticism and dismissal of its naysayers.

As a veteran¹ of the cryptocurrency industry, I have gone through the knowledge cycle that is uncommonly known as “the path to blockchain enlightenment”.

The path to “Blockchain Enlightenment”

About a week after first reading Satoshi Nakamoto’s Bitcoin white paper, one usually has an eureka moment and realises what an amazing breakthrough in trustless exchange Bitcoin is. One gets terribly excited and for the next few months every industry and service starts to look decidedly nail-like to the mighty inevitability that is Bitcoin (a.k.a. Blockchain)’s hammer.

The thing is, the “Blockchain” probably isn’t the right solution for most of the problems it’s being touted to solve. And in Part II of this article, I’ll explain why. But Part I is pretty fun too, so keep reading.

The first thing that needs clearing up is this whole “Blockchain” vs “Bitcoin” business. Most people actually conflate the two. The truth is that the block chain is just one of four cornerstones that give Bitcoin all the properties to make it what it is — uncensorable, self-sovereign electronic money.

[1] A blockchain veteran is defined as someone who has worked in the space for more than 9 months. Not to be confused with a blockchain expert, who has worked in the field for 9 weeks. I’ve worked full-time in the space for three years, so I’m slowly learning that I know almost nothing about this technology.

The four properties of Bitcoin

As we’ll discover, block chains are not terribly exciting on their own . But when they’re combined with the three other technologies that underpin Bitcoin, then some amazing things become possible.

The properties of Bitcoin

Block chains

Let’s start with the biggest buzzword of the lot: blockchains. At the end of the day, a block chain is nothing more than a database. A good ol’ fashioned database. Except in the case of Bitcoin, it’s really slow, inefficient and mind-bogglingly expensive to run.

In its defence, the Bitcoin block chain does have some interesting features.

Each record in the database contains a fingerprint summary of the previous record. If anyone changes so much as a single bit in a record, the fingerprint will completely change. This means that no-one can edit anything in the database’s history without people noticing it. If you suspect some tampering, you recalculate the fingerprint of the record in question and check that it matches the fingerprint that was recorded in the record after it in the chain.

Each record is therefore inextricably linked to the one before and after it, forming a chain. To make things more efficient, the Bitcoin protocol collects groups of records together in blocks, hence “block chain”.

Changing any transaction in the blockchain’s history means invalidating the block after it (because the fingerprints won’t match anymore). Therefore it also invalidates every block up until the current record. This means that if you want to change the history of the block chain, you literally have to recalculate and re-write the entire blockchain from the point in history you want to edit up until the present. As we’ll see later, in Bitcoin, this is really, really, expensive.

This is the first key feature of the Bitcoin block chain: tamper detection¹. On it’s own a block-chain is just a database with a tamper-proof seal across it.

A Blockchain (in the Bitcoin sense) is not the only way to construct a tamper-evident database. If tamper-detection is all you want, you could use a traditional SQL database with append-only tables; take care to protect your logs, record regular checkpoints and periodically compare them with your data to detect any malicious or accidental changes to the database history.

1. Note that it’s not tamper-_proof._ We need to add in some additional properties of Bitcoin first to achieve this.

Public records

The second pillar of Bitcoin is the (distributed) public ledger. But first, a short aside:

The key problem that every digital currency faced until Satoshi Nakamoto released his white paper was one of double-spending. How do you provide digital scarcity when it is trivial to make perfect copies of digital information? What is stopping Alice making copies of her e-dollar to buy something from Bob with one copy and something else from Charlie using another?

Before Bitcoin, The only way to overcome this problem was to anoint a trusted authority. This authority (we just call them banks) keeps tabs on every transaction that is made. When Alice tries to spend her e-dollar copy with Charlie, the bank can intervene and say nu-uh, that e-dollar now belongs to Bob.

In truth, we’ve been using e-dollars for decades now (less than 5% of the USD money supply ever gets printed as cash). Banks play a vital role in the e-dollar economy (and that’s why they extract such healthy and well-deserved¹ fees for that service). Banks (are supposed to) ensure that nobody cheats the system by enforcing accountability on the players in the monetary system.

But Satoshi realised that we can do without banks if we make use of a public, or peer-to-peer accountability system.

It turns out that public, distributed records are a surprisingly good way of encouraging good behaviour. A wonderful example of a public, distributed system is Wikipedia².

Wikipedia is a public information repository that anyone can edit. It really shouldn’t work, but as long as there are more good people keeping the information accurate than there are trolls trying to corrupt it, it does! It’s remarkable, if you think about it — or maybe I just have too little faith in humanity.

A similar idea is put to work in Bitcoin. The transaction history of Bitcoin is maintained by many parties, and each party is constantly comparing their ledger with everyone else’s. The common payment history that appears on more than 50% of all the ledgers is the official one, by definition. As long as more than 50% of Bitcoin ledger maintainers are honest, the system maintains its integrity. And just like that, there’s no more need for trusted third parties, banks, or the million-dollar bonuses for their executives.

