Wednesday, August 20, 2014

Technology is Liberty, Part IV: What can Bitcoin do for Me?

Special thanks to Mike Hearn who provided many of the concepts that form the basis of this post.

We have seen how Bitcoin can do some amazing things that benefit humanity in general. Despite those long-term benefits that I outlined in Part III, you may be wondering, “What can Bitcoin do for me personally?” Bitcoin allows people to do some really cool things that can directly improve their lives*. There are probably too many to discuss here, but I will attempt to describe some of the most significant of them. Keep in mind that, while the actual execution of all these things is fairly complex, eventually software will be able to make them as easy as sending an email.

Multi-Signature Wallets




A typical Bitcoin address allows for a single person to control it with one private key. Multi-signature addresses are also an option. They are different because they require multiple private keys in order to spend from the address. Currently, a multi-signature address can have up to 20 private keys and it can be programmed to require any number of those private keys (m-of-n) to spend. If a husband and wife wanted to jointly authorize any spending they could generate a 2-of-2 multi-signature address. That way, one could not spend without the other’s authorization. A business with four partners could generate a 3-of-4 multi-signature address to ensure that at least three of the four had to authorize any spending. Such addresses add more security and accountability for those who utilize them.

Third-Party Arbitration

Multi-signature addresses are very useful when doing business with people you may not fully trust. Let’s use an example. Alice wants to buy a widget from Bob for one bitcoin, but she does not trust Bob and is not sure if he will send the widget after she pays him. To solve this problem, Alice and Bob turn to a mutually trusted third-party, Trent. Alice, Bob, and Trent create a 2-of-3 multi-signature address and they each get a private key. Alice pays the bitcoin to the new address, Bob sees that the bitcoin is there, and he sends the widget in the mail. Alice receives the widget and signs a transaction spending the bitcoin from the multi-signature address to Bob’s personal address. Bob also signs the transaction, fulfilling the 2-of-3 requirement, and Bob gets the bitcoin. In this scenario, Trent does not have to do anything and does not have to be paid. 

But what if there is a dispute between Alice and Bob and they disagree about whether or not the widget arrived in the mail? Then they turn to Trent to arbitrate. Alice and Bob both present their evidence, Trent judges on the merits of the evidence, and signs a transaction spending the bitcoin to the prevailing party, minus a small fee to himself for arbitration services. The prevailing party, whether it is Alice or Bob, also signs the transaction and receives the bitcoin. 

Arrangements like this, when done properly, work because the third party can never run off with the money without the assistance of one of the other parties.

Two-Party Escrow

What if two parties want to transact but do not want to bother with a third party? That is where two-party escrow comes into play. The key in this arrangement is the use of deposits from both parties to ensure that there is something to lose by acting dishonestly and something to gain by acting honestly. Let’s say again that Alice wants to buy a widget from Bob for one bitcoin and they do not trust each other at all. The two of them create a 2-of-2 multi-signature address to which they will each commit a deposit of one bitcoin, and through which Alice will pay one bitcoin to Bob for the widget. Alice constructs a transaction that has an output of three bitcoins but only uses two of her bitcoins (one for a deposit and one for the payment). Alice signs the transaction and sends it Bob. Because there is an output of three bitcoins, but only a signed input of two bitcoins, the transaction is invalid. Bob adds one of his bitcoins to the transaction for his deposit (he cannot change the amount that Alice spends without invalidating the entire transaction). Bob signs the transaction, and broadcasts it to the network, thus committing the deposits (one bitcoin each from Alice and Bob) and the payment (one bitcoin from Alice) to the 2-of-2 “escrow” address. This is set up so that they both have to commit at the same time, or no one commits at all. Now Alice and Bob will both gain by acting honestly and will both lose by acting dishonestly. Bob sends the widget to Alice. After Alice receives it, she constructs a new transaction that spends the payment of one bitcoin to Bob and refunds the deposits back to each of them. Alice signs the transaction and sends it to Bob, who also signs it, and broadcasts it to the network. They both win even though they never trusted each other.

