Bitcoin fanciers should count themselves lucky that the entire world press has become obsessed with the cabaret over whether a 64-year-old Temple City software engineer is the Satoshi Nakamoto, the fabled mysterious/pseudonymous inventor/inventors of bitcoins.
That's because the pursuit of the corporeal Mr. Nakamoto has distracted everyone's attention from the real problems with bitcoins, which erupted last month with the collapse of the Mt. Gox bitcoin exchange--at one time the largest bitcoin exchange in the world--and have only continued to look worse.
A couple of new analyses shed more light on the Mt. Gox failure, and point up how it illustrates the fundamental problems with the bitcoin system. That system is based on distributed verification, rather than central management, and that's exactly its problem.
In a piece in Bitcoin magazine, Ken Griffith provides some shocking context for the Mt. Gox affair. "MtGox is not alone," he writes. "Forty-five percent of Bitcoin exchanges to date have failed, in most cases with their customers’ money. The digital currency industry’s track record on fiduciary responsibility is abysmal."
Griffith's source for the figure, a paper by two computer scientists at SMU and Carnegie Mellon, observes that because of bitcoin's growing popularity the system has been "repeatedly targeted by fraudsters." What makes bitcoin accounts especially inviting to wrongdoers, they say, is that bitcoin transactions are irrevocable--even fraudulent ones. That makes them different from credit cards and electronic transfers, which can be unwound if they're found to be improper. "Fraudsters prefer irrevocable payments, since victims usually only identify fraud after transactions have taken place."
The biggest risk for bitcoin owners, the authors say, is in their dealings with intermediaries--like Mt. Gox.
Or in the words of the indispensable Izabella Kaminska of the Financial Times: "Who’d have thought that there might be an incentive for operators in a totally unregulated market to take people’s assets and run?"
Over at the website Hacking, Distributed, Cornell computer scientist Emin Gun Sirer takes a closer look at what might or might not have happened to bring Mt. Gox down. Sirer's thesis is that the entire bitcoin system is build on a foundation of sand -- bad technologies rife with technical problems and vulnerable to attacks "from insiders and out."
"What Nigerian scams are to your grandfather, Bitcoin exchanges are to the 20-30 semi-tech-savvy libertarian demographic," he warns.
Sirer walks us through every excuse and explanation Mt. Gox or its defenders have issued over the last few weeks to explain its apparent loss of some $400 million in bitcoins, mostly entrusted to the firm by customers. He doubts the loss is due to "transaction malleability," a known bug that might have allowed attackers to fool Mt. Gox into double-paying them. He's no more impressed by the notion that Mt. Gox might have lost the digital keys that give it access to its own accounts, or that hackers or the U.S. government are behind the losses.
"Chances are that this is a simple case of theft, involving at least one insider," he concludes. That points again to the crummy technical underpinnings of the entire bitcoin system, which have been disregarded by bitcoin fans who don't understand it or don't think it's important.
"The exchanges are based on layers upon layers of bad software, run by shady characters," he writes. "The Bitcoin masses, judging by their behavior on forums, have no actual interest in science, technology or even objective reality when it interferes with their market position. They believe that holding a Bitcoin somehow makes them an active participant in a bold new future, even as they passively get fleeced in the bolder current present."
He believes that there is a place for crypocurrencies like bitcoin--in fact, Ben Bernanke and many other current or former central bankers agree--but a sustainable model won't look like bitcoin. The one good thing about the collapse of Mt. Gox, he concludes, is that if you can prove your loss to the IRS, it's tax-deductible.