Generating a Bitcoin address

By Craig Wright | 26 Apr 2016 | Bitcoin & Blockchain Tech

Although several good Bitcoin libraries are available, to ensure the compatibility and security of software
using Bitcoin, it is important to understand how a Bitcoin address is generated. In this post, we show how to
generate a Bitcoin address step by step, covering the various Bitcoin address formats as well.

When writing software that uses Bitcoin, it is important to understand the process to ensure the security
and compatibility of the transactions. In this post, we show the reader how a Bitcoin address is generated
step by step. The input field within the generator page generates an example bitcoin private key and public
address. Together, these enable secure bitcoin transactions.

Several good Bitcoin libraries are available in several languages such as:

C
Java
C#
Ruby
Python
Go
JavaScript

Here, we use several of the JavaScript libraries that are publicly available.

RANDOM NUMBERS
Random number generation is important because it is the basis of most cryptography. When numbers are
not suitably random, the amount of entropy is low, and it becomes simple to guess the private keys
associated with your publicly known key. The most commonly function used on many systems is
Math.random(), which generates predictable numbers that can be attacked. Many alternatives including
hardware based-RNGs exist, but we will discuss good random number generation in detail a later article.
Ultimately, the security of your Bitcoin address relies on ensuring that you have a secure random number
generator.

This post takes you through the creation of a Bitcoin address, assuming that a good random number has
already been selected. One widely deployed method of creating a Bitcoin address relies on the use of
matched word phrases. These are easier for people to remember, but also need to be difficult to guess. This
is the approach used within the Bitcoin Address Generator.

BITCOIN KEYS, ADDRESSES, AND FORMATS

Bitcoin uses a public key cryptographic scheme based on elliptic curve cryptography . This scheme is more
efficient than several other widely deployed public key systems such as RSA.

Spec. 2.2.1 provides the generalized equation used in all elliptic curve cryptography:

Here, the elliptic curve domain is defined as a sextuple of the form:

The particular curve deployed within Bitcoin is defined under the secp256k1 standard, which is based on
the use of Koblitz curves . In these curves, our sextuple parameters are defined using the following values:

Inserting these values into the equation above gives us the final reduced form equation used in Bitcoin:

In the section below, we take you through the creation of a Bitcoin private key and its associated public keys
given a suitable random number.

SECTION 1: GENERATE PRIVATE KEY

The private key is the part of the key pair that needs to remain secret. This key is used to sign messages,
including those that authorize the movement of bitcoins or, more accurately, the creation of a transaction
that assigns entries in the blockchain ledger to another address.

STEP 1.1: ENTRY OF PASSPHRASE

In the generator application, there is a passphrase entry box.

STEP 1.2: HASH PASSPHRASE TO GENERATE PRIVATE KEY

A private key d is generated from the passphrase consisting of an integer that lies within the range [1,( n −1)],
where n is 2​ 256 ​ , which is the largest number that can be returned by the SHA256 hash function.

CODE FRAGMENT

The code to create a private key is as follows:

Code fragment in javascript to generate a private key

SECTION 2: ENCODE PRIVATE KEY

The elliptic curve key pair that we create takes the form of ( d, Q ) where Q represents the public key that we
create later.

Private keys have been standardized to use a format defined under the Wallet Import Format (WIF) .

STEP 2.1: PREPEND VERSION NUMBER

The first part of this format is to take the number we created in step 1.2 and add a version number. This is
done by adding a byte of hex value 0x80 to the start of the WIF format private key.

A list of the address prefixes is available from the Bitcoin wiki.

STEP 2.2: APPEND THE COMPRESSION FLAG

In the WIF, a compression flag is also appended to the private key. The least significant bit of a byte added
to the end of the key functions as the compressed private key flag and takes the following values:

0x00 uncompressed
0x01 compressed

Some of the details for this specification are defined here .

When Bitcoin was first created, compressed keys were not used. This resulted in a larger public key (65
bytes rather than the compressed 33 byte format). There are no compatibility or security issues resulting
from using compressed keys. The fact that keys could be compressed was simply missed because of the
poor documentation on OpenSSL at the time. Some minor additional computation is required, but this is
minimal.

The original format used to represent private keys was a Base58 form (detailed later) that would typically
begin with the value ”5.” In the Bitcoin Address Generator as the private key is incorporated into the
compressed encoding of the public key, it is changed to incorporate an extra 0x01 byte at the end. This
results in a Base58 form that starts with a “K” or “L.”

Later versions of this page will update the code to allow for this change and to represent the keys on the
page in both formats.

STEP 2.3: CALCULATE AND APPEND CHECKSUM

Finally, a checksum is appended to the end of the string. This is calculated using the first four bytes of a
double SHA256 hash process that takes the private key of whatever is being validated by the checksum.

CODE FRAGMENT

The code to encode a private key is as follows:

Javascript code fragment to encode a private key

STEP 2.4: BASE58 ENCODE

Lastly, an encoding scheme known as Base58 is used to convert the data from binary to text. This final form
of a private key is easier to manage. In this format, the code is able to be used in a wide variety of
applications.

As a result of prepending the version number, the available range of private keys in the Base58 encoded
format is limited to the following:

Lowest possible value: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU73Nd2Mcv1

Highest possible value: L5oLkpV3aqBjhki6LmvChTCq73v9gyymzzMpBbhDLjDpKCuAXpsi

The lower value is the one that you will notice in the form on this page when no values have been entered.
On the Base58 proposal page in the Bitcoin wiki, we can see some other possible ranges for alternative
private key formats.

SECTION 3: PLOT THE PRIVATE KEY

The elliptic curve public key is generated using our private key generated in step 1.2. This key Q = ( x Q , y Q )
forms the point Q = dG .

In this equation:

STEP 3.1 / 3.2: GENERATING THE PUBLIC KEY FROM THE PRIVATE KEY

In order to obtain the public key, we need to multiply the private key by the elliptic curve point generator.
The public key is formed from the x and y coordinates of a point on the elliptic curve, and is a 65-byte long
value consisting of a leading 0x04 and x and y coordinates of 32 bytes each.

The full public key is defined as k ​pub ​ and this is shown in step 3.1.

From this value, we can obtain the x and y coordinates as demonstrated in step 3.2.

CODE FRAGMENT

The code to generate the public key co-ordinates is as follows:

Javascript fragment to plot public key co-ordinates

SECTION 4: GENERATE PUBLIC KEY

The first versions of the Bitcoin client used the public key directly. Bitcoin addresses are a simpler method
to allow people to exchange bitcoins. A Bitcoin address consists of a Base58 encoded string of a 25-byte
binary address. An example of this is shown in final Base58 encoding in step 5.3.

All standard addresses start with a “1.” Other formats are available, including multisig addressing, which is
not covered in this post.

STEP 4.1: DETERMINE Y COORDINATE PARITY

We use the parity of our y coordinate to calculate a flag that is added to the front of our string.

STEP 4.2: APPEND PARITY INDICATOR BYTE

If the y coordinate or value is odd, we add 0x03. If it is even, we add 0x02 in front of the complete x
coordinate. We use this string to represent the public key.

An alternative string is created by taking the corresponding public key generated above as a string formed
using:

65 byte public key

0x04 (1 byte)
32 bytes corresponding to the x coordinate
32 bytes corresponding to y coordinate

STEP 4.3 / 4.4 HASH PUBLIC KEY

To create the address, we take the value created in Step 4.2 and hash the public key twice. Step 4.3 applies a
SHA256 hash, and step 4.4 applies a RIPEMD160 hash over the result.

This obfuscates the public key as well as making it simpler to use. There have been many attacks against
hashing algorithms. Some, such as MD5 and SHA1, have been widely attacked and shown to be vulnerable
to collision attacks. However, no hash has been shown to have an attack that aligns with the hash of
another family of algorithms. As a result, it is infeasible for an attack to succeed against one family of hash
algorithms used simultaneously with another family.

