Hard Fork

Bitcoin’s Distributed Defense

Bitcoin is a Peer-to-Peer Electronic Cash. The P2P aspect is intended as a defense against state-level attack.

Governments are good at cutting off the heads of a centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own.
– Satoshi Nakamoto

Some claim Bitcoin will never withstand a concerted state-level attack. Others consider Bitcoin decentralization an undefined concept with no ideal measure, and imply that decentralization is a red herring disguising a developer conspiracy.

If Bitcoin is indefensible then there is no point in it; if decentralization is not important then Bitcoin is indefensible.

According to Paul Baran’s 1964 paper on distributed networks the importance of topology in network design is in the ability of communications to withstand the loss of a certain number of nodes. A centralized (star) network will fail with the loss of one node. A distributed (mesh) network is more resilient. A hybrid of these systems is considered decentralized.

networks

In terms of Bitcoin defensibility, it is not the wire protocol we are referring to and communication is not the property we are protecting.

As a money Bitcoin forms a social graph — relations between people. Defense refers to this social graph, not the wire protocol. We defend against the tendency toward authority in order to preserve utility. Authority in a monetary system is the ability to define the money.

In Bitcoin a set of rules define the money. Changes to these rules are referred to as hard forks and soft forks. In the case of a hard fork, a new transaction may be valid despite not conforming to the original rules. In the case of a soft fork, new transactions are valid under the original rules. In other words, holders of a money have not agreed to a hard fork but inherently accept a soft fork.

By way of analogy, in 1933 the gold obligation was dropped from Federal Reserve notes (hard fork), and periodically these notes are replaced with new designs, though old notes remain valid (soft fork). A hard fork without universal consensus by holders of the money is a theft. This is why rules that require a hard fork to change are called consensus rules. By the same reasoning, rules that can be changed by a soft fork are properly referred to as majority rules.

As monies, the Federal Reserve system is centralized (one authority) and gold is distributed (no authority). Gold is a commodity money, defined by its atomic number. It cannot be carried on a wire, making it unsuitable for modern commerce. As an information money the novel aspect of Bitcoin is its resistance to authority (censorship resistance). A Bitcoin hard fork is the monetary equivalent to changing the atomic number of gold.

The social graph is about choices made by people. It is the choice of a person to accept or reject changes to the money (validation) in trade that protects him/her from fraud. And it is only the broad application of this selfish policy that protects the money from authority (i.e. non-consensual hard forks). The strength of Bitcoin’s censorship resistance is a function of how broadly people validate in trade.

How might we define this strength, which is generally referred to as decentralization?

In modeling the system as a graph, a vertex represents a person (“recipient”) and an edge represents a validated trade in bitcoin. The graph is directed in that each edge indicates the direction of movement of the bitcoin, and quantified in terms of the amount of bitcoin traded (“receipt”).

If a person never accepts bitcoin in trade, or does not validate it in the trade, he/she does does not contribute to defense. If a person delegates his/her validation to another party, it is the delegate represented by a vertex. In other words, a “payment processor” or “web wallet service” is just one vertex on the graph and none of this delegate’s customers are represented.

While customers could decide to leave the processor and validate their own transactions, they cannot act in defense until they actually do so. The distinction is analogous to being armed vs. having the ability to become armed. The latter matters not at all when you are getting robbed. Imagine yelling, “Leave my house or I will run down to the gun store!”

For any period of time, the defensibility of Bitcoin is a function of the number of people and the distribution of amounts traded. The strongest system would be all people in the world accepting the same amount of bitcoin in the period, an ideal which I would call “distributed”. The most anemic system would be one payment processor (or web wallet service) accepting all bitcoin traded during the period, which would be a “centralized” system.

centrality

A visualization of centrality.

More specifically, the system is strongest which has the greatest number of vertices with the lowest coefficient of variation in the sum of incoming edges (“receipts”), or:

economic decentralization = recipients * receipts mean / receipts standard deviation

What about miner decentralization?

A majority of mining hash power can double spend by reversing transactions indefinitely, can enforce a soft fork and can deny service in various ways. Mining decentralization is independent of the level of economic decentralization.

While economic advantage typically works against a 51% attack, state attackers may be more interested in disruption. Total hash power is the defense against such attacks, but centralization of hash power works against the defense. This is because it may become easier to co-opt large hash power than to deploy it.

Mining decentralization can be defined similarly to economic decentralization. Again we are referring to a social graph. The ideal scenario is every person in the world mining with equal hash power. It is important to security that there is sufficient total hash power to defend against sustained, coordinated, state-level attacks, however decentralization is not security. For a definition of security see the subsequent post.

Each miner is represented by one vertex on the graph. If a miner delegates decision-making to a pool operator, only the operator is represented. The reasoning is the same as with delegation in economic decentralization. The total hash power directed by a miner is the weight (value) of the vertex. There are no edges.

For any period of time, the decentralization of Bitcoin mining is a function of the number of miners and the distribution of hash power they direct during that period. More specifically, the system is strongest which has the greatest number of vertices with the lowest coefficient of variation in weights, or:

mining decentralization = miners * hash power mean / hash power standard deviation

What about developer decentralization?

While software is necessary, developers are fundamentally advisers. A diversity of implementations strengthens a standard, but developers cannot compel people to not mine or to not validate as they see fit.

Can we measure decentralization?

Bitcoin is a cash system, and a fundamental aspect of cash is fungibility, which requires anonymity. Bitcoin’s opacity is by design and there is significant effort underway to improve it. Despite having a clear definition we cannot expect to measure decentralization.

However, it is possible to estimate mining centralization using information provided or exposed by miners. It is also possible to estimate economic centralization using information provided by web wallets and payment processors.

It would be a significant error to assume that decentralization is either unimportant or that we cannot determine whether certain changes will advance or diminish it.

What does failure look like?

A contentious hard fork, backed by web wallets, payment processors and large miners, drawing people into a new altcoin out of fear of monetary loss.

Bitcoin development serves those holding bitcoin

This post is offered in response to a Bitcoin Magazine article entitled Gavin Andresen: Bitcoin Core Is Not Listening to Its Customers, in particular the following quote by Mr. Andresen.

The root of my issue with [Bitcoin] Core is I just think that they’re not listening to their customers. I don’t think that they’ve been listening to the miners, and I don’t think that they’ve been listening to the people that do the bulk of the transactions on the network.

Who is the customer of a software system that implements a money? It is of course the person that owns the money.

This person can choose to spend money on services like a bank (e.g. Coinbase) or transaction processing (miners), or he/she can simply save. The money is not the property of these businesses and therefore the software system that implements the money does not serve them. This is a critical distinction when considering the impact of changes to the money — the motivation for the quote.

When a money is modified without universal consent, money is stolen. Money is property and it can’t be stolen from you unless it’s your property. The 1913 U.S. Federal Reserve Note was a gold obligation. The money was hard-forked in 1933, resulting in catastrophic losses for its holders. Except to the extent that they held these notes in their own account, banks and mints were not robbed by this act, and generally thrived.

note

“REDEEMABLE IN GOLD ON DEMAND”

In the case of actual consensus (universal agreement) all owners of the property consent to the change, in which case it is an increase in value to everyone. Bitcoin gives every person their own say in the money. The interests of services, that are paid by coin-holders, are not only irrelevant (it’s not their money) but often in conflict with the interest of their customers.