As we discover that the recent price spike in Bitcoin might have been driven by a giant pyramid scheme in China, not, as we were told, by the inevitable unraveling of the conventional financial system, we are treated to some classic examples of Confused Crypto Reasoning.
For instance, Bitcoin pioneer and leader of Ethereum Nick Szabo discussed the security of the Bitcoin blockchain. He specifically compared the decentralized blockchain to “centralized” banks, which “rely” on government and law enforcement. This, he says, is why they are “stuck and highly regulated”, which he labels “insecure”. In contract, the decentralized blockchain is….unstuck and unregulated? I’m not sure how that makes things “secure”.
Aside from the apparent disdain for democratically elected governments and the rule of law, Szabo is using the term “security” in a rather idiosyncratic way. As a historical note, the “highly regulated” financial system is specifically designed to provide “security” against crazy pyramid schemes such as mentioned above.
“Security” means a lot of things, but in technical systems it is generally a claim about resistance to specific threats. No system is resistant to every possible menace, so “security” must be stated in terms of what is protected from what. This is often a balance of costs and benefits, considering expenditures (in money, time, inconvenience, etc.) that decrease the likelihood of certain attacks. It is also about who takes the risk and who benefits, and usually about spreading costs and sharing risks.
Finally, as I have discussed many times, you have to consider the entire system, end to end, not just one part. In “centralized” systems, many key parts are secured, for better or worse, in the centralized service. In a “decentralized” system, the parts are scattered and in the hands of many parties, including hapless consumers like me. End-to-end analysis shows that the same things need to be protected, but the methods available must be different.
Szabo’s comments that, we should think more broadly about security are certainly on target. But the suggestion that we should “try to secure everything, protect everything that is important to us as much as we can” is demonstrates naivete of truly planetary scale.
In the end, I really have no idea what Szabo means by “security” here. He certainly isn’t talking about “security” in any way that I recognize. What is “secure” from what?
Finally, we have the “feel good” story “Meet the Dad Who Registered His Daughter’s Birth on the Blockchain”. Apparently concerned that for most people, “The first database entry done to every single human being born until now has always been on a governmental database”, and, moreover, wishing his daughter to be a citizen of Earth, not one particular “arbitrary piece of territory”, he attempted to record his daughter’s birth on the Bitcoin blockchain.
We could point out that the notion that “until now” everyone was registered in a government database is ahistorical and ignores the fact that democratically elected governments were constituted in part to secure the benefits of these types of records for all citizens, not just the wealthy or those belonging to a major church.
But let’s examine what he has done, and how it “solves” the problem he perceives. Apparently, he created a video statement (by the way, web video is not a terribly wise choice for a record that is intended to last a lifetime) testifying to the birth of his girl. He cryptographically sealed this file, and posted the hash onto the Bitcoin blockchain.
What problem does the blockchain “solve”? The blockchain provides a timestamped record of when this version of this video was registered, i.e., no later than that date. Assuming the video survives and remains viable in 50 years, it will be possible to see dad tell us when his daughter was born. The timestamp certainly helps detect later forgeries, e.g., it would be easy to detect a similar record that claims she was born a few years later, or with another name. (I can detect that one must be a forgery, but how I could decide which of the two is valid is a different question.)
So, how well does this video meet the requirements for a birth notice? Well, we can be sure that the original isn’t modified in coming years. That’s good, though there isn’t a really big problem with tampered birth certificates. From the video, I be sure that, well, someone says they have a daughter, born this day. Do I believe this? Unless I know the father, or otherwise take his word for truth, I’ll probably have to cross check this with other records anyway.
Worse, this kind of record has no way to connect it to the actual parties in question. Neither the video nor the people can be authenticated from this record. Pretty much anyone could claim that video as their own. How would you know that she isn’t the original girl?
Obviously, you could embed biometrics in the record, just as some birth records include a foot print and blood type. This would have to be done carefully, encrypted in some way that is confirmable but not copyable. You don’t want to post your DNA, fingerprints, or retina to the blockchain, unless you don’t mind someone impersonating you.
Finally, there is nothing to stop me from flooding the blockchain with thousands of bogus birth announcements. Who will know if these people exist, or if the records are accurate? Which ones are legitimate? Enough noise will surely drown out the signal.
The basic point is that registering a birth record on the blockchain accomplishes very little. And the blockchain itself contributes only a timestamp and a broadcast channel. Tamper resistance and availability are provided by the Internet and public key cryptography, not the blockchain, per se.
Finally, the record itself needs to be a useful certificate, not just testimony.
The whole thing is conceptually muddled and poorly thought out.
I think I’m repeating myself.