The double hash shown below should be robust to length extension attacks .
SECTION 5: ENCODE THE PUBLIC KEY
STEP 5.1: PREPEND THE VERSION

The version is added to the front of the hash value. The public key version number that is added to the
address calculation is not the same as the one used in the private key. Details are available here .

STEP 5.2: CALCULATE AND APPEND THE CHECKSUM

The checksum is calculated in the same manner as in step 2.3 and appended to the end of the hash value.

CODE FRAGMENT

The code to apply the double hash, prepend the version and calculate and append the checksum is as
follows:

Code fragment in javascript to generate and encode a private key

STEP 5.3 BASE58 ENCODING

The hashed value with the prepended version and appended checksum is encoded using the Base58
process. This ensures that the final address is easy to read and copy.

CONCLUSION

In this post, we have stepped through the creation of a Bitcoin address with its associated public and
private keys. You should now be able to see the differences between the address formats and how the
values are calculated at each stage of the process. In later posts, we will cover the creation of secure random
numbers and bitcoin transactions.

Bitcoin Address
Tulips and Other Myths
By Craig Wright | 26 Apr 2016 | Economics

What common knowledge tells us and the truth of a matter is not always the same
thing. Sometimes history is hidden behind stories generated among regular people.
One example is the relationship between tulips and economies. The 1000-year history
of the tulip, its markets, and its popularity give us the background to understand
today’s market volatility and challenges. Understanding the historical contexts in
which financial risks are taken makes us smarter risk takers today.
History is full of stories. A story with some traction is that carrots are good for our eyes. This World War II
propaganda from the UK led generations of children to eat excessive amounts of carrots based on the false
belief that doing so will improve their eyesight.

Another false story is that tulips entered Europe from the Middle East in the 16th century, which led to an
economic bubble and collapse . People who promote this story tend to believe that it is extremely rational.
This story has become so widely accepted in the centuries since that few people even question whether it is
true. It is easier to accept and spread the idea than to check the facts.

It is efficient to use a well-known meme to spread misinformation, and, when something has become
accepted as a fact, it tends to take a great deal of effort to challenge that authority . Even people who do
not accept a story often accept the meme, leading to logical inconsistencies in their arguments. This is a
concern regarding market bubbles because people who verbally attack markets do so on the belief that
‘markets are not perfect’. However, nowhere in the economic literature are markets seriously described as
perfect; they are identified as optimally efficient compared to other options.

To promote an alternative to a market-based solution, the proponents of that solution need to demonstrate
that their solution is more efficient than the market solution. Because they cannot do that, their strategy is
to attack the market. ‘Markets are not efficient or perfect’ is a catch phrase that is used over and over again,
but no evidence is offered that an alternative would be economically more efficient.

The economic fable of a failed market did not begin in the 17th century; it started with an invented tale
created by Charles Mackay [1] in the mid-19th century. At that time, it was not important whether the story
was true; what mattered was its impact. Mackay offered no evidence that could withstand scrutiny, but few
of us actually take the time to validate facts anyway. Stating that people act wildly when they act together is
a good story, and we instinctively enjoy listening to it. The only problem with it is that it isn’t true.

There are several problems with tulipmania [4]. Most important, the effects of the so-called ‘tulip crash’
were not as widespread as they were reported to be. Some of the problems with these forms of bubble
theory derive from a misunderstanding of the Broken Window fallacy . The belief that we can make more
money through destruction and capital creation is widespread, but it is flawed. Foremost is the fact that we
have a growing society and capital creation. At all points, we have more capital than we had in the
beginning. The simple consequence of this is that destruction (such as the crash that follows a bubble) is
not the source of creation. If it were, rational businessmen would tear down their old factories and replace
them with new equipment before their depreciation dates. The simple fact that this does not happen
demonstrates a flaw in the argument.

Many errors have been promulgated about the Dutch tulip crash and little has been done to counter them.
The contracts used to buy tulip bulbs were one of the first types of futures contract. These contracts were
somewhat similar to over-the-counter derivatives because exchange-based contracts did not exist. Tulip
bulbs are seasonally marketed, and they are sold only between June and September.

Merchants would market these bulbs throughout the year if it made sense, but that arguably would be risky
speculation without a purpose. The reality is far from that contention.

Similar to the way that modern exchanges sell grain futures, the early guilds of the 1630s initiated a futures
trading scheme. These early futures contracts allowed farmers to select what they would grow and to
hedge against the risks associated with everything from the weather to the vagaries of fashion. Like modern
futures contracts, early Dutch merchants traded contracts to buy and sell goods at a future time. Many
times, merchants decided not to honour the contracts. Just like a modern breach, the courts awarded the
monetary difference and did not enforce contractual compliance. This system worked well during the early
1630s, but problems arose in about 1636 when, recognizing that profits could be made in the international
tulip trade, a group of government officials decided to get involved.

However, these officials were less successful than the merchants; they did not buy well and they suffered
losses on their investments. Despite the early failures, these officials predicted some changes to the market
and petitioned to work with the florist guild. This intervention led to a formally supported announcement
that all of the contracts were only options to buy [6]. The penalty for violating this was limited and similar to
option prices in a modern futures exchange. Fortunately, this step was anticipated and the losses were far
less than are currently widely believed.

Futures contracts in the 1630s were defined as gambling debts. There were longstanding problems
regarding the nobility’s wagering of their estates, it was a long-term practice of the courts to refuse to
enforce repayment of gambling debts. For example, the Court of Holland decided that tulip sales were bets
under Roman law [7].

All futures contracts exhibit power law distributions. For this reason, they are counterintuitive. We
instinctively understand Gaussian mathematics regarding normal distributions, but we fail to understand
power law processes. It is intuitive to understand that some people are short, others are tall, and heights are
distributed in the shape of a bell curve. But, that does not apply to prices or incomes.

So, it is easy to state a maximum and falsely suggest a mean of a distribution. At

its peak in 1635, one particular tulip bulb was extremely expensive. This bulb was
the ‘Semper Augustus’, and it was the most prized flower in Europe. Its
spectacular red ‘flames’ on white petals made it a remarkably beautiful flower,
and it was widely sought by European royalty.

The 12 Semper Augustus bulbs sold for high prices because they were the only
Semper Augustus bulbs in existence. At its peak demand, we know that this
particular flower sold in the Haarlem markets for 6,000 guilders. This was a
phenomenally large amount of money at that time equivalent to the cost of 16
fat pigs, eight fat oxen, or 100 tons of wheat. Prices are extremely different now
than they were then, and a comparison is difficult. However, 100 tons of
wheat traded for GBP 10,000 in 2014. The purchase of a Semper Augustus bulb
included all rights to the flower bulb and all derivatives that immediately came from it. To some people, it
might seem to be a phenomenally high price for one flower bulb, but the reality is that it is nowhere near as
bad as it seems.

In the modern world, excessively high prices are also paid, even during
my lifetime. For example, in the flower world, black is a particularly
elusive and desirable flower colour. Whenever something is rare and in
demand, we can expect it to command astonishingly high prices. In
1997, Thompson & Morgan purchased three hyacinth bulbs from the
yearly show in Holland for GBP 150,000. This sum was more than five
times that of any tulip bulb. After eight years of cultivation, the
progeny of these bulbs went on sale to the public under the
marketing name ‘Midnight Mystic’. In 2005, the company sold the
bulbs for GBP 7.99 each.

Even this amount might seem excessive to some people, but the
company, Thompson & Morgan, holds all rights to sell and market this
flower. In 17th-century Europe, before genetic engineering, propagating slow-growing bulbs, such as tulips,
was not reliable as a large-scale process. Thompson & Morgan’s financial records indicate that the company
is profitable. As expensive as the initial purchase was, the company has propagated and sold enough flowers
to generate a profit.

As the above shows, when we make profits we are happy to stand by our gains. It is only when we make a
loss that it is easy to call ‘foul’ and blame the market for these losses. It is more honest to follow a practice
where we admit our losses. The truth is that any purported losses and gains that exist on paper never come
to fruition and hence do not change the overall wealth of society.