Time-Locked Transactions




There is a feature, called nLockTime, that allows you to sign and broadcast a transaction that will not actually take place until a specified time in the future. It can be used for some really neat things. First we will look at how it can be used for deposits.

Deposits

Let us imagine that Charlie wants to join a social media website, but the website requires a deposit of one bitcoin from Charlie to prove that he is a legitimate user and not just a spammer (the risk of spamming is significantly reduced by requiring an actual sacrifice, since spammers mostly utilize free online resources to spam). But Charlie is not sure he can trust the website to not run off with his deposit. Charlie and the website can utilize a multi-signature address and nLockTime to solve this problem. 

Charlie and the website generate a 2-of-2 address. Even though the address is currently empty, Charlie creates a refund transaction that spends one bitcoin from the 2-of-2 address to himself after one year. Charlie signs the transaction and sends it to the website, which also signs it, and sends it back to Charlie, who does not broadcast it. Charlie then sends his deposit of one bitcoin to the 2-of-2 address and broadcasts the refund transaction to the network. Charlie can then participate on the social media website. Charlie and the website can jointly amend the refund transaction to postpone it or to return it sooner, but no matter what, Charlie will receive his bitcoin after a pre-determined amount of time, even if the website permanently goes offline.

Inheritances




As Bitcoin becomes more mainstream, people will need simple and secure ways to pass their wealth on to their heirs after death. One way to do that utilizes nLockTime. Let us imagine that Dave wants to pass on his wealth after he dies, to his daughter, Eve. Dave consolidates the wealth he wants to pass on into one address. Dave constructs a transaction that sends all the bitcoins in the address to Eve, but he utilizes nLockTime to postpone the actual execution of the transaction until sometime in the future. Dave broadcasts the time-locked transaction. While Dave is still alive he can amend the transaction as often as he likes in order to extend it further into the future or to make it sooner. After Dave dies, the transaction will send the bitcoins to Eve at the time chosen by Dave the last time he amended it. The same technique can be used to send inheritances to multiple addresses, each controlled by an heir, or to a multi-signature address controlled jointly by multiple heirs, who must cooperate to access the money.

Trade Across Chains

As you might already know, there are hundreds of other cryptocurrencies out there (e.g. Litecoin, Dogecoin), some of which people value and are willing to trade for it. In addition to this, block chain technology enables the decentralization of not just currencies, but potentially any financial asset. Some examples could include equities (stocks), bonds, futures, and options. You could call all these things “cryptosecurities”. Each application of this technology, like Bitcoin, would have its own block chain, and it is possible to create transactions that can let people trade across these chains in a trustless manner.

Let’s use Alice and Bob again and let’s say that Google created its own cryptostock called “Googleshare” (in such a scenario there would be an entire Googleshare network similar to the Bitcoin network). Let’s say that Alice owns a bitcoin and she wants to trade it for Bob’s Googleshare. Alice picks a random number X. She then creates a transaction that sends her bitcoin to Bob’s Bitcoin address and allows him to claim it if he knows X. Then she creates a refund transaction that would send the bitcoin back to her Bitcoin address after 48 hours if it is not claimed by then (using nLockTime). Alice sends the refund transaction to Bob, who signs it and returns it. Alice then broadcasts both Bitcoin transactions to the Bitcoin network. 

Bob then does pretty much the same thing with his Googleshare. Bob creates a transaction that sends his Googleshare to Alice’s Googleshare address and allows her to claim it if she knows X. Then he creates a refund transaction that would send the Googleshare back to his Googleshare address after 24 hours if it is not claimed by then (this refund time is shorter because, if both refund times were the same length, Alice could potentially wait until the last second to reveal X and Bob would have no time to collect his bitcoin). Bob sends the refund transaction to Alice, who signs it and returns it. Then he broadcasts both Googleshare transactions to the Googleshare network. Within 24 hours Alice claims her Googleshare using X (she picked it in the first place), thus revealing X to Bob (everyone can see the transaction). Bob then has at least 24 hours to use X to claim his bitcoin. 

