srehn's blog

I still read slashdot because every once in a while one of the stories really catches my interest.  The latest such story is about Bitcoin, an attempt to create a decentralized currency system.  If it, or a similar system, works it could create a whole new, and perhaps even more structurally sound, monetary system for the world.  More likely it will die with a wimper, but let's not get ahead of ourselves.

It works a little like freenet, in that it is based on a lot of clients sending packets to one another to achieve some emergent objective.  Instead of transmitting data, the objective here is to keep track of the transactions going on.  There's also a distributed computing aspect in that the transactions in each "block" (roughly 10 minutes) are all combined together into a hash which is very difficult to compute.  Any client set to do so will spend its spare compute cycles to try to compute the hash for the current block.  It's pretty random which key works, so the more compute cycles you have the more likely you are to get the correct key first..  The client taht gets that key also gets a certain number of Bitcoins as a kind of prize or incentive.

When you make a transaction it goes out to all of the other clients yours is connected to, and spreads out within the network.  When a block is computed, it combines all of the known transactions into it to prevent "double-spending", the idea of the owner of a Bitcoin spending it with two (or more) recipients.  In a sense, the main objective of all of that computing above is to keep track of the owners of bitcoins and prevent double-spending.

The original concept of the system should deal with the problem of an attacker trying to gain control of the network.  The one who computes the next block has a certain degree of control, and that's distributed pretty much randomly according to computing power.  That means that an attacker would have to have as much power than the entire network to have an even chance of taking over, and more power to be guaranteed of doing so.  If they have that much power they'd be better off just generating keys and keeping the Bitcoins than just destroying the whole system to steal the current value fo the bitcoins.

There are likely some less obvious flaws with the current concept or implementation.  It's important that these get dealt with before the network gets too big, or when someone finds a major vulnerability in the (future) big network the whole thing could collapse due to shattered confidence.  Since it's an open-source project, many of them will be worked out over time.  Another key way to find flaws is for there to be a financial incentive to do so (which is starting to be true, since you can trade Bitcoins for real money already).  Of course, since this is based on public key cryptography, if a quantum computer with enough entangled qbits to tackle keys of this size are ever created, the whole thing will fall apart.  Of course if that happens, much of the rest of the financial system will die too, so it will be the least of our worries.

The current implementation is essentially designed to be deflationary in the long run.  New coins are being created, sure, but that's intended to be phased out over time.  Coins will certainly be lost as hard drives crash and files get lost.  If the system is successful, the current limit of BTC0.01 per transaction closer to the coded limit of BTC0.00000001 as the finite number of coins get spread out over a larger number of owners.

One potential attach system I haven't seen addressed yet (and I've done quite a bit of reading) is exactly _who_ decides how hard it should be to calculate the next block's hash?  I know it's automatically adjusted to take 10 minutes on average, but who does so?  If it's a single decision-maker, then that's an attack point.  If it's a collective decision of all of the clients, then maybe that could be manipulated by a sizable, but not overwhelming, population of dishonest clients.

For now, however, I've got a client running and I'm playing with it.  If you're bored, send me a bitcoin at 1DUXcZoYtKwbETc8GMDnhvWSqmNVW5pfE5 !  They're only worth about a penny.  So far...