POWER LAWS
A power law system is skewed to form a long tail . This is similar to
most commodity markets. In other words, when a range of goods of
various quality levels or grades plus a strong desire for limited
products exists, aspects of the resulting market create long tail prices
such as we saw above regarding tulips.

This is different from the traded price. One exercised strike price for a
single (exceptional) sale of 12 bulbs did not reflect the entire market.
The figure on the right appears to illustrate the tulip bubble. This
figure demonstrates the difference between spot futures pricing and
the traded, but an exercised strike price of tulips. The first thing to
note is that the graph highlights a peak rather than the long term
average. More important, what is not reported here is that the price of
tulips stabilised and, by 1638, had returned to its 1635 price.

The fallacy in the argument for using exercised strike prices for
exceptional goods in a power law system to demonstrate excessive
spot prices should be obvious. They simply are not the same.
Unfortunately, there is a common but widely held misunderstanding regarding the futures and derivatives
market. It is easy to mislead people when they do not understand the difference between a spot price and
an unexercised strike price. For example, I could list my house for sale for USD 100 million, although it is
worth far less than that, and the house would never sell for that price, but I could use that asking price to
mislead people. The irrationality is not in the market.

THE PLAGUE
A rarely reported side note will inform this discussion: In 1636 and 1637, the Plague was ravaging parts of
Europe. Haarlem was hit particularly hard during this period, and as many as one in four people in the city
died [2]. Many families in the wealthy nobility and merchant class fled the city. This level of disruption tends
to change people’s perspectives [3].

In times of great crisis and upheaval, such as the Plague in 1636, we tend to worry most about survival and
are more likely to take risks . In this instance, trade in early futures contracts were widely adopted. In
modern futures trading, exchange-based futures contracts require margin accounts to lower the risk of
default [5]. This innovation did not exist in the 17th century.

MORE ADVERSITY
As if the plague were not bad enough, the early to mid-17th century
marked the period of the Little Ice Age . During this period, winters are
believed to have been about two degrees Centigrade colder than they
are today. Winters were reported as bitterly cold, and the growing
season was shorter than usual. Food was already scarce, and a
significant drop in agricultural productivity caused widespread
famine. For many people, gambling on life and death was a common
practice. Yet, in many ways, this was a rational reaction because when you do not expect yourself or your
family to live very long, there is little reason to be oriented toward the future. Short-term thinking would be
the rational response in that context and, in the early 17th century, it was better to chance risky profits now
then to build a business over time.

WHY TULIPS?
It is easy to understand why any rare item that is beautiful and in demand would command a high price.
But, how did the tulip market begin? For a long time, we believed that the tulip entered Holland some time
in the late 16th or early 17th century. The myth tells us that this new flower was widely popular as soon as it
was introduced. However, modern science and, in particular, DNA testing and analysis, have debunked this
fallacy.

Studies, such as those published in the Journal of Economic Botany and summarised in the journal,
Science , describe interesting histories of flowers, such as the tulip, definitively documenting the path taken
by the tulip to arrive in Europe. In fact, the tulip arrived about 500 years before the Holland bubble incident
described above. The 19th-century theory of a tulip bubble was invented, as noted above, to
propagate a meme. It has been widely believed for a long time that the tulip was introduced to Europe in
the 17th century, but that was only a way to support a false economic theory. As is often the case, the truth is
stranger than the fiction.

Thus, the tulip was widely available in Europe from at least the 11th century and possibly earlier. At that
point, the yellow petals on the simple tulip was called the Macedonian Onion. There were no variations at
that time. Many people do not know that today it is a common practice to plant tulip bulbs around castles
and to hold festivals to celebrate the planting of tulip bulbs .

Many of our current traditions are followed without question or knowledge of how they came about, similar
to Morris dancing. Planting bulbs on castle grounds is a common practice in many areas although, for
villagers and peasants of the 13th through the 15th centuries, it would not have been an activity meant to
increase agricultural production. At the time, the amount of food available could be critical by spring, so any
way to increase yields could be the difference between life and death.

So, why would people plant flowering bulbs on castle grounds? The main challenge to answering this
question today is our inability to see the world with the eyes of the past. For the feudal villager, the castle
represented society and safety, and a large area around the castle was cleared so that the castle guards
would be able to see an attack well before it occurred. If the trees were to grow throughout the grounds
and close to the castle walls, attackers could hide undercover and launch surprise attacks. Today, grass
might be the ground cover of choice because it is easy to plant and maintain. But, nearly 1000 years ago,
there were no weed killers and riding mowers was many centuries from being invented. When tulip flowers
die down, thick mats of leaves cover the ground and prevent the growth of woody weeds and trees.

CONCLUSION
A contract is a legal promise. In modern futures systems traded over an exchange, margin accounts are
used to minimise risk. But, that does not prevent over-the-counter exchanges and contracts. For these, the
risk of default always should be incorporated into the price. It is always important to account for the risks
associated with an exchange and account for the risk in the profit expected from the exchange. There is
never a scenario in which the counterparty cannot collapse or negate a deal in another way. To the other
party, the risk of default might be small. For this reason, when a contract is important, it is necessary to
ensure that the other party’s commitment is tangible, not only monetarily, but also regarding time and
reputation.

Mackay [1] greatly overstated the losses associated with the collapse of the tulip market after the courts and
guilds became involved. When people believe that their exchanges will not be enforced, it is more likely that
their behaviour will become more reckless. The risk taking behaviour seems reckless from the perspective of
those looking in from the outside. However, we cannot determine that it is reckless behaviour when, due to
unforeseen circumstances, it seems likely that one of the parties of the exchange could die before fulfilling
his or her end of the bargain. In 17th-century Europe, unexpected deaths were a real possibility because the
Plague was an imminent danger.

People who lose in high-risk exchanges often complain that the exchanges were unfair. When their profits
are high, they are happy; however, the other side of any exchange is the potential for loss. Many times, loss
associated with so-called economic bubbles result from perceived beliefs and fears that the aggrieved party
will be ‘bailed out’, that losses will somehow be magically recovered, and that one can gain from the risk
when it is positive but not suffer from it when it is negative. This belief incentivises greed. When we reward
people and companies by bailing them out of losses, we encourage them to take bigger risks that
potentially lead to larger losses. Bubbles are not the result of free markets; they are the result of
interventions in the market.

References
[1] M ackay, Charles (1841). Memoirs of Extraordinary Popular Delusions and the Madness of Crowds .
I (1 ed.). London: Richard Bentley. Retrieved 29 April 2015.Mackay, Charles (1841). Memoirs of Extraordinary
Popular Delusions and the Madness of Crowds .
II (1 ed.). London: Richard Bentley. Retrieved 29 April 2015.Mackay, Charles (1841). Memoirs of Extraordinary
Popular Delusions and the Madness of Crowds .
III (1 ed.). London: Richard Bentley.

[2] Terence Ranger and Paul Slack, eds., Epidemics and ideas. Essays on the historical perception of
pestilence. (Cambridge: Cambridge University Press, 1992.).

[3] A. C. DeSerpa, A Theory of the Economics of Time, The Economic Journal, Vol. 81, №324 (Dec., 1971), pp.
828–846, Published by: Wiley on behalf of the Royal Economic Society ,
http://www.jstor.org/stable/2230320 .

[4] Calvo, Guillermo A. 1987. “Tulipmania” in The New Palgrave: A Dictionary of Economics . John Eatwell,
Murray Milgate, and Peter Newman, eds. 4 vols. New York: Stockton Press.

[5] Garber, P. M. (1989). ‘ Tulipmania ’. Journal of Political Economy , 535–560.

[6] Thompson, Earl A., The tulipmania: Fact or artifact?, Journal of Public Choice, Vol. 130, №1, Pp 99–114,
http://dx.doi.org/10.1007/s11127-006-9074-4 .

[7] Gelderblom, Oscar, and Jonker, Joost. n.d. “Amsterdam as the cradle of modern futures and options
trading, 1550–1650.” Unpublished paper. Utrecht University.

