Cryptocurrencies

13. Jul 2014

In search of the perfect cryptocurrency design
Problems and worries:
Decentralized
Involving centralization
Design papers
Recommended reading

This stuff is old. I was quite young and dumb when I wrote this.

In search of the perfect cryptocurrency design

Cryptocurrencies might not be such a hot topic any more, but this has been in my head for a while and I have finally collected the patience to write it down.

With the rise of the Bitcoin network, decentralized cryptocurrencies became more widely known. A great excitement about not having to rely on central authorities providing the money and controlling the flow of it was among small but growing groups of hackers and tinkerers, libertarians and activists. No one would have to put up with the evil banks any more. At first, the great mass of the people remained skeptic, with many calling this Bitcoin thing a pyramid-, a pump-and-dump scheme. The public who looked at bitcoin rather as an investment opportunity or storage of value was merely convinced by asseverations of network safety or anonymity.

It did not help either that Bitcoin sparked multitudes of alternative cryptocurrencies, “altcoins”, most of them just slightly modified forks. What twitter bootstrap seemed to be for websites, the Bitcoin protocol was for altcoins. In fact, many bitcoin-related sites, such as the troubled bitcoin-central.net, seem to have been hastily build using exactly that software.

Freedom of choice on a diverse market of cryptocurrencies can be a great thing, but most altcoins could now really be called pyramid schemes. Looking at the sheer numbers¹ of those different altcoin protocols, one might not be compelled to believe that every one of them was developed for the good of humanity.

Consensus was that the first investors would receive too much reward simply for believing in the currency, and the early miners would earn a fortune simply by turning their small contribution to network stability in the beginning into vast amounts of money in the times when the currency’s value would show exponential growth. Bitcoin had been designed to make the early adopters rich, while making the late birds buying into it pay for their hesitation. It was almost like investing into a small silicon valley startup in 1998; with substantial increases of shareholder value.

Yet despite its critical (to me) problems and many voicing their skepticism broadly, Bitcoin seems to miraculously have come into wide circulation, and even in times of worldwide trouble, its value has stayed relatively stable. It has demonstrated that a cryptocurrency can be bootstrapped and grow far beyond the point of gaining critical mass.

To my knowledge, none of the more popular forks did solve a problem that most people did not seem to care for much: The problem of unfair distribution. It was not even fixed in freicoin, whose developers claimed they developed it with good intentions. Even the ppcoin protocol, which is very advanced in design and code, does not adequately address the distribution problem.

So, how can cryptocurrencies be fixed? Do they even need to be?

Here are my thoughts on this.

Some aspects to keep in mind when designing a cryptocurrency:

distribution of the currency and the clients
security & integrity of the network
anonymity and decentralization
compliance with the law
accessibility/usability
public image and representation
resource preservation

Problems and worries:

Bitcoin

A “kill switch”, as described by Loper OS²
In the near future, mining - the rewards consisting of ever decreasing bitcoin quantities and the costs rising rapidly - will not be profitable any more.
This means that malicious entities would have far less competition in the mining process. Single home users with affordable equipment will become increasingly insignificant, while ASIC producers would get pressured into exclusive contracts with big organizations, maybe even governments.
While some possible 51% situations in the past seem to have been harmless, mining in the future would not be a matter of profits, but rather a matter of control,
so the focus would greatly shift towards unprofitable investments that nonprofits are too poor for and only entities with malicious intent could afford to make, destabilizing and possibly shutting down the entire system.
Confirmations taking too long
Dedicated hardware, high power consumption, miners generate data clutter that is not usable outside the network, e.g. for scientific purposes
Till early April 2013, Bitcoin had been in a constantly high deflation³. This discourages investments and encourages hoarding of coins. Since a short steep inflation around May 2013 ended, the deflation has continued and not stopped as of writing this article.

freicoin

Unpopular with many people because of the built-in demurrage
Not truly decentralized since about 80% of the mined coins go to a foundation

ppcoin

1% inflation per year is not enough to compensate for the advantage the early miners gained
Sunny King as a Benevolent Dictator for Life of the project, and he seems to have shifted his focus unto primecoin⁴

