Tuesday 20 September 2011

The Current Problems of Bitcoin

These are the most serious obstacles Bitcoin faces, as I see it.
  1. Extreme volatility. Here's the chart of USD against various assets over the past 6 months.
    I've initially normalized the price to 1 to compare.  You can see that bitcoin is the odd one out here, it's volatility is in a completely different league to other assets. Based on these timeseries, I calculated the average daily vol against USD over this time-period.
    AssetDaily Vol
    EUR0.5%
    CHF0.8%
    JPY0.4%
    Oil1.8%
    BTC11.4%
    Roughly speaking, while EUR will fluctuate against USD by about 0.5% per day on average, BTC will fluctuate by about 11% per day, i.e. BTC is 20 times more volatile than EUR, and this is during a period of notably high volatility for the Euro currency.

    This is an extremely serious problem for anyone who wishes to use BTC to transact real goods and services. Lets say you are a low-margin retailer of T-shirts. You buy wholesale in USD and sell online in BTC. Not only do you have to continually update your BTC prices throughout the day, you also have to ensure that as soon as the transaction takes place you convert your BTC back into USD - if you leave it just one day the BTC volatility could wipe out all your margin from the sale. There are also more subtle issues. If someone buys your T-shirt at 5 BTC, then a week later returns it and the price of BTC happens to have risen then you will lose out. The 5 BTC that was worth 25 USD is now worth 50 USD and you the retailer will have to cover the difference. Effectively you have sold a call option for free.

    As far as I can see, there are no strong reasons to expect that this volatility will decrease dramatically in future.
  2. Delayed confirmations. Usually when you make a transaction in the real-world the confirmation takes a few seconds to happen.  With bitcoin, it takes something in the region of an hour. This means that in its current form, it is impossible to use it for any conventional retailing where the customer expects to walk away with the product immediately; no one is going to hang around for an hour waiting for his transaction to clear. As a retailer you could admit zero-confirmation transactions, but it's only a matter of time before thieves catch on and target you. There are various websites being setup to allow instant transactions, but then you are relying on them to keep your bitcoins secure. Not only have there been instances of large-scale fraud (or incompetence) with bitcoin banks, it somewhat defeats the purpose of a P2P crypto-currency.
  3. Client unwieldiness. When I downloaded the bitcoin client, it took about a day to download the whole blockchain from the network before I could start using it. The blockchain takes up something in the region of 1Gb disk-space, which can be very significant for portable devices.
  4. Blockchain vulnerability. I have posted before on this subject (and here and here). In summary, there is very little to stop a determined attacker from making fraudulent transactions. This is due to the interaction of three fundamental properties of the bitcoin economy:
    1. Open mining. Anyone can contribute to verifying transactions (or as it's currently called 'mining'), you just need to connect and let your GPU run.
    2. Free mining. To incentivise people to do it, you get paid to mine / verify transactions. This means the equilibrium state is that the costs and revenues from mining balance and it becomes free for anyone to add compute power.
    3. Computocracy. If you have access to more than half of the total compute power, you can fake your own transactions.
    So, by 2 it's free to build up a vast array compute power, by 1 no one is going to stop you, and by 3 once you've done it you can fake transactions.
  5. Wallet security. It is assumed that someone's wallet file (and hence a person's bitcoins) is secure by virtue of it being on your own computer. This is only true in the case of a 'suitably sophisticated user' who is capable of securing their own system. Unfortunately, the majority of people in the world do not have a secure system and even in the tiny community of bitcoin early-adopters there have been huge problems of stolen wallets. Even the fifth-largest bitcoin exchange failed to secure their wallet. Trojans are now in the wild targeting wallet files. Sadly it seems that there are very very few 'suitably sophisticated users'. Even the most basic level of security - encypting the wallet - is not yet available in the standard client.

8 comments:

  1. I thought portable devices only download a portion of the block chain?

    ReplyDelete
  2. This article has a number of comments in reply on Reddit.

    http://www.reddit.com/r/Bitcoin/comments/klud5/the_current_problems_of_bitcoin

    ReplyDelete
  3. " With bitcoin, it takes something in the region of an hour. This means that in its current form, it is impossible to use it for any conventional retailing where the customer expects to walk away with the product immediately; no one is going to hang around for an hour waiting for his transaction to clear. "

    This is not true. Conventional retailers can do with 0/unconfirmed:

    https://bitcointalk.org/index.php?topic=423.msg3819#msg3819

    ReplyDelete
  4. Just look at http://bit-pay.com/ . Solves most if not all of the issues you claim.

    ReplyDelete
  5. "So, by 2 it's free to build up a vast array compute power, by 1 no one is going to stop you, and by 3 once you've done it you can fake transactions."

    Please explain how vast arrays of computing power are free. I want to take this information and sell it to large web companies like google, amazon, and microsoft who are currently paying billions of dollars for their datacenters.

    ReplyDelete
  6. > Please explain how vast arrays of computing power are free. I want to take this information and sell it to large web companies like google, amazon, and microsoft who are currently paying billions of dollars for their datacenters.

    In fact I already did..you get paid to mine. Currently the revenue from mining far exceeds the cost of the electricity (if you use the right hardware). This is not interesting to anyone beyond bitcoin because the hardware is being used to mine, not for other purposes.

    ReplyDelete
  7. But if its "free" for everyone to do this? Then wouldnt you be competing against all the other people who can do it for "free" as well? How do you expect to get 51% of the network.

    From Satoshi's paper: "We consider the scenario of an attacker trying to generate an alternate chain faster than the honest chain. Even if this is accomplished, it does not throw the system open to arbitrary changes, such
    as creating value out of thin air or taking money that never belonged to the attacker. Nodes are not going to accept an invalid transaction as payment, and honest nodes will never accept a block containing them. An attacker can only try to change one of his own transactions to take back money he recently spent"

    ReplyDelete
  8. > But if its "free" for everyone to do this? Then wouldnt you be competing against all the other people who can do it for "free" as well? How do you expect to get 51% of the network.

    Because for an economically rational miner, "for free" is not good enough, they need to be expecting a profit to bother expanding. The attacker OTOH does not mind expanding for free because his profit comes in future double spending.

    > From Satoshi's paper [...]

    Yes, so Satoshi's paper leaves open the possibility of double spend. If you double-spend at a bitcoin ATM, that's quite a problem.

    ReplyDelete