Last week saw a confusing and somewhat complicated kerfluffle, involving alternative (and possibly abusive) uses of the Bitcoin network by Chainalysis. See, perhaps Grace Caffyn’s report in ChainDesk that “Chainalysis CEO Denies ‘Sybil Attack’ on Bitcoin’s Network“.
This controversy is interesting from both a technical and a sociological perspective.
First, the basics: Bitcion is decentralized by design, with no authority to say what is “legal” or proper behavior. This is left to self-policing by “the community”.
However, this utopian vision is based on the assumption that everyone follows the published protocols, which are designed to be mostly fool proof. That is, if you don’t follow the protocols, you will not connect or will be ignored or will be rejected.
This reliance on “unsinkable” technical protocols that do not require (or allow) central authority is the foundation of what cryptocurrenciologists term a “trustless” system.
Of course, as I have written before, there is far more to the working system than this protocol.
But the very notion that the Bitcoin protocol, or any protocol, can be so bullet proof that all you need is to make sure everyone implements it correctly is, well, a fantasy.
The Case of the Sybil “Attack”
One kind of problem was illustrated this week in a kerfluffle surrounding a service created by Chainalysis. This company tries to determine where the parties to Bitcoin transactions are located, in order to allow companies and people to implement financial regulations, such as anti-money laundering standards.
The Bitcoin blockchain has an IP address associated with each transaction, and nodes in the Bitcoin network also see the IP address when a transaction is first entered into the system (which need not be the same as the recorded IP for the accounts). The former are published, the latter are normally seen only by software.
Many services analyze the published Blockchain, from which it may be possible to identify some of the accounts associated with IP addresses. Chainalysis wants to do better by using the IP addresses of the submitter as well. Furthermore, the laws are usually about the source and destination of the funds, so identifying location of the source and destination is more useful that the location of the “owner”.
What Chainalysis did, apparently, is to use a loophole in the technical protocol.
The Bitcoin network has a core set of participating notes (more than 9,000), which keep full copies of the blockchain and exchange data with each other to maintain consistency. Other computers conduct business by querying these nodes, and yet others may relay information without keeping the whole dataset. The decentralized data means that a computer only needs to talk to a handful of nodes to get a correct picture of the data. If a node or handful of nodes crashes or has errors, it is generally ignored and life goes on.
The loophole in question is that it is possible to create “fake” nodes that essentially trick other nodes into sending transactions which are recorded but never acted upon. One node doing this does little harm, and soon will be marked as broken. So you create many such nodes, allowing you to get a broad sample of the network activity. (In this case, the purpose was to see which IP addresses initiates transactions.) This should still not do much harm, since the “real” nodes will provide the correct results soon enough.
This is classified as a “Sybil” attack, in which one agent (in this case, the company), fills the network with many different agents that misbehave. It is known that such “attacks” cannot be prevented without a central authority. In other words, the Bitcoin protocol is correct, but this still can happen.
This “attack” became more than a nuisance because some “light weight” wallets were confused by the swarm of fake nodes, and ended up connected only to them. In this case, the hapless software would wait a long time or forever—knocking them off the air. Unhappy customers, angry service providers.
The decentralized concept of Bitcoin is not just about the technical, computer to computer protocol, it is about the social organization of the community, or rather the lack thereof. Governance is by consensus and by community pressure.
In this case, we can’t say that Chainalysis broke any rules, since there aren’t any rules. But at least some people strongly object to both the intent and the realization of this business. The “discussion” reveals this feature of such “decentralized” systems.
Chainanalysis can say, with justification, that they are only providing a service that some people want, and did not intentionally interfere with the Bitcoin protocol. The failures seem to fall out from the inevitable ambiguities and general bugginess of decentralized network protocols.
Their critics complain that they shouldn’t even be trying to do what they are doing, arguing that spying on transactions in order to abet law enforcement is against the alleged spirit of Bitcoin. (Ar, mateys!) Actually, this point was stated rather more forcefully, as is the style of the “community”.
In any case, Chainalysis’ approach is seen as dishonest and underhanded, masquerading as real nodes to collect data without notice, and a single “centralized” service is pretending to be many unrelated nodes. (Is there no honor among pirates?)
Responses have been to basically ban Chainalysis’ nodes when they are discovered. And the service has been turned off for now.
This also has reminded people that the Bitcoin protocol, per se, is not necessarily “private”. As Grayce Caffee says, “bitcoin operates on ‘user-selectable privacy’ – by default it is no more secret than a google search from a home internet connection.”
Decentralized Governance On Display
This case gives us two interesting cryptocurrency lessons.
First, the technical issues illustrate once again, that the protocol presented in the Nakamoto document may be the beginning but are certainly not the end of the story for understanding cryptocurrency and making it work. In this case, several pieces that, in themselves may operate correctly, combine to produce unexpected and unwanted behaviors. And there is nothing that can be done to prevent it, except to use a central authority.
Second, there is a real and legitimate conflict of interest within the community of Bitcoin users. Some would like to have effective financial regulation, in order to operate in the above ground economy. Others demand a dark net, in order to operate outside the law.
A decentralized community faces a fundamental challenge negotiating such conflicting interests. The general approach is to yell loudly at each other, and deploy whatever technical means are available to impose ones own agenda. This isn’t so much conflict resolution as it is survival of the strongest.