Now if you combine the accountability that emerges from public records with tamper-evident chains of data, you can start to do some fun things, like splitting big files into little bits, sharing the pieces amongst multiple people and then recombining the bits confident in the knowledge that you’ve recreated the original file. Hey, you’ve just come up with the basis for BitTorrent.

1. /s
2. Without getting into a semantic argument here, can we agree that while the data in Wikipedia is centralised, the editing sources; or information nodes i.e. the contributors’ minds and computers; are very widely distributed indeed.

Digital Signatures

The third piece of the Bitcoin puzzle is the Digital Signature. These were proposed in the 70’s and have been implemented in software since the late 80’s — remember Lotus Notes? Then you must be old, because I don’t, but that proto-office suite allowed you to digitally sign messages to prove that it really was your boss asking you to come in on Saturday, and not Charlie from Accounting.

Today, digital signatures are part of the fabric of the internet. They’re behind every website with that little green lock in the address bar. They secure your internet banking and WhatsApp messages. They should be used to encrypt every email you send, but for some reason, that never really took off.

Digital signatures are essentially two pieces of data: a public piece, and a private piece. Both can be used to encrypt information (like an email), and only the other piece can be used to decrypt it.

To see how this works, let’s say Alice want to send a message to Bob: “Drop everything and do your TPS. Boss is on the warpath”. She can use Bob’s publickey to encrypt the message, knowing that only Bob will be able to decrypt and read the message. She sends it off, feeling very smart and confident that she’s spared her friend a spittle bath from an irate middle manager.

Unfortunately, Charlie from Accounting intercepts Alice’s message and uses Bob’s public key (it’s public after all) to change the message to “Wohoo! TPS system has been scrapped” instead. This leads to an unfortunate series of events that starts with Bob posting convincing evidence that TPS reports can be used as toilet paper and ending with him packing his things in a box and permanently vacating his parking spot.

To prevent this “man-in-the-middle” attack and the subsequent frantic revisions of workplace video-sharing policy, Alice should have re-encrypted her message with her private key before sending it to Bob. Now Charlie is stymied because only Alice’s public key can decrypt the first layer of the message. She’s digitally signed the message, proving that it comes from her. Charlie no longer has a means of impersonating Alice, and the economy keeps humming along on the back of timeous TPS reporting.

This is a somewhat simplified description, because Bob still has a nagging suspicion that the public key that he has for Alice might just be saying it was generated by Alice. That Charlie is a sneaky guy and Bob pulled the public key off some website called alicespublickeysdefinitelynotcharlies.com.

Luckily, Bob’s mate Dave knows Alice and Bob. Dave is a stand-up guy. He independently checks and vouches for Alice’s public key by going to her house and asking her to show him the copy she has stored there. He can then go back to Bob and, for a small fee (he’s a stand-up guy, but he’s not running a charity!) confirms that the key that Bob has on his computer is the same as the one Alice showed him.

Dave is performing the same service that Symantec and friends carry out when you pay for the certificate that puts the green lock in your browser address bar when people visit your website.

Digital signatures are wonderful things, but they typically run into problems when used on their own. Symantec has gotten into trouble for issuing certificates when they shouldn’t have — imagine if Dave gets lazy and says he goes to check Alice’s keys, but hits the driving range instead.

Combining digital certificates with a public record helps maintain the trust of the certificate authority by keeping them accountable, as is the case with certificate transparency standard.

And if you introduce tamper-detection via a linked certificate chain, you get something along the lines of what keybase.io are trying to achieve: A web of trust for building and maintaining a secure digital identity on the web.

In Bitcoin, digital signatures are central in proving ownership of bitcoins. A Bitcoin address is little more than a public key, and if you know the private key corresponding to that bitcoin address, then you have the power to spend any bitcoin associated with that address.

Resistance to corruption

Even with all three of the properties we’ve discussed so far: a tamper-evident blockchain, digital certificates, and a public ledger, a nascent cryptocurrency employing these three features would still be vulnerable to attack.

As it stands, Charlie, our attacker wouldn’t be able to steal any funds, the digital signatures protecting the bitcoins prevent that, but there’s nothing stopping him from firing up a bunch of servers on AWS to act as public ledger maintainers (in cryptocurrency land they’re called nodes) and then spamming the network with blocks filled with spurious transactions. If he manages to control enough ledgers, he can even start to rewrite the blockchain history, since his own nodes will collude to validate the transactions Charlie selects.

To disincentivize this kind of behaviour we need to make it really difficult, expensive, or both to carry out this attack. The way Bitcoin does this is to employ a strategy called Proof of Work.

Proof of Work performs two important roles in Bitcoin. First, it requires any node on the Bitcoin network that wishes to add a new block to the blockchain to submit a magic number along with the block. The beauty of this number is such that there is no way that the node could come up with this number without spending a specified amount of money (on average) in computing power and electricity — an amount controlled and determined by the Bitcoin network itself!

To be more specific, if Charlie wanted to subvert the Bitcoin network, he would have to spend as much money deriving this magic number (otherwise known as mining) as the rest of the network combined, which as I’m sure you’ve heard is the cost of powering a small country these days.

