Bitcoin’s Collusion Problem

Yesterday I questioned whether we should expect demand for Bitcoins to be stable over the long run. Today I want to look at the supply side. A constrained supply of money is important to a currency’s stability. One of Bitcoin’s key selling points is that the number of Bitcoins issued will never exceed 21 million. But this promise isn’t credible. To understand why, we need to dig a little bit into how the protocol works.

The Bitcoin peer-to-peer network can be thought of as a giant, shared accounting ledger. Whenever someone makes a Bitcoin transaction, the record of this transaction is submitted to the various nodes in the network. At fixed intervals, each node bundles up all the transactions it has seen into a data structure called a “block” and then races with the other nodes to solve a difficult mathematical problem that takes the block as an input. The first node to solve its problem (the problem is randomized in a way that gives each node a roughly equal chance) announces its success to the other nodes. Those nodes verify that all the transactions in the new block follow all the rules of the Bitcoin protocol, and that the solution to the mathematical problem is correct. (verifying solutions is much easier than finding them) Once a winning solution is found, all nodes then treat the transactions encoded in the winning node’s block as new entries in the global transaction register.

The system has a clever incentive system: each node is allowed to insert a fixed reward (currently 50 Bitcoins) for itself into the block it is working on. If it “wins” the race for a round, then this reward becomes part of the official transaction history. Effectively, the winner of each race gets to “mint” some Bitcoins for itself as a reward for participating in the transaction-verification process. The creator of the Bitcoin protocol established an expoentially decreasing schedule of rewards. If this schedule is followed, no more than 21 million Bitcoins will ever be issued.

The limit is a social convention baked into the BitCoin software. If a rogue node tries to give itself a larger reward than the protocol allows, the other nodes are supposed to reject its proposed block. But that only works if most nodes are enforcing the rules. If Bitcoin became a “real” currency, nodes would face a tremendous temptation to collude in order to give themselves larger rewards.

If a group of nodes colluded to change the rules (say, awarding themselves 100 Bitcoins rather than 50 for “winning” a round), the result would be a “fork” of the Bitcoin network. Nodes that enforced the original rules would reject blocks with the higher rewards, effectively expelling them from their network. The “rogue” nodes would recognize one another’s blocks, and would effectively establish a second, rival Bitcoin network. Theoretically, these different networks could continue in parallel indefinitely, but it’s likely that relatively quickly one of them (probably the larger one) would come to be regarded as the “real” Bitcoin network and cash spent on the other network would become worthless.

So the question is whether it would be possible for a critical mass of nodes to collude to change the rules. And I think the obvious answer to this question is yes, for two reasons. First, the Bitcoin software itself offers a convenient collusion mechanism. If the Bitcoin protocol is anything like other network protocols, a handful of clients is likely to account for the overwhelming majority of nodes at any given time. That means that convincing the creators of the top two or three Bitcoin clients to change their implementations would be enough to effectively change the protocol.

Second, collusion will grow easier as the network grows and becomes more professionalized. Bitcoin supporters are quick to point out that their system wouldn’t require ordinary consumers to run their own Bitcoin nodes. They predict that as the network grew and the resources required to run a node increased, that nodes would increasingly be run by commercialized entities who made money by providing “eWallet” services to ordinary Bitcoin users.

We might call organizations that are in the business of running Bitcoin nodes and processing Bitcoin transactions “banks.” And we could imagine these banks forming a membership organization whose primary function is to control the size of the Bitcoin money supply. It would announce changes to the Bitcoin protocol that expand the supply of Bitcoins at the desired rate. Member banks would agree to change their software accordingly. We could call this entity a “central bank.”

So one of Bitcoin’s key selling points—a permanently fixed supply—is basically illusory. The supply of Bitcoins, like the supply of every other currency, will be controlled by the fallible human beings who run the banking system. We already have an electronic currency whose quantity is controlled by a cartel of banks. If you’re a libertarian, you might think the lack of government regulation is an advantage for Bitcoin, but it strikes me as highly improbable that the world’s government’s would leave the Bitcoin central bank unregulated. So I don’t see any major advantages over the fiat money we’ve already got.

This entry was posted in Uncategorized. Bookmark the permalink.

103 Responses to Bitcoin’s Collusion Problem

  1. Anonymous says:

    To expand on that, it’s not in any way like funding the building of a new bank, in case anyone tries to draw parallels. Dissenting voices would just build the mining racks, connect to a new pool, and overpower the pool acting outside the popular consensus. Since time is money, many in the first pool would probably mutiny and jump in the new one.

    But in short, no one would ever try to do that, because this result is incredibly predictable. There’s no benefit in manipulating this open system without the consensus of participants

  2. Impaler says:

    The BIG issue here is that their is a defined cut-off point ware the ‘miners’ run out of coins to mine, that is when they would logically collude to break the existing target quantity. Simply because they have not done obviously stupid collusion when their is still ‘head-room’ under the cap should not be taken as proof they will not collude when they do hit the cap their gravy train dries up.

    They might even convince users this is a good thing because it will allow them to avoid charging transaction fees that would be comparable to what conventional systems like VISA and PayPal charge.

  3. painlord2k says:

    The effect of a collusion of the 51% would be a fork.
    Now, it is not difficult to see the people that write the client side of the network to reject the forked chain with changed rules.
    Or better, they allow people to decide what blockchain they want be on.
    I bet people, common users, would reject the people increasing their own reward at their expenses.

    In the end, a fork is always possible. But who will follow the new branch and who will follow the old can not be decided by any authority.
    They would just become Bitcoin v. 2.0 and their newly mined BTC would not be expendable on the old chain and the new BTC mined of the old chain would not be expendable in the new.

    If a branch do not die in few days, there would be a need to convert BTC v2 in BTC v1 and the reverse and old BTC would be worth a lot (because they are common to both branch).

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>