This complicated process ensures that there is never a point at which one can cheat the other (remember that software will make such transactions quite user-friendly).

Crowdfunding




Bitcoin makes crowdfunding fairly straightforward. Crowdfunding is basically collecting money from the public to fund something that will benefit everyone. This is also called an assurance contract. Let’s say that Frank is a musician and he wants to write and produce a song. Knowing full-well that people like to pirate music, Frank decides to use an assurance contract to pay for everything up-front before releasing the song into the public domain, where everyone will be free to share it as much as they want. Frank decides that he needs 100 bitcoins to pay for writing and producing the song. Frank creates a new bitcoin address for this purpose and publishes that address to the world. Each person who wants Frank to write his song creates a modified transaction spending bitcoins to that address. Each of those transactions has an input of whatever the donor can afford, but has an output of 100 bitcoins. Every individual transaction like this will not be valid because the output is greater than the input. All the donors, instead of broadcasting their transactions, send them to Frank, who cannot alter the inputs without invalidating them. Frank monitors all the transactions that are sent to him. After the sum of all the inputs totals 100 bitcoins, Frank merges them all into a single transaction, broadcasts it, and collects the 100 bitcoins. Frank then writes and produces his song and releases it into the public domain. 

Such a strategy can work to fund all sorts of things, including movies, novels, software, roads, and special events. A really useful feature of all this is that no trusted third party, like crowdfunding websites (e.g. Kickstarter, Indiegogo), are needed. Cutting out the middle-man means increased efficiency and more value.

Smart Property

Bitcoin allows people to prove ownership of property without a third party like the state. All that is necessary is to somehow physically link a Bitcoin address with a piece of property. The Bitcoin address simply needs a token amount of bitcoins in it (e.g. 0.0001 BTC). This makes property “smart”. It is easy to prove ownership of and trade smart property. Depending on the type of property, you could potentially have to prove ownership before even being able to use it. To prove ownership of smart property, you would just have to sign a message with the private key that controls the property. 

To trade property, a special transaction can be constructed. Let’s say that Alice wants to buy Bob’s car for 100 bitcoins. Alice creates a transaction that sends her 100 bitcoins to Bob and also sends the token amount of bitcoins, the bitcoins that are linked to Bob’s car, to a bitcoin address that she controls. Since Bob controls the token amount of bitcoins, the transaction is not valid until both of them sign it. When they do, they broadcast it and the sale is final.

Smart property allows other things that may not have been possible before. The scenario above can take place while Alice is in New York, Bob is in London, and Bob’s car is in Paris. Additionally, smart property can enable new types of loans with collateral. You could potentially use your car as collateral for a loan, grant ownership of the car to the creditor, keep access to the car for the duration of the loan, and ensure that ownership of the car reverts back to your control after the loan has been repaid. In this manner, no third party is necessary.

Why does all this stuff matter?

I know this is a lot of information and some of it is very theoretical at this point. But this matters to everyone because it opens up a world of possibilities. With the right implementations of these ideas you will be able to trade and do business with anyone on Earth without any intermediaries. Remember that every economic exchange you make causes you to become wealthier. There will be much fewer barriers that get in the way of your economic activity so that will increase your wealth and the wealth of everyone in the world.

We have gone over several ways that Bitcoin can enable new and exciting types of transactions between regular people. Over the coming years we will start to see more and more implementations of these ideas. Additionally, there are most likely many more possibilities that have not even been imagined yet. In the next part in this series we will look at the decentralized world that is now more possible than ever thanks to Bitcoin. Overall, I believe that Bitcoin gives us more choices than before. Those choices will be mostly immune from any state interference. That is a win for liberty.

Next: A Decentralized World

*Some Bitcoin features may be currently disabled due to the infancy of the network and ongoing development.

Other Parts in the "Technology is Liberty" series:
Part I: The Formula
Part II: History
Part III: Bitcoin
Part V: A Decentralized World
Part VI: What Comes Next?

No comments:

Post a Comment