Cryptocurrencies in general

Legal issues: - Money laundering - Tax evasion - Smuggling and black markets - (Secret) messages stored in the blockchain, for example the recent chipo discussion or the wikileaks cables
The system being gamed(no mistakes software-side): - Manipulation of exchange prices - Investors utilizing ddos attacks for quick profits in a matter of days - Manipulation of trade volume and price by traders trading with themselves - Early adopters trying to create the impression that the currency is in circulation while in fact they just move it across their accounts - Not knowing how much of the currency is abandoned (sleeper problem) - The blockchain being spammed with micro-transactions
Bugs in the code not being publicly disclosed and used for personal gain / untrustworthy developers
The amount of peers does not equal the amount of actual users. therefore, it is difficult to enforce democratic processes, since one could just fire up some hundred VMs to gain voting power. I am interested in how future conflicts about transaction fees will evolve.
The blockchain getting too big, making it nearly impossible to use heavy clients for users that are not well endowed
A fundamental mistake in planning is almost impossible to fix in a running system. Even as a developer, you do not have the power to get rid of the ghosts you called.
Transaction fees getting too high
Possibly significant fluctuations in value, since it is not controlled by a central authority
Misunderstandings and false expectations
The system being too complex to use, let alone fully understand to most users

Ideas on how to solve some of the aforementioned problems:

Decentralized

Merging of coins

As the coins are split into smaller fragments, the blockchain gets bigger. To address this issue, clients merge all fragments of a wallet together, creating a coin that is worth the sum of the small ones altogether. The old fragments of coins are “molten” and made worthless; the new coin(with the value of the sum of fragments) is treated like a newly minted one; the changes are distributed into the network as a patch. The network still knows where the coin came from, since the fragments that are put into the coin are part of the blockchain, but it does not transmit a new transaction as a sum of tiny blobs in masses of a few satoshis, but rather as one big blob. In order for this to succeed, the client has to invalidate the old fragments, while at the same time proving to the network that his new minted coin is valid. I am not sure how to integrate such a behavior into the network’s hash chain mechanism.

The predefined way

In this model, the distribution of coins is controlled both in time and in volume. At first, only very small amounts are paid to the miners, thus keeping the total circulation of the cryptocurrency in an assessable amount. This way, the currency can prosper sustainable growth and spread of the currency. Parallel to the advancement of time, the rewards paid to miners rise (linear growth). This way, the early adopters can help spread the currency but the profit is limited. The rewards would rise for about half a year, then stagnate, and after a year, halve every x discovery blocks.

The ever increasing inflation way

Mining stays rewarding. The rewards of the miners are not ever changed, guaranteeing a steady influx of new coins, while simultaneously creating inflation.

Artificial scarcity

Coins lose their value over time, becoming worthless compared to freshly mined coins. This idea is already implemented in freicoin, but not satisfactory(to me) since the demurrage fee is too low in the early phase, not compensating for high demand and little supply. A fixed demurrage rate or a fixed inflation like in ppcoin is not optimal, the inflation should follow a predefined curve: first a high inflation rate; after about a year it is lowered.

Involving centralization

The donation way

This is a specifically weak idea, but it may be worth thinking about. In order to obtain money/coins/credits/… in the cryptocurrency’s “system”, one must donate “real” money outside the system to a charitable organization or one that defends hacker ethics, as chosen by the network. The transactions’ values are then converted into a stable currency (maybe the Yen or something similar) and the user receives the converted amount in in-system-currency. The exchange rates would have to be set static. This idea defies the whole purpose of decentralized currencies, but could eventually be implemented in a decentralized way, relying on votes of relayers to verify organizations and absolute transparency of transactions.

The ripple way

Opencoin, the company behind the ripple system, has taken another approach at cryptocurrencies. Its IOU system goes back to the roots of money, when it was publicly recognized as a proof of being owed goods, whereas now money has become more abstract, being used as value storage. The ripple system relies on users repaying their debt in the real world via a predefined currency. The only way for users to convert their issues of debt into real goods, as it seems to me, is to use a gateway.

The dynamic way

By binding the cryptocurrency to real world value (or the median of a variety of currencies on earth), the currency would be very stable, and investors would have little incentive to gamble on the system, while people who do not trust the banking systems would have an opportunity to deposit their savings into a stable environment. This system would be extremely vulnerable to manipulation of the data input on values of currency. It would need trusted sources of data, and trusted platforms are not such a good idea.

Freezing before launch

To prevent early adopters and developers from gaining profits in the non-competitive environment that is the early phase of the launch of the cryptocurrency, the source code is released a significant time before the network launches and the genesis block is mined.

Earlier I mentioned that the current cryptocurrencies may not need fixing. Bitcoin has succeed as a payments system; enough people accept it as a valid currency to trade with others. While this is a great accomplishment, there should be viable alternatives, preferably without kill switches. So far, a fair distribution model that fulfills the needs of both active (miners & exchanges) and passive (client users who view the system as a payments system) network participants seems out of reach to me.

At least designing a nearly perfect cryptocurrency is something we should strive for.

Sadly, my knowledge on this topic is fairly limited and I have not yet fully read and understood most design papers; the ideas proposed and addressed by me all have major flaws. It might be more interesting to spend some time on reading and understanding the articles linked in the “recommended reading” section.

Felix Elsner