October 31, 2008. The financial crisis was weighing heavily on the global economy, and the American investment bank Lehman Brothers had just collapsed. Out of the blue, a person or group under the pseudonym of “Satoshi Nakamoto” sent out a link to a paper via a cryptography mailing list. The title of the seminal paper was: “Bitcoin: A Peer-to-Peer Electronic Cash System,” and it would mark the beginning of cryptocurrencies as we know them today.
“A lot of people automatically dismiss e-currency as a lost cause because of all the companies that failed since the 1990’s. I hope it’s obvious it was only the centrally controlled nature of those systems that doomed them. (I think this is the first time we’re trying a decentralized, non-trust-based system.)”
– Satoshi Nakamoto
The idea of creating a digital version of cash is much older, though. An early attempt was launched in 1989 by David Chaum: DigiCash. Chaum, who was a skilled cryptographer, despised the lack of privacy in cyberspace and developed a method – called Blind Signature Technology – which allows signing a message without revealing its contents. Thus, DigiCash enabled private and secure payments over the Internet. Rumor has it that Bill Gates offered $100 million to acquire DigiCash and integrate it in Windows 95, but was turned down by Chaum, who aimed for a higher valuation of his company. DigiCash later went bankrupt in 1998.
Another early attempt at a digital cash equivalent was e-gold, which provided users with accounts denominated in grams of precious metals. Founded in 1996, the payment system grew to more than $2 billion in transactions per year in 2006 and had 5 million accounts. However, its centralized nature enabled the US government to force e-gold to suspend its business in 2008 due to regulatory issues following a change in the legal definition of a money transmitter.
In both cases, a centralized authority was required to confirm that funds are only spent once. Hence a single point of failure was present, which was attackable by malicious actors or controllable by governments. Bitcoin is different: The decentralization of the network across many participants (nodes) ensures that there are no easy attack vectors to the network.
“I think there’s no capacity to kill Bitcoin. Even the Chinese with their Firewall and their extreme intervention on their society cannot kill Bitcoin.”
– US congressman Rep. Patrick McHenry (after the Libra hearings)
Without a central authority, a native mechanism to prevent double-spending of coins is required. The basic design of how this is done stems in part from B-money and Hashcash, both of which are referenced in the Bitcoin whitepaper. B-money, a paper published by Wei Dai in November 1998, was never officially launched – but included many of the ideas now present in modern cryptocurrencies. For example, the creation of money by solving a computational problem or the enforcement of contracts. Hashcash, proposed in 1997 by Adam Back, on the other hand was originally intended to be a Denial of Service (DoS) countermeasure and to limit the capability of spammers to send out emails. The system employs cost-functions, which rely on brute-force computations to find solutions. Verifying correct solutions then only takes minimal computational effort.
Bitcoin solves the double-spending problem by bundling transactions in blocks and cryptographically chaining these blocks together. Only valid transactions – i.e. transactions that are properly signed and do not double-spend coins – are included in blocks. Each block includes a Hashcash-style proof of work, through which the block publisher proves that a certain amount of computational resources was invested to mine the block. Only the longest blockchain, i.e. the one that contains the most work done on it, is then considered valid by all network participants. This algorithm also presented the first solution to the “Byzantine Generals’ Problem” and enables consensus on the state of the Bitcoin ledger even in the presence of malicious actors.
January 3, 2009. In the aftermath of the financial crisis, the first Bitcoin block was mined and contained the message: “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks.” A new, non-government controlled financial system was created – empowered only by cryptography, code and mathematics.
Security, Decentralization, Scalability: the Blockchain Trilemma
In cryptography, there is a theory that states that anything that can be done with a central party can also be done without a central party. However, central parties aren’t all bad. For example, taking decisions in a firm is faster when there is a vertical hierarchy of owners, managers, and subordinates. Likewise, countries ruled by dictatorships are faster at making decisions than direct democracies. Although centralized entities are faster, they are less inclusive by design because not everyone can participate in taking decisions. Similar parallels can be drawn to how decisions are made in a blockchain. Slow and egalitarian networks such as Bitcoin are criticized by investors that want a fast and global payment network.
Vitalik Buterin, creator of the second largest cryptocurrency Ethereum, refined these thoughts and referred to the problem as the blockchain trilemma. The blockchain trilemma describes the trade-offs between security, decentralization, and scalability. Security refers to the network’s ability to keep working while fending off attacks like a double spend. Decentralization refers to the number of users or computers that are involved in taking decisions regarding incoming transactions. Finally, scalability refers to how many transactions per second the network can handle. Vitalik argues you can only have two out of three.
Although more than 2,000 cryptocurrencies exist, most of them can be divided into three categories based on how they reach an agreement without a leader or central party. The first is proof of work and is how Bitcoin solves the double-spending problem as explained above. Other coins such as Bitcoin Cash and Litecoin also fall into this category.
Proof-of-work blockchains are decentralized and secure. According to the blockchain trilemma, that means they must give up scalability. And, sure enough, they must. Proof-of-work blockchains are limited in terms of transaction throughput and speed because each node processes every single transaction on the network. Ethereum manages a maximum of 20 transaction per second, while Bitcoin only achieves seven. Centralized systems such as PayPal can process about 200 transactions per second, and Visa achieves a staggering 56,000.
The second is proof of stake, which requires users to deposit coins into an escrow account before they are allowed to take decisions. If they make a decision that harms the whole network, their deposit in the escrow will be confiscated. This is similar to forming a company with equity capital. If the business does not behave honestly, people can sue their capital. Another way to think of proof of stake is that the decisions makers have “skin in the game.” Coins such as NEO, Stellar, and Binance Coin all fall into this category.
Finally, the third is delegated proof of stake, which is a variation of proof of stake. Coins such as EOS, Cardano, and Tezos (delegation is optional) are in this category.
Illustration 1: Over 90% of the cryptocurrency market cap uses proof of work.
So far, no one has solved Vitalik’s blockchain trilemma. Many cryptocurrencies claim to solve the problem with first-layer governance or directed acyclic graphs; however, each improvement upon Bitcoin has its own advantages and disadvantages. In the future, these different approaches for solving the double-spend problem will compete on the free market with centralized solutions. And another nice feature of the blockchain technology is that it financially rewards the early investors who can anticipate the market’s winners and losers.