[8] Hull, John. 2006. Options, futures, and other derivatives. Upper Saddle River, N.J.: Pearson/Prentice Hall.
Bitcoin Mining: Consistency and the Distribution of
Transactions
By Craig Wright | 28 Apr 2016 | Bitcoin & Blockchain Tech

Misunderstandings in the bitcoin community have led to false conclusions about the
way that bitcoin works. The bitcoin mining process is fundamentally competitive, and
personal gains are made through competition, regardless of how it appears. The
complex reality is counter-intuitive, but understanding the differences among miners’
approaches to processing can disabuse us of the notion of a ‘standard’ block.
Comparing the bitcoin to Hashcash eliminates false beliefs about the bitcoin hashing
algorithm, verifies that each individual block is unique, and demonstrates that each
individual miner acts independently of the others.
Many common but false beliefs in the bitcoin community have led to common misunderstandings, such as
the ‘selfish miner attack’ [1]. Some of these beliefs arise from misunderstandings about the bitcoin block.
These misunderstandings have led, in turn, to false conclusions on blocksize debates and an incorrect
understanding of the way that bitcoin works. Simply put, there is no such thing as a consistent block before it
is mined and included within the chain.

In fact, a consistent block is not even maintained across a single mining entity, let alone across a pool of
miners or in the overall network. Individual blocks are not consistent series of transactions with a nonce;
rather, each block is a series of transactions that changes moment by moment. In addition, there is no need
for consistency within a block before it is mined. Each attempt to solve the next block remains independent
of the previous attempt. Therefore, adding a transaction to a block has no effect on the overall time required
for solving that block. The result is that individual miners experience discrepancies in the information that
they are solving.

The order in which miners receive information leads to radically different solutions to the block puzzle. For
example, if two miners were to receive two separate transactions that were released from slightly different
locations and at slightly different times, it is likely that one miner would exhibit a different transactional order
than the other miner in the block that they were attempting to solve.

The original bitcoin paper [2] notes transactional order within blocks, particularly on pages 2, 3, and 4. The
error of using this format for describing unmined blocks derives from a misunderstanding of the bitcoin code
implementation. The paper describes solved blocks, in which the transaction order is fixed. The nature of the
hashing algorithm is such that any alteration or change to the order [3] creates a widely divergent numerical
output. This means that changing the order of Tx0, Tx1, and other transactions in a solved block leads to a
widely divergent hash unlikely to represent a solution to the hashing puzzle that, therefore, would not be
considered a validly mined block.

What seems to be misunderstood here is that separate miners can mine transactional data in any order. The
addition of a nonce to seek a solution provides miners with the ability to add verified transactions in any order
while they equally and fairly compete using their levels of computational power. As a consequence, miners
do not benefit by pruning transactions in blocks or by seeking a common ordering of transactions. If a miner
were to seek to align a transactional order with other miners, the likely result would be a scenario in which
any miner seeking to align transactional positions would be economically disadvantaged due to the extra
cost of this pre-processing.

Furthermore, a miner who selects random transactional orders based on the time of receipt of each
transaction would have a slight advantage and be able to apply the computational power that he or she
controls to solving more hash puzzles than miners who seek an aligned strategy. The costs of coordinating
transactions among miners add latency to the communications as well as a high degree of inefficiency. In
such a process, a miner would need to discard many possible solutions that could be solved while
negotiating a consistent strategy with other miners.

The mining process is competitive. Miners seek to maximise their personal gains by competing with other
miners. The competitive process verifies and disseminates a consistent ledger throughout the system.

WHAT IS A BLOCK?
A block does not emerge until a hash puzzle has been solved. In attempting to solve a proof or work a puzzle,
each miner takes a set of transactions, adds a timestamp, and then adds a nonce. This is a highly simplified
version of what actually occurs, but this process captures the basics of the block creation process. For several
reasons, there is flexibility in the timestamping protocol. First, there is latency between nodes and, more
importantly, exact timekeeping is not required. Nodes are allowed some variation in their system times if they
remain within an acceptable range. The time range function used by bitcoin mirrors several authentication
protocols such as Kerberos [4] but with a wider drift range. Bitcoin is a far more forgiving protocol [6].

The bitcoin protocol is designed to allow for a wide range of time discrepancies, and it discards any
discovered block that incorporates a timestamp outside its large defined range. This range is calculated
based on two factors.

1. The timestamp in a block must be larger than the median distance from the timestamps recorded in the
previous 11 mined blocks.
2. It must be lower than the ‘network-adjusted time’ plus 7,200 seconds.

Note that the median timestamping function has a limiting adjustment in which a difference limit of 4,200
seconds is the maximum possible adjustment allowed.

Each node polls the nodes to which it is connected using a ‘network-adjusted time’ function, which is
calculated using the median of the timestamps returned by all the nodes connected to the local node.

Thus, a block is formed from the proof of work (PoW) solution to the ordered transaction data. This
incorporates four items.
1. A set of transactions that can be in any order, although each order comprises a separate possible solution to
the hash puzzle.
2. A timestamp that is limited in range by the bitcoin time adjustment functions and that is accurate to the
second.
3. The 256-bit hash of the preceding block, which limits the discovery of a solution to the proof of the work
puzzle to the chain of discovered blocks. With this limitation, there is no way that an attacker can circumvent
the PoW limitations by pre-mining or adding targeted solutions.
4. A nonce sufficient to limit the hash of the block cannot exceed the current difficulty target.

The timestamp function utilized in the block structure is an open-source IEC 61850 ‘uint32_t’ implementation
[5]. The accuracy of this function is derived as a 32-bit calculation of the number of seconds since 1970. It
differs from the ‘uint64_t’ bit value because ‘uint32_t’ is accurate to the second whereas ‘uint64_t’ is
accurate to the millisecond. Because this is an unsigned integer, the bitcoin network supports twice the total
number of seconds as the standard Unix time format.

There are standardized orders to the way that the blocks are presented, but the protocol allows for a wide
variety of methodologies for solving the hash puzzle of an individual block.

AN ALTERNATIVE STRATEGY
It is highly unlikely that we would find the following strategy used by a miner because it is more difficult to
ensure sorting order than to update a nonce. However, we present it for illustrative purposes.

It is feasible to set a standard nonce that is never updated and update the order of transactions. Each
possible ordering of transactions in a possible block solution will lead to a separate proof or attempt at a work
solution. Simply changing the order of transactions without updating the nonce is, in itself, a way to create a
new hash value that can be checked against the PoW difficulty requirements. Reordering of transactions is a
combinatorial permutation problem [6]. The difficulty with this scheme would be in creating a system faster
than the existing mining solutions based on ASIC hardware.

The number of possible solutions to a reordering of transactions is derived from a factorial calculation of the
number of transactions in the possible block. Moreover, because there is a wide range of acceptable
timestamps, these could be adjusted to each possible solution based on permutations in the time range to
further extend the number of possible PoW solutions. Ignoring the increased number of permutations that
derive from a change in timestamps, we can calculate the number of possible permutations that can be used
as a possible block solution as follows:

n=(t​i​​)!

where n n indicates the number of possible permutations obtained through reordering transactions and ( t ​ i
​ ​ ) indicates the set of combinational permutations of the transactions for block i .

If we estimate the maximum number of transactions in a 1MB block to be defined as (1) five
transactions/second and (2) 600 seconds (average)/block, we obtain 3,000 transactions/block, which equates
to n = [(ti)!] = 3000! = 4.149 x 10 9130 possible transaction combinations even before accounting for the
timestamps. A more accurate calculation based on existing conditions would be derived through a range
based on the existing moving average target of the mean rate of transactions that are included in a block . At
the time of writing, this range is 1,049–1,760 with an expected range based on α = 5 % confidence interval.

At this level, we still observe the range of permutations in the order of [1.343×10 ​2715 ​,5.833×10 ​4949 ​]
permutations. Even at the lower bound, this order of difficulty exceeds the calculations of the hash itself. In
fact, the lowest number of transactions that have been included in a block in the previous two-year period
was 248 transactions. At this volume, the number of combinations would be n=5.193×10 487 .