We’ve disincentivized Charlie from attacking the network, but now honest miners are forced to spend large amounts of money in what is starting to sound like a purely altruistic endeavour. To balance this out and bring all the incentives back into line, mining nodes are rewarded with new Bitcoins (currently 12.5 BTC) each time they add a block to the chain.

Which bring us to the second function that Proof of Work performs. How do we decide which miner gets to add a new block to the block chain?

One approach would be to use a round robin schedule, where every node gets a chance in rotation. This might be feasible in a small, hermetically sealed block chain system where every node is known and is always online, but Bitcoin is the Wild West; a permissionless free-for-all, with nodes popping into and out of existence all the time. Any co-ordinated (a.k.a. centralised) scheme for deciding which node adds the next block is simply out of the question.

What we need is some sort of lottery. A random system, but where every node’s chance of winning the right to add the next block (and claim the new bitcoins as reward) is proportional to how much effort they’re spending in maintaining the integrity of the network. But how would nodes prove how much effort they’re expending? Hang on, we’ve got this built into Bitcoin already: it’s what Proof of Work does for us!

Every bitcoin miner is beavering away looking for the magic number that will give them the right to add a new block and earn the miner’s reward. It just so happens that that magic number has exactly the properties we’re looking for in a winning lottery number!

So that’s Proof of Work in Bitcoin.

There are other strategies for making it expensive to subvert the system. For example in Proof of Stake one places some (large) number of coins up as collateral which you stand to lose if you are ever found cheating the network¹.

To wrap up this section, we can point out that in the general sense, Proof of Work is not necessarily a energy-intensive process. In non-cryptocurrency contexts, the Proof of Work idea is used in things like Captcha, where a computer would have to expend a lot of power trying to impersonate a human by doing things that humans find quite easy (counting road signs in an image) but that computers find incredibly hard (for now).

1. There is some debate as to whether this strategy is robust.

Emergent properties of Bitcoin

With the last cornerstone of Bitcoin in place, we’re now in the position to create decentralised, uncensorable digital money.

By combining tamper-detection (Feature 1) with Proof of Work (Feature 4), we find that the ledger becomes tamper resistant and immutable¹.

Now you take your immutable ledger and make it a public, distributed ledger (Feature 2), and you’ve got censorship resistance. Once a transaction is in the block chain, it’s there forever and since there is no central entity acting as a gatekeeper to the ledger, anyone can submit a transaction to it.

Individual miners can still try to censor transactions: Charlie from Accounting has set up his nodes to reject any transaction that he suspects comes from Alice (what does he have against her anyway?). But unless Charlie controls 51% of the network, the other nodes will include her transactions and eventually defeat his attempts at censorship. Many people have called this the defining property of Bitcoin and lies at the heart of the recent and ongoing, scaling debate of Bitcoin.

Throw in proof of ownership (Feature 3) through digital signatures and you finally have Bitcoin: censorship-resistant, self-sovereign money.

tl;dr

So let’s summarise everything we’ve discussed so far and draw a few additional conclusions about what makes Bitcoin unique as a form of money.

Blockchains are essentially a type of database.

They are very slow and inefficient, and horrifically expensive compared to your standard databases (or Excel spreadsheets) that sit in the IT departments of 90% of the world’s businesses.

Thus for blockchains to be a net value-add, the benefits must outweigh these costs. The benefits of Bitcoin over traditional money arise from its fundamental and emergent properties and give Bitcoin its value despite being slow and expensive:

• Distributed trust. In Bitcoin, there’s no longer a central trusted party that controls your money. For the first time in history, people who don’t know or trust each other can trade without the need of a hefty-fee-charging-and not-always-trustworthy trusted third party. I imagine any Cypriots, Venezuelans or Zimbabweans reading this are nodding in agreement that this is a very desirable trait indeed.
• No single point of failure. Companies go bankrupt, or disappear. Institutions get hacked. Trying to hack a distributed ledger system is like trying to attack a swarm of bees with a pistol.
• An immutable history. A Bitcoin transaction is forever and can never be tampered with (e.g. if someone tries to claim you never paid them by removing a transaction from the blockchain, this is immediately detected and rejected by the network).
• Proof of ownership. The blockchain makes it easy to prove and verify that you are the rightful owner of a given BTC and are able to spend it.
• Digital scarcity. One of the major breakthroughs in the Bitcoin whitepaper was to demonstrate how to solve the until-that-point intractable problem of making perfect copies of coins (they’re digital after all) and spending them in two different places.

The key point is that if you only require a subset of these properties, then you probably don’t need a distributed blockchain (a.k.a. Blockchain, DLT or distributed ledger technology) because you likely won’t leverage the benefits it delivers enough to pay for the substantial costs that are incurred.

Next up…

In the second part of this article, we’ll actually try to answer the question posed in the title. We’ll take a look at some of those “disruptive Blockchain” use cases; hold them up against the four properties of Bitcoin and decide whether it’s a valid Blockchain use-case, or buzzword hype.