The Bitcoin community has been beset by horror stories almost since day one. Mt. Gox, a Japanese Bitcoin exchange that filed for bankruptcy protection earlier this year, may go down as the most infamous. But it’s also triggering a long-needed attitude adjustment.
One of Bitcoin’s core principles is that it negates the need to trust major financial institutions. But Bitcoin exchanges, where customers trade currency for Bitcoin, have always rendered that advantage moot. From the moment fiat currency is deposited on an exchange until it’s exchanged for Bitcoin and relocated to a privately-controlled wallet, the customer’s trust is placed entirely with the exchange.
If the pitfalls of this one-sided trust dynamic hadn’t been made clear by major financial institutions in recent years, they were made so again and again by Mt. Gox. It’s not yet clear how long Mark Karpeles, the exchange’s CEO, had known he was short some 850,000 bitcoin. We do know, however, that even after finding out the coins were missing, Karpeles allowed trading to continue for another two weeks.
Although it doesn’t like to hear it, the Bitcoin community is often its own worst enemy. Even a generous estimate suggests Mt. Gox took close to $1 million in trading fees in those two weeks between closing withdrawals and shutting down entirely. Through a mixture of optimism and naivety, the exchange’s customers just kept giving it more money.
Although much of the community is eager to put the Mt. Gox debacle behind it, others are realizing they need to do better. Bitcoin—cryptography, really—provides all the necessary tools to equalize the trust dynamic considerably. And Bitcoin gamblers have become an unlikely role model in proving as much.
Close to quarter of all Bitcoin transactions relate to gambling, according to study results recently released by Coinsetter, a New York-based Bitcoin exchange. SatoshiDICE, one of the oldest and most trafficked Bitcoin gambling sites, has generated 82,000 BTC in revenue per Coinsetter’s analysis, around $52 million at today’s prices. More impressively: Reports of major thefts originating from gambling sites are few and far between.
What’s their secret?
Bitcoin gamblers seem to prefer nakedly betting the odds of a dice roll to skill-based games like Blackjack and Poker. On the homepage of one such site, Just-Dice, is this disclaimer:
This game is provably fair. What that means is that there is no way the site can cheat you by picking numbers to make you lose.”
Those words, “provably fair” appear on the homepage of almost all the big players in Bitcoin gambling. The implementation varies depending on the specifics of the game, but the nuts and bolts are largely the same. The first step is a random string generated by the server, combined with one generated by the client (the player), which are combined and used to generate what you would think of as the shuffling of the deck in a card game. Interested or suspicious players are able to use these values to verify that no foul play was involved in shuffling the deck or rolling the dice.
If it sounds complicated, it is. But many bitcoiners are already familiar with the cryptographic underpinnings here: They’re the same ones used in the Bitcoin protocol.
Just-Dice’s founder and operator, dooglus (for security, he asked to remain pseudonymous), told me players have typically been able to understand how the system works just fine. And helpful community members have made services designed to simplify the process of verification.
Just-Dice was designed to be provably fair from the outset, says dooglus, and the wisdom of this strategy is borne out in the site’s betting statistics: The last week alone has seen close to 15,000 bitcoin wagered—more than $9 million at today’s prices.
Asked why traditional online casinos don’t offer similar assurances, dooglus suggested that most consumers don’t even know such a thing is possible, so there’s little demand. In the Bitcoin world, however, “when a site launches without its games being provably fair people wonder what it has to hide.”
The key point: Using relatively simple cryptographic methods, businesses that handle money can provide their customers with assurances of their trustworthiness, and spur demand for others to do the same. And those methods are slowly becoming more familiar and accessible thanks to the technology Bitcoin provides.
Of course, there are no decks to shuffle in the world of Bitcoin exchanges. What a growing number of customers are calling for is proof that exchanges hold the funds they say they do.
Amid earlier fears of insolvency in June Last year, Mt. Gox’s CEO Mark Karpeles conceded to demands that he prove control of customer funds by moving 424242.42424242 bitcoin between two wallets controlled by the exchange.
In the midst of the latest controversy, Karpeles has claimed he’s technically unable to repeat this act. But Gregory Maxwell, one of Bitcoin’s core developers, described a possible alternative in February. This came as fears of Mt. Gox’s insolvency were again heating up and—unknown to most at the time—reaching their denouement, as Karpeles announced his intention to file for bankruptcy protection.
In a Bitcoin chatroom on IRC, Maxwell described how a cryptographic function called a Merkle tree could be used to count the amount of bitcoin an exchange has on-hand without significantly compromising customer privacy. Like the provably fair method, it isn’t a silver bullet, merely providing customers with a way to self-audit the exchange. But it is a significant improvement over blind trust. The approach is compelling enough that a bounty has been offered for any exchange willing to implement it. Chinese Bitcoin wallet service Bifubao claimed to be the first to do so last week.
Other approaches have been offered and implemented too. Bitcoin exchange Bitstamp has committed to regular financial audits by an independent (although unnamed) third party. Coinkite, an online Bitcoin wallet, confines customers’ funds to dedicated wallets and provides a private key that allows them to make sure it’s actually there. Other businesses are using multi-signature wallets, which make a customer’s Bitcoin unspendable without the agreement of the person on both sides of the transaction.
Ultimately, the precise implementation is unimportant as long as it works—and can be proven to work by the customer. When enough Bitcoin businesses are willing to make the effort to prove their reserves, the demand will make it untenable for them not to. Like gamblers, Bitcoin traders will no longer be willing to give their business to an exchange that can’t prove its reserves. And if it gets regulators off their back, well that’s great too.
Image by Jason Reed