Through this exercise, we can quickly recognize that the probability of two mining nodes working on the
same transaction order at the same time is phenomenally small. It is more likely that the same SHA-256 value
would be returned as a collision between two separate blocks than within a single block to be calculated in
two locations.

This logic might seem counterintuitive to many people because it seems likely that each miner would
process the same transaction data in the same order. However, reality is more complex. If a transaction were
broadcast close to one mining node and were more distant, in terms of latency, than another, then there
would be a delay in the receipt of the transaction at the more distant node.

When we then incorporate other transactions that might be closer to the second node than to the first node,
we can quickly obtain an intuitive understanding of the differences in ordering. At node 1, we would expect
the following order to result,

Tx0 Tx1;

at node 2, we would expect the order to be

Tx1 Tx0.
The change is extremely small, but the important thing is that, even if this change were a single transactional
difference in the entire block, it would lead to a completely different hash value. When each of the nodes
calculates the hash value of these two transactions, the numerical outcome will not be the same and,
because this is propagated through the Merkle route calculation, the value that is finally returned in the block
as the hashMerkleRoot will be completely different for each node.

Widespread misunderstanding of this point has led to the common belief that a particular block is
competitively solved. However, the fact is that no standard block exists before the solution of the PoW
through the addition of a nonce with the corresponding values of the blockhead that must be included.

This error in understanding leads to the false belief that a node can hide information from other nodes to
gain a competitive advantage. Two nodes each independently attempt to solve a PoW puzzle, but this puzzle
is independent in each instance [8]. Therefore, the problem is a competing Poisson problem. The rate of
discovery for a mining node is defined by λ​ 1 ​, where the rate of discovery is set to {\lambda _2} λ ​ 2 ​ ​ for the
sum of all other nodes in the network.

Together, we obtain a rate for an individual mining node of λ 1 /λ 1 + λ 2 ​ ​ ​ ​ . For example, if we had a large
mining pool with 1/3 ​ ​ of the total computational power of a given difficulty period, we would have a value of λ​
<sub<1 ​ ​ = 2 and λ​ 2 ​ = 4 for the corresponding nodes. This result derives from the expected discovery rates. The
mining pool with 1/3 ​ ​ of the total hashrate would be expected to solve two blocks per hour from a system
with a difficulty that overall leads to six blocks being solved (on average) per hour. This results in the
remainder of the mining nodes solving λ ​ 2 ​ ​ = λ − λ ​ 1 ​ ​ , or four blocks. The overall system discovery rate would
be defined in the protocol as λ = 6 .

One of the properties of the Poisson process is in an area referred to as ‘competing processes’. If we assume
that N 1 (t), t > 0 and N 2 (t), t > 0 are independent Poisson processes with the respective rates of \lambda λ
and {\lambda _2} λ ​ 2 ​ ​ (as defined above), and we let S_n^i S ​ n ​ i ​ ​ represent the {n^{th}} n ​ t h ​ ​ event (or
discovery of a valid block) for process i, j = 1, 2 i , j = 1 , 2 , then we have the well-known condition [9, 10, 11]:

This equation can be used to determine the probability of a node calculating one or more blocks before the
rest of the network.

THE HASHING ALGORITHM USED IN BITCOIN.

There is a common, but false, belief that Adam Back is the original source of the hash puzzle used in bitcoin.
This belief derives from the paper’s references to ‘Hashcash’ [2]. Instead, we find the base algorithm defined
on page 4 of ‘DOS-resistant authentication with client puzzles’ [12]. The authors did not release code, and a
modified protocol and code were used in the bitcoin core release of 2009.

The original implementation of Hashcash is available via the Internet Archive project here and the original
code here. The false belief that Hashcash was ‘used as the mining function in bitcoin ’ can be quickly
dispelled by comparing the codes used in each.

This exercise will demonstrate that the variables and functions written for bitcoin, such as nTotalLower and
nTargetValue , differ radically from the functions used in Hashcash.

It was implemented simply in bitcoin, where comparisons, such as the following, were used instead of
schemes that are more difficult to implement:

if(hash <= hashTarget)

{pblock->nNonce = tmp.block.nNonce;

assert(hash == pblock->GetHash());

and

// Check proof of work matches claimed amount

if(CBigNum().SetCompact(nBits) > bnProofOfWorkLimit)

return error(“CheckBlock() : nBits below minimum work”);

if(GetHash() > CBigNum().SetCompact(nBits).getuint256())

return error(“CheckBlock() : hash doesn’t match nBits”);

Other methods, including seeking matched hash collisions, such as are found in Hashcash, could have been
incorporated; but this would have involved additional changes that would have made the initial
implementation of bitcoin more difficult. The originally incorporated code derives from implementations
developed by Wei Dai and Steve Reid.

BLOCKS ARE UNIQUE

What the reader should take away from this exercise is that each individual block is unique. This has become
more complicated since the introduction of mining pools, in which groups of individual miners act in a
concerted manner to solve a shared problem. However, that scenario does not change the way that
transactions are distributed in a block. The effect is that each mining pool mimics a large mining node.

To many people, it seems counterintuitive; however, it is critically important to remember that each
individual miner acts independently of all other miners in the system. What is even more counterintuitive is
that each individual attempt is completely independent and unrelated to all previous attempts. Each
attempt to solve a bitcoin block puzzle is like a coin toss in the sense that the results are truly independent
from all other coin tosses.

REFERENCES
I. Eyal, & E. Gun Sirer, “ Majority is not Enough: Bitcoin Mining is
[1]
Vulnerable ” 2013
[2] “ Bitcoin: A Peer-to-Peer Electronic Cash System ” 2008
J.S. Coron, Y. Dodis, C. Malinaud, P. Puniya. “Merkle-Damgård
revisited: How to construct a hash function.” In Advances in
[3]
Cryptology–CRYPTO 2005, 2005 Aug 14 (pp. 430-448). Springer
Berlin Heidelberg
C. Neuman, T. Yu, S. Hartman, & K. Raeburn,“ The Kerberos
[4] Network Authentication Service (V5) ,” Network Working Group,
RFC 4120, 2005
[5] “Open-source IEC 61850 MMS/GOOSE server and client library”
TechNet, Viewed from: “Maximum tolerance for computer
[6]
clock synchronization” , 2005
L. Lovasz, “Combinatorial Problems and Exercises,” Publishing
[7]
House of the Hungarian Academy of Sciences, Budapest, 1979
W. Feller, “An introduction to probability theory and its
[8]
applications,” 1957
M. S. Bartlett. “An Introduction to Stochastic Processes, with
[9] Special Reference to Methods and Applications.” Cambridge
University Press, Cambridge/New York, 1980
A. Stuart. “Kendall’s Advanced Theory of Statistics.” Wiley,
[10]
Chichester, 1994
U. Narayan Bhat and G. K. Miller. “Elements of Applied
[11]
Stochastic Processes.” Wiley-Interscience, Hoboken, N.J. 2002
Aura, Tuomas, Pekka Nikander, and Jussipekka Leiwo. “DOS-
[12] resistant authentication with client puzzles.” In Security
Protocols, pp. 170-177. Springer Berlin Heidelberg, 2000
Bitcoin and the costs of consumption
By Craig Wright | 28 Apr 2016 | Bitcoin & Blockchain Tech
Bitcoin is under attack, but the arguments are misdirected at the ‘strawman’ of total consumption. Bitcoin is
painted as a wasteful system that uses too much electricity. The question of bitcoin’s efficiency can only be
answered by addressing its comparative efficiency. By considering the cases of Denmark and bitcoin in a
global context of countries, banking institutions, and business enterprises, absolute and relative contrasts
focus on the real questions. Only a purely economic approach that considers specialisation and the zero-
sum nature of the context can correctly determine the bitcoin costs and benefits.

In a long line of attacks, it was recently noted that Bitcoin Could Consume as Much Electricity as Denmark
by 2020 .

