BitcoinRedux

RossAnderson,IliaShumailov,MansoorAhmed,AlessandroRietmann

Cambridge

WEIS,Innsbruck,June2018

BISAnnualreport,June17th“Cryptocurrenciespromisetoreplacetrustedinstitutionswithdistributedledgertechnology.Yet,lookingbeyondthehype,itishardtoidentifyaspecificeconomicproblemwhichtheycurrentlysolve.Transactionsareslowandcostly,pronetocongestion,andcannotscalewithdemand.Thedecentralisedconsensusbehindthetechnologyisalsofragileandconsumesvastamountsofenergy.Still,distributedledgertechnologycouldhavepromiseinotherapplications.Policyresponsesneedtopreventabuseswhileallowingfurtherexperimentation.”

WEIS,Innsbruck,June2018

Regulationsofar

•  Since2013,FinCENinsiststhatexchangesregisterasmoneyservicebusinesses

•  Since2017,defaultersgetraided•  Needknow-your-customernotjusttochangeBTCfor$,buttochangeBTCforEth

•  2018:EUDirectivePECONS72/12‘tries’toregulatewallethostingserviceproviderstoo

•  Somegovernmentshavegonemuchfurther...

WEIS,Innsbruck,June2018

Howcanwetrackstolencoins?

•  Over6%ofbitcoinhavebeenreportedstolen•  Evenmoremaybeproceedsofothercrimes•  Theblockchainispublic,sowhynotjusttrackthemandrecoverthemfromexchanges?

•  Möser,Böhme,Breuker:poisonorhaircut?•  IfyougetBtc3stolen,thenBtc7legal:–  ‘Poison’taintinggivesyouBtc10stolen–  ‘Haircut’givesyouBtc10,markedas30%stolen

WEIS,Innsbruck,June2018

WhatEnglishlawactuallysays

•  DavidFox:whentrackingfundstowhichtherearemixedclaimsthroughanaccount,youhavetousefirst-in-first-out(FIFO)

•  “Clayton’scase”–DevaynesvNoble,35ER767,781(1816)

•  ThishasspreadfromEnglandtoCommonwealthjurisdictionslikeCanada

•  Sowedecidedtomeasuretheeffect…

WEIS,Innsbruck,June2018

WEIS,Innsbruck,June2018

WEIS,Innsbruck,June2018

WEIS,Innsbruck,June2018

Methodology+sampleresults

•  WeranhaircutandFIFOonbitcoinfromthegenesisto2018startingwith56theftreports

•  Linode:Btc46,653stolenin2012,haircutnowtaints16,855,619addresses(93%oftotal)

•  FIFOonlytaints254,120(1.3%)•  Flexcoin:Btc896stolenin2014,haircuttaints10,421,122addresses(57%)

•  FIFOtaintsonly15,265

WEIS,Innsbruck,June2018

WhyFIFOisbetter(2)

•  Haircuttaintingislossy;can’tgobackwards•  FIFOtrackingislosslesssotracingisreversible•  YoucangoforwardfromastolencointoallUTXOsittaints,orbackfromaUTXOtoseeitsentireancestry

•  Thehandlingoftransactionfeesisverydifferent,asit’sfiddly(butimportant)

•  WithFIFO,mostUTXOs(72%)havenotaintfromoursetof56well-publicisedlargethefts

WEIS,Innsbruck,June2018

Nemodatquodnonhabet

•  ‘Youcan’tgivewhatyoudon’town’•  IfBobstealsAlice’shorseandsellsittoCharlie,thenwhensheseeshimridingitshecandemanditback

•  Thereisnostatuteoflimitationsfortheft,solongasbitcoinarejustacommodity

•  Bitcoinfolksrelyonthedifficultyoftracing•  Theirpolicygoalis‘fungibility’

WEIS,Innsbruck,June2018

Nemodatquodnonhabet(2)

•  Englandusedtohavea‘marketovert’loophole,butclosedthatin1995

•  Twoexceptionsformoney.Youcanownit–  Ifyougotitingoodfaithforvalue–  Ifyougotitfromaregulatedbank

•  Mighttheseapplyifbitcoinbecomesmoney?•  Bitcoinfolkslobbyforbitcointobemoney,orfortheblockchaintoconstituteownership

WEIS,Innsbruck,June2018

Laundries•  Whataboutbitcoinmixesorlaundries?•  Idea:putonebadcoininabagwithninegoodonesandthenshakeandchooseorchopandchange

•  FIFOtaintingmakesthefirstunattractive•  Andifyouchopandjointhecoinsintopuffpastry,that’sclearevidenceofbadfaith

•  Soevenifbitcoinbecomesmoney,laundriesdon’tworkasadvertised!

WEIS,Innsbruck,June2018

Howdoweimplementtracking?

•  Ifbitcoinbecomesmoneyoraregulatedexchangeotherwisegivesgoodtitle,itscustomerswillwantitsaddressespublic

•  Butthentheftvictimscansuetheexchangemoreeasily

•  Andsellerswillwanttochecktheircoins•  Howcanwefixthis?

