Kelvin Low is professor of law at the National University of Singapore.
In light of the recent cryptocurrency meltdown and the mounting criticism of a technology that has promised much but delivered little, it is useful to revisit Satoshi Nakamoto’s Bitcoin white paper and consider what it gets wrong and why many believe that blockchains cannot work.
In “Bitcoin: A Peer-to-Peer Electronic Cash System,” Nakamoto, the pseudonymous person or persons who developed bitcoin, posited an elegant solution to double-spending, a potential flaw in a digital cash scheme in which the same single digital token can be spent more than once. But the problem was misdiagnosed. Wherein lies the misdiagnosis?
Our trust in banks lies in the debtor-creditor relationship between banker and customer, not in preventing double-spending. Where our accounts are in credit, the relationship entails the customer performing its contractual obligation by extending a loan to the bank before the bank counter-performs, repaying the said loan.
In other words, we trust that when we call upon our banks to perform their side of the bargain, whether by withdrawing cash at an ATM or directing them to make an interbank transfer to a particular payee, they are willing and able to perform. This trust is reversed when the bank extends credit to us since the order of contractual performance is here reversed.
It might come as a surprise to many, but we are not, in principle, concerned with whether or not a financial intermediary permits the double payment of its customers’ money. Today, it is not uncommon for financial intermediaries to encourage customers to make use of their services by way of so-called cashback schemes, in which a small percentage of payments is “refunded” to the customer. Such cashback schemes, in spirit at least, offend the so-called double payment principle.
Because modern monetary theory assumes a flexible money supply, with private banks responsible for creating at least part of this supply, double payments are not in principle objectionable.
The key lies not in the principle but in the practical implementation: since private money is fundamentally a debt, are intermediaries able to generate sufficient profits to cover the new money they create, whether through operating profits such as merchant fees or large infusions of equity, so that they are able to meet their liabilities?
Consider the use of smart cards such as Pasmo, an IC card issued by subway operator Tokyo Metro, or MTR’s Octopus card in Hong Kong, where one security concern would be if a user tampered with their card’s credit. Whilst this may appear to be a problem of artificial inflation of the money supply, the concern is actually more fundamental than that.
No legal system allows private individuals to create claims against another without the latter’s consent. Furthermore, because digital money on public transport smart cards is fundamentally a claim against the issuer, in this case transport companies, there is no actual inflation of the money supply, and the fraudulently created money is booked as a loss to the issuer.
Because the blockchain’s obsession is with preventing this entirely imagined problem of double-spending, it completely ignores the far more commonplace frauds that occur on a daily basis.
When the cryptocurrency industry describes the blockchain as a secure, decentralized ledger, it is important to note that the security is concerned exclusively with ex-post-ledger edits because that is what double-spending entails.
But anyone studying frauds involving ledgers, whether bank ledgers or land registers, will know that no fraudster targets the ledger itself. Rather, they target the end-users directly.
This means that blockchain security is akin to the infamous Maginot Line built by France to deter invasion by Germany before World War II, except that it would be pointed in the wrong direction at Dover. This is why we see hacks on a regular basis for what is advertised as secure. Even worse, because blockchains are immutable, the way in which we would normally address such frauds by reversing the fraudulent transfer is rendered highly impractical.
This may be because the transferee cannot be identified. Everything in the cryptoverse is pseudonymous. However, if the transferee can be identified, they are located in another jurisdiction and is uncooperative. Over time, it is inevitable that the blockchain ledger will grow increasingly inaccurate as more mistakes and frauds occur, and only a proportion are, with much effort, reversed.
Cryptocurrency enthusiasts dismiss the significance of these security breaches by preaching a libertarian creed. To use cryptocurrency necessitates what some describe as intense self-discipline. One must be alert to possible security breaches 24-7, 365 days a year. Human fallibility is intolerable.
But this is not how the law works. All legal systems face the difficult choice of allocating losses when an owner is deprived of their property by a fraudster who then sells the same to a bona fide purchaser.
The tension is one between static security favoring the owner and dynamic security favoring the bona fide purchaser because the fraudster is often either nowhere to be found or is a person of straw.
There is no uniformity around the world in terms of where the balance should lie, and many legal systems even apply different balances depending on the nature of the property involved.
No legal system on Earth, going back several centuries, has ever adopted a libertarian view of how losses should be allocated and ownership established, making it difficult to see how blockchains can work as authoritative records of ownership.
The inevitable fork between the ledger and the legal status quo is amenable to only three solutions.
First, the blockchain prevails over the law. This is a heartless choice and, as the case law emerging over disputes involving crypto-assets shows, is not currently accepted. Second, the law prevails over the blockchain, and the power to edit the blockchain is embedded in its protocol, effectively making the blockchain pointless since its immutability which is its very raison d’etre, is effectively neutralized.
Third, the law prevails, but the blockchain remains immutable. This makes the ledger utterly useless since the only thing worse than an inaccurate ledger is one that is immutably inaccurate.
Unless whole societies shift their collective moral compass overnight, the use of a blockchain dictates that we must choose between three equally unpalatable solutions: heartless, pointless, or useless.