This is not the first, nor will it be the last, attack on bitcoin and its perceived inefficiencies. These attacks take
the form of a type of logical fallacy known as the ‘strawman’. In this type of attack, rather than arguing
against the actual opposition, a third-party opposition is created and attacked. The third-party ‘strawman’ is
purposefully easy to defeat. Once defeated, a victory over the actual opponent is claimed. A ‘strawman’ is
employed to falsely refute and defeat the real opponent. The attacks are rhetorical flourishes designed to
divert attention away from the truth, which most often is that the actual opposition is too strong an
opponent to be defeated.

Douglas Adams proposed, in his Hitchhiker’s Guide to the Galaxy series, that the meaning of life could be
found in the number 42. The main point of his argument was that any answer is irrelevant unless the
question is valid and cogent.

The question of the efficiency of the bitcoin system is not related to the total consumption of the solution,
but, rather, to its comparative efficiency. A solution is not optimal based on its overall use of a consumable
item, but as a comparative solution. To assess bitcoin, we must analyse and compare the costs to the
benefits in context. To assume that electricity can be made to run more efficiently in an alternative protocol
is the logical flaw of the argument, and it is the ‘strawman’ in all of the attacks.

We understand the ‘strawman’ fallacy better by understanding its structure as provided by Wikipedia :

The straw man fallacy occurs in the following pattern of argument:

Person 1 asserts proposition X.

Person 2 argues against a superficially similar proposition Y, falsely, as if an argument against Y were an
argument against X.

This reasoning is a fallacy of relevance: it fails to address the proposition in question by misrepresenting the
opposing position.

The real issue of bitcoin is its relative efficiency. It is not whether bitcoin is using large amounts of electricity,
but, rather, whether it is more or less efficient than the options with which it competes. For instance, we
should consider whether bitcoin is optimally efficient compared to the existing (brick-and-mortar and
virtual) banking and payment system. Therefore, this post analyses the usages of power within the bitcoin
network as it has been extrapolated for growth and compared to the overall power usages and efficiencies
of the alternatives, including the existing banking system.

The portrait commonly painted of bitcoin is as a system that wastefully performs calculations for no
particular reason. It has been argued (and this particular fallacy has resulted in the creation of many
altcoins) that a more efficient system could be created that uses less electricity. This post responds by
examining the costs associated with the existing system, how they compare to bitcoin’s costs, and
assessing the effects of using an alternative system that requires less electricity per calculation.

POWER USAGE IN DENMARK

Denmark consumes about 34,000 GWhr per year of electricity, making it a net producer of electricity, which
is then exported to other parts of Europe. These figures are derived from data that can be obtained from the
US Department of Energy (DOE). To obtain information closer to the source, the Danish Energy Agency
(DEA) could be used.

Power consumption in Denmark

The above graph was created using a DEA 2008 Energy Statistics report that contains links to a set of
Excel worksheets. The current annual statistics covering this period are available online . The data end at
2008, and an analysis of the DEA data demonstrates that it is unlikely that Denmark would exceed 40,000
GWhr of electricity consumption per year by 2020.

During past particularly volatile economic periods, Denmark has experienced relatively more volatility. For
the purposes of our argument, and to ensure that we avoid a ‘strawman’ argument against our opponents,
we simplify the calculations in this analysis by rounding up the total energy usage in Denmark to 50,000
GWhr. This is more electricity than Denmark is likely to use, and rounding this way increases our burden
because it adds weight to our opponents’ position. However, we use it to unconditionally demonstrate the
many flaws in the arguments presented against bitcoin. Our first step is to draw attention to the value of
using Denmark to make our point.

Denmark is a country of just over 5.7 million people. It is 113 th in the ranking of countries by population; in
contrast, Europe has a population of just under 750 million people. As such, Denmark comprises a little less
than 1% of Europe’s total population. Importantly, if we analyse the graph below of electricity usage in a
number of European countries, Denmark is the lowest electricity consumer in its region. Germany alone
consumes more than 16 times the electricity consumed by Denmark.

The foundation of this argument could be interpreted as ‘cherry picking’ a small country to obtain a
‘strawman’. Indeed, Denmark is a country, not an enterprise, which evokes an emotional response to a
logical question. However, we chose to examine Denmark because we argue that countries are similar to
large enterprises in many ways.
Electricity comparison between selected European countries

By classing Denmark as one of many entities, the argument repositions the rhetorical context from a logical
to an emotional base. Despite its comparative position, the absolute energy consumption of this small
country is significant. Therefore, we must analyse more than Denmark’s absolute consumption; we must
examine its usages of electrical energy and how they compare.

For our first comparison, we examine the energy consumption of a modern supercomputer . Tianne-2 has
topped the current top 500 list with its power consumption rating of 17.8 kW/Hr. If we combine the entire
power consumptions of all of the computers in the top 500 list, we total a little more than 46GWhr annual
consumption. That is about 0.1% of the combined power consumption projected for the bitcoin network
and by Denmark in 2020. Below, we return to these figures when we examine the amount of energy used in
calculations.

In contrast, CitiBank uses 1,600 GWhr in the 20 datacentres it has retained (which is down from 70). This is
not an unusual usage level, and, based on the financial figures reported by US banks, it is possible to get a
low-end estimate of the largest 100 US banks. When total expenditures on energy usage in data centres
(separate from and excluding office usage) reported by these 100 financial institutions are divided by the
retail energy price (which far exceeds that paid in bulk purchases), we obtain a total electricity usage of
60,058 GWhr for the largest 100 of the 5,309 commercial banks in the US .

It is obvious that bitcoin’s projected electricity usage for 2020 would be far more efficient than that of US
commercial banks. We recognise that, in this analysis, we are bypassing many associated aspects of a
complete bitcoin-based banking environment. It is not just about having a data centre and comparing that
to the power calculations; it requires an analysis of the entire system.

Therefore, this is what we must analyse. We must ask: What causes bitcoin to use so much electricity? In
the case of the data centres supporting the large banks, electricity usage is related to the transaction
processing associated with storing large database files and related information. Much of this processing is
not eliminated with bitcoin, and, as is true for all electronic systems that are growing in our increasingly
Internet-connected age, electricity is a key fundamental resource.

RED HERRING

The purposeful use of Denmark in this argument is particularly cogent. Other sources, such as those
reported on motherboard .com, are far more damning. Some of the articles even bring the climate change
argument into play by claiming that bitcoin will lead to the anthropogenic climate change collapse of
global society. For perspective, statistics from the DOE indicate that the US consumes 4,110,000 GWhr of
electricity.

This fact alone implies that comparing to Denmark is a little like comparing apples to motorbikes.
Extending this to the argument on climate change and global dystopian collapse, we see that electricity
usage associated with global bitcoin could increase to as much as 0.1% of US electricity usage. At that rate,
bitcoin usage would be as high as 0.8% of the predicted US electricity usage by 2020.

For a wider perspective and a better comparison to global energy, it is clear that, by 2020, bitcoin will most
likely consume 0.0016% of the electricity consumed across all nations. Extrapolated, it is a mere 0.0000899%
of the total energy consumed.

However, we can compare bitcoin to something more cogent … business enterprises. Google alone uses
0.01% of global energy [6]. That is 1,000 times the utilisation and consumption of electricity of Denmark at
present. Amazon and Facebook are on the same scale.

TO QUESTION WHY

It is pretty easy to toss out large mind-blowing complex statistics. It’s a common tactic used to distract us
from the real questions being asked. The real question here is begging for an answer we can provide and for
a prediction of what might happen as the size of the blockchain increases. It is a question that, when posed,
allows us to evaluate the energy usage and total costs associated with solutions, such as bitcoin.

The important questions to ask are: Why is bitcoin using so much electricity and what are the anticipated
effects of increased electricity usage? The reason that bitcoin uses the projected rates of electricity is not
simply about computational complexity; it is about economics. Computational complexity is nothing more
than a mechanism that allows for the standardised exchange of prices within the system. It is a means of
signalling. This function of computational complexity has been overlooked.

It does not matter how efficient the algorithm within bitcoin is nor does integrating problem solutions that
have a market-based value lead to a more cost-effective system.