WEIS,Innsbruck,June2018

Howdoweimplementtracking?

•  Ifbitcoinbecomesmoneyoraregulatedexchangeotherwisegivesgoodtitle,itscustomerswillwantitsaddressespublic

•  Butthentheftvictimscansuetheexchangemoreeasily

•  Andsellerswillwanttochecktheircoins•  Howcanwefixthis?•  Comingsoon:apublicTaintchain!

WEIS,Innsbruck,June2018

Tainttrackinginpractice

•  WepublicisedourFIFOapproachinMarch(SecurityProtocolsWorkshoppaper,video)

•  Wehopedtogetlotsoftheftreportsthatwecouldfollowup

•  Whatwefound:almostnoneofthevictimshadeverreallyownedabitcoin!

•  StartingwithMt.Gox,exchangeshavebeen‘hosting’customers’wallets

WEIS,Innsbruck,June2018

Howcanyouownanasset?

•  Self-hosting:keepyourgoldcoinsunderthebed,orkeepyourprivatekeyonyourlaptop

•  Goldmerchant:youbuyagoldbarfor£30,000andthemerchantkeepsitintheirvaultbutwithyournameonit.Iftheygobust,it’sstillyours

•  Bank:youdeposititandthebanknowowesyou£30,000.Ifitgoesbust,youstandinline

WEIS,Innsbruck,June2018

Howbitcoinreallyworksnow

•  Theexchangessuggestthey’regoldmerchantsbuttheblockchainsuggeststhey’rebanks

•  Hugegrowthin‘off-chain’transactionsoverthepast2years;paymentsfastandcheap

•  NowmostpeopleinUS,UKuseCoinbase,mostChineseuseBinanceetc

•  Theyareactingase-moneyprovidersbutwithoutthelicencesrequiredbyEUlaw

•  TheE-MoneyDirectiveisnotbeingenforced

WEIS,Innsbruck,June2018

Howregulationisfailing

•  EU:newdefinitionofhostedwallet(aserviceholdingkeys)istwoyearsoutofdate

•  Germanyissimilar;closedOneCoinasitwastransferringfundsbyadjustingEurobalances,butignoresoff-chainbitcointransactions

•  UK:FinancialConductAuthoritywon’tseepaymentassignificant:bitcoina‘cryptoasset’

•  Soitwon’tgivethePaymentServiceRegulatorauthorityovercryptocurrencypayments

WEIS,Innsbruck,June2018

Recommendations

•  Firstandmostimportant:EUgovernmentsmustregulateexchangesofferingoff-chainpaymentsundertheE-moneyDirective

•  Next,theyshouldregulatetherelationshipbetweentheexchangeanditscustomersunderthe2ndPaymentServicesDirective

•  Next,theyshouldstopregulatedexchangesdoingtransfersto/fromunregulatedexchanges(thosenotevencompliantwithFinCEN)

WEIS,Innsbruck,June2018

Recommendations(continued)

•  Governmentsshoulddemandthatexchangesmakeclearwhethercustomerassetsarekeptdistinctorpooled,andwho’stheowner,i.e.whethertheyare‘goldmerchants’or‘banks’

•  Theyshouldbanexchangesfromdealingincryptocurrenciesspecificallydesignedtoevademoneylaunderingcontrols

•  Theyshouldrequireexchangestobeadequatelycapitalised,anddevelopaccountingstandardstosupportthis

WEIS,Innsbruck,June2018

Isthereanupsidetocryptocurrency?

•  Ifthereis,it’sprobablyinsmartcontracts•  SeeforexampleJPMorganproject(liveblogofFC18keynote,onlightbluetouchpaper.org)

•  Ifasmartcontractwerebuiltonabillofexchange,ownershipwouldbelikemoney

•  Withcentralbankbacking,evenbetter!•  Werecommend:ifanycentralbankissuesacryptocurrency,itshouldsupportsmartcontractsandberedeemableatpar

WEIS,Innsbruck,June2018

Finally–savingtheplanet

•  Cryptocurrencyminingnowcostsabout7GW,orasmuchasIsrael

•  Itdoesn’thavetobethisway!•  Plentyproposalsforproof-of-X•  EnterpriseethereumusesByzantinemethods•  Oureighthrecommendation:governmentsshouldimposeacarbontaxatleastequivalenttothe€33pertonneflooroftheEUEmissionsTradingScheme

WEIS,Innsbruck,June2018

Conclusions

•  Wetriedtounderminebitcoinfungibilitybydevelopingbettertaint-trackingtools

•  Wewaitedforbitcointheftvictimstocome•  Butalmostnoneofthemeverownedabitcoin!(sothe5thAMLdirectivemissesthemark)

•  Therealproblemsarewiththeecosystem•  Exchangesactas“banks”,pretendtobe“goldmerchants”,andignorethelaw,withthetacitconnivanceofbankregulators

•  Solution:enforcethelawswealreadyhaveWEIS,Innsbruck,June2018