First, if bitcoin were to use a more efficient algorithm, the market would equally adopt the efficiency gains,
increasing the amount of processing in that system. Overall, the volume of calculation and computation
would increase to the level of profitability. In this scenario, the cost would again increase as more systems
were deployed. The overall electricity usage would remain similar to that of the less efficient algorithm.
There are arguments that bitcoin security comes at a disadvantage because the algorithm has little real
world value . A small percentage of those who take that position actually understand that the bitcoin
mining process is associated with the security of the network. What they do not understand is that there is
no advantage gained from solutions with alternative uses. If a society is willing to invest in these other uses
of the network, they can do so now. However, adding alternative uses to the bitcoin network increases the
cost of mining and, although the effect is rather insidious, it is one that is commonly overlooked.

The problem emerges from an analysis performed from the perspective of a cryptographer as opposed to
an economist. To a cryptographer, total network security is a seemingly pure combinatorial problem. It is
about the number of permutations that need to be solved, and, by increasing the number of permutations
solved, the network becomes more secure. What is missing from this reasoning is the cost per permutation.
Bitcoin is not simply the calculation of difficult permutations. It includes the cost of the calculations.

As was noted in section 6 of the 2008 paper , an attacker ‘o ught to find it more profitable to play by the
rules ’. This is the key to the problem. The issue is not one of simple calculations; it is one of economics. As it
becomes more efficient to mine a protocol or algorithm, the spot profitability will increase for the miner. As
this profitability level increases, more miners and companies start to compete, driving the total profitability
down to a level that is commensurate to a combination of the industry risk and the risk free rate.

A ZERO-SUM GAME

In future blogs, we will delve more deeply into the details to explain the following section to the lay non-
economist readers. Here, we begin with a cost-benefit analysis. Across a society, transaction costs, benefits,
and losses through compromise are incorporated into the total costs of damages and damage prevention.
Damage prevention in this context incorporates a stronger blockchain. In this scenario, the miner and the
user of the service are in a type of competition related to the payments made across the network. In a later
paper, we provide details of the complete cost allocation equations, but these details are beyond the scope
of this particular post, and we present a simplified version here.

The allocation of bitcoin to a miner does not create wealth; it reallocates existing wealth. If we already have
n bitcoin at time t , then at time t + 1 (defined by the creation of a new block and the allocation of rewards
for mining), we would have the same wealth, W , but it would be more widely distributed. At present, the
mining reward (at the time of writing) is r = 25 BTC plus transaction fees. Transaction fees should be
understood as preferential payments to ensure that those transactions are processed more rapidly than
transactions without fees. Consequently, we ignore transaction fees for the purposes of this post because
they do not change the overall outcome.

The mining of bitcoin is a security service that alone creates no wealth. Consequently, those using the
network pay for the service. If we consider that the changes in overall wealth are influenced by the loss of
bitcoin or, when not truly lost, the overall impact of bitcoin not being moved plus the change in the utility of
bitcoin, we can add values x and y to the overall wealth equation as follows.

At time t ​i +1 ​ or block ( i + 1}, we obtain a level of wealth W ​i +1​. Assuming that the demand for bitcoin
remains static between times t ​i ​ and t ​i ​ +1, we can, for the purposes of this argument, assume that x + y = 0.

At time t ​i +1, we change from n = ni to n = ni+1 = ni + r bitcoin in circulation. Here, W ​i = niwi is a statement that
the product of wi (the value of each bitcoin) and the number of bitcoin in circulation reflects the total wealth
value associated with bitcoin. Because the wealth function remains constant in this period, or can be
approximated to be so, we can state that:

In this equation, ε accounts for the standard error in market reporting processes and would, therefore,
account for variability in the result.

For all periods where n = ni ≥ 0, we have the result that ≤ 1 and, hence, the value of wi is diminishing

without an increase in utility associated with the protocol. At the time of writing, there is a total of 15,446,950
allocated bitcoin with an imminent change in allocation rate of r = 25.

This leads to the change rate of:

The change to market each 10-minute period equates to approximately 0.000162% lost and redistributed as
a security function. This is the cost of mining, and it sets limits to the profitability that a miner could
experience. This transfer of wealth to the miners accounts for the total cost paid by the network to ensure
the security of the network at any given time. This is not the level of profitability; it is the cost function.
This calculation is a zero-sum game. The reallocation of wealth as a payment for the service is a market
transaction cost. In any reallocation, the miner is expected to reap a profit defined by the miner’s share of

the market , where λ1 accounts for the miner’s total hash power and the hash power of the

network is defined by (λ1+λ2). From this, we see that the total revenue achieved as a mining strategy is
defined by the following formula:

and, because P ​m​ = R ​m​ ​− C ​m​ , which defines the profit of the miner (P) and the cost borne by the miner (C),
we obtain the profitability calculation that provides the average profitability that can be expected for any
period (i) :

In this equation, the miner has fixed and variable costs. If we were to add any so-called ‘side benefits’ to
mining bitcoin, then we would end up with an altered equation. The utility of mining bitcoin then becomes
a combination of the profit obtained through mining bitcoin as derived from the utility factor associated
with mining bitcoin plus the profit or added utility associated with the alternative strategy. In this scenario,
as the profitability associated with a joint mining strategy increases, more players would seek to maximise
their revenues and, hence, their profits, up to a point where the profitability of each miner’s returns to the
returns expected from the risk-free rate plus the incentive for the risk taken in the capital investment and P
m + ​U = P​ ​m + P ​U .

Over time, we expect the profitability to establish an equilibrium based on the risk associated with mining
and the capital investment. The total revenue received by a miner would incorporate the cost to the bitcoin
community, which is providing the service, plus the cost of the additional utility added to the service. This
capital allocation suffers transaction costs, and the addition of the added benefits is transferred at less than
their costs. Furthermore, the effect is transference of unwanted services to all users of the bitcoin network.

SPECIALISATION

Since Adam Smith, economists have known that we enrich ourselves and, hence, society through
specialisation. Specialisation focuses on specific areas of production and trade. To enrich ourselves, we look
at peaceful activities that utilise resources and goods produced along the lines of what we freely choose.

The real issues associated with mining bitcoin for purposes other than the security of the network relate to
the inability to correctly determine the costs of the inputs and outputs to the network. Not all parties will
equally value additional output and the result will be a series of conflicting prices. The truth of the matter is
that bitcoin mining provides a service in itself. The value of that service is reflected in the amounts that
people are willing to pay for bitcoin for its utility in securing the network. When we start taxing the network
by adding additional services of somewhat dubious value, we start to increase the cost of the network and,
hence, diminish the overall benefit.

Data obtained from the US Mint indicate that the total USD Coins in Circulation (production 1999–2014) was
380,344 tonnes. In future posts, we will examine the costs of paper-, plastic-, and coin-based currencies.
However, here we must consider that the perceived cost of bitcoin mining is not limited to analysis of the
bitcoin network alone; to understand it, it cannot be investigated in isolation. Any analysis should be
performed relative to the alternatives. Indeed, everything in economics is a relative equation that contrast
related options. The choice to use bitcoin is not a choice to use bitcoin or nothing; it is the choice to use
electronic currency as opposed to the pre-existing system.

It is very easy to pick an isolated event and to use it out of context. In the future, we will continue this
discussion as a series of posts on this topic. In this process, we will analyse and link the costs of paper, the
costs of metals and coins, the fraud and transactional losses associated with traditional and online banking
that currently affect credit cards, and many more related topics.

As F. Bastiat noted in his seminal essay ‘ What is Seen and What is not Seen ’: ‘I am sorry to upset’ [those]
‘ingenious calculations, especially since their spirit has passed into our legislation. But I beg’ [you] ‘to begin
them again, entering what is not seen in the ledger beside what is seen’.

With this foundation, we can start to analyse the costs of bitcoin in contrast to its alternatives.

REFERENCES

U.S. Federal Reserve, 2014. How long is the life span of U.S. paper
[1]
money?
U.S. Federal Reserve, 2014. How much does it cost to produce currency
[2]
and coin?
[3] U.S. Mint, 2014. Circulating Coins Production Figures
[4] U.S. Mint, 2014. Coin Specifications
[5] U.S. Mint, 2014. What is the life span of a coin?
[6] Analytics Press, Growth in data center electricity use 2005 to 2010
ADAM SMITH BITCOIN ATTACK BITCOIN COST BITCOIN COST-BENEFIT ANALYSIS SPECIALISATION
Social Choice, Bitcoin, and Arrow’s Theorem
By Craig Wright | 28 Apr 2016 | Bitcoin & Blockchain Tech

What is the value of a Bitcoin blockchain alternative? Many propositions add

alternative states, which must be included in the evaluation of the resulting overall
utility and welfare. Because no two parties will see the same utility resulting from the
same expenditure, a social choice problem occurs. Condorcet’s paradox and Arrow’s
Impossibility Theorem are subjects for discussion.
There are many alternatives to the Bitcoin blockchain. Some propositions use scenarios with value that goes
beyond the problems that threaten network security. Some altcoins have proposed [email protected] style
solutions for all types of problems including the search for a cancer cure. Whenever we add additional
states, these states must be considered along with the overall utility and welfare that results. This creates a
social choice problem.

Bitcoin was simplified to include only the solution that would ensure that no alternative could diminish the
system’s security. That is, Bitcoin forms a simple two-good, two-person Edgeworth box economy form of a
distribution problem. At each point, there is a known solution representing goods distributing between
members.

Each of these states is mutually exclusive. Although each agent expresses their own preference for
alternative uses, determining the overall maximal returns is straightforward. Without alternatives, the
mining solution becomes Pareto efficient.

The alternative of adding so-called “useful” puzzles to Bitcoin creates a scenario where there is an additional
utility to the solution itself. This additional created utility varies among network users, and no two
individuals will have the same preference for a particular use. This even assumes a single-use alternative
and precludes the addition of multiple competing solutions.

We encounter problems such as Condorcet’s paradox in the scenarios. I point the dedicated reader
towards “Advanced MicroEconomic Theory” (Jehele & Reny, 2000) where, in Chapter 6 of this book, the
authors address Arrow’s Impossibility Theorem , which is touched on only lightly in this post.

The primary problem with the addition of alternate forms of utility is choosing which form to include, how
much of the form to include, and who should decide. In locking any alternative into the protocol, we
incorporate the possibility of debate on profitability and utility. The problem here is that no two parties will
see the same utility resulting from the same expenditure.

The most important consideration is that any additional inclusion is either of no utility and, thus, should not
be incorporated, or of utility that can be expressed across a market in the form of profit. In the form of profit,
the miner will benefit from the redistribution of Bitcoin wealth in the allocation that comes from the
discovery of a block solution, and from the utility associated with the alternate use. The end result is that
miners will still seek to maximise profit. This rational behaviour leads them to the optimal strategy, seeking
returns that are just over the risk-free rate as other miners enter the market.

When the utility is split between securing the network and alternative uses, the natural end result must be
that the investment in network security in a mixed-use environment is less that the investment that will
occur in a pure single-use environment. The overall consequence is that Bitcoin becomes less secure
because the investment in mining infrastructure that would otherwise secure the network is split between
securing the network and other uses that have been tacked onto the network.

Simply put, the value of mining is not only wasted, but it is incorporated into the value that we gain in a new
transactional medium. The value of mining is the security of the Bitcoin network.

REFERENCES
Arrow, K.J. (1950). “A Difficulty in the Concept of Social Welfare”. Journal of
[1]
Political Economy 58 (4): 328–346. Archived.
Jehle, G.A. and Reny, P.J. (2000) “Advanced MicroEconomic Theory” Second
[2]
Edition. Addison Wesley Longman, US
What happens after Moore’s law….
By Craig Wright | 28 Apr 2016 | Economics
Now that it seems clear that Moore’s Law will reach its end, what will happen? Whether the predictions are of
minor or major changes, different processing paradigms will surely emerge. Software presents problems
distinct from the challenges of hardware. The key to predicting the future may lie in our recognition that
economics and energy limit human innovation. However, innovation has a history as old as humankind, and
the innovative possibilities for computing are limited only by our imaginations.

A friend recently pointed me towards an article on Moore’s Law . More accurately, it was an article that was
again predicting the imminent demise of this paradigm.

One could argue that there are strong and weak formulations of Moore’s Law. In its strong form, the
prediction is limited to an increase in the number of transistors that exist on a single microchip. In its weak or
broader form, the argument is more closely related to an economic costs effect. The former prediction heavily
relies on the type of technology being deployed. Silicon- and germanium-based transistor technologies will
face severe limits in the coming years, and, therefore, this version of the law can be safely predicted to end.

Thus, we could argue that, technically, the pessimistic predictions of the end of Moore’s Law are
correct. However, in its broader form we could argue that the end is not near. It is true that the size of
transistors has a limit, and it is true that we are quickly nearing that limit. Nevertheless, the reality is that we
are also changing the architecture and processing.

If we were limited to analysing Moore’s Law based solely on the number of transistors and, hence, the
limitations of a literal perspective, then we certainly are fast approaching the end. However, that does not
mean that we will not get more transistors onto a chip; rather, it means that the architecture will adapt and
the process will move away from a doubling period of 18–24 months. Under that scenario, we would move
into different processing paradigms.

COMPUTATION IS ABOUT ENERGY AND ECONOMICS

The reality of computation is that it is all about innovation. There is a limit to what a human mind can do,
although, working as a collective, our human minds can do far more than any single mind. Perhaps there is a
limit to human innovation, but I do not believe that we are close to that limit yet, if it even exists. I prefer to be
an optimist on the matter, and I foresee no limitation to human innovation in my lifetime or in the lifetimes
of my children or grandchildren. Beyond that, none of us can predict, and I am hopeful nonetheless.

Moore’s Law is an economic predictive model. We can build bigger chips now. Using software, we can merge
multiple CPUs, GPUs, co-processor chips, and cards into a mesh that acts as a computational model far
superior to any single machine. The limits to our doing this are not related to the technology because the
technology already exists. The limits we face are more general, and they concern economics and energy.

The human mind continues to demonstrate that it has more computational power than any system we have
developed. It is a living self-programming machine that runs with extreme efficiency. Despite all of the
human errors in programming and all of the human failures in biology, we know that our computational
limits are well beyond our present abilities.

Humans have a general problem with pessimism that has pervaded societies for as long as they have existed.
Yet, innovation has led the drive towards more diverse and wealthier societies. The driving force of innovation
and the creation of new methodologies are not new, and there is no end in sight. Even so, many people seem
to believe that we face an end to human achievements. Malthus recanted in the end, but many of us will not.
In the face of development and progress, it is easier to sell a story of gloom and doom.

Things will change. There is no doubt about it. More importantly, we cannot even begin to predict the nature
of the computational power that will exist in 2050. It could be a technology derived from our existing
computational systems or it could be some new quantum system. There is no way to know the future before
we get there, or very close to there. It seems likely that we will have a new, and as yet, unknown disruptive
technology carrying our path of growth forward. This new technology cannot be predicted today beyond
knowing that it will allow us to continue on a path of growth. To some people, this leads to theories of ‘what if’:
What if no one develops anything? What if innovation just stops? What if there is nothing left to discover?

There is nothing new in this attitude!

‘ There is nothing new to be discovered in physics now. All that remains is more and
more precise measurement’.
~Lord Kelvin, 1900
It is an attitude that has pervaded and persisted in science for generations:

‘ The more important fundamental laws and facts of physical science have all been
discovered, and these are so firmly established that the possibility of their ever being
supplanted in consequence of new discoveries is exceedingly remote. Our future
discoveries must be looked for in the sixth place of decimals ’.
~Albert Michelson, 1894
This is the attitude that led to long-term stagnation in the finance industry. Yet, even there, we see change,
which will be long-term change because of the influence of innovation. Innovation will continue in the form
of disruptive technologies that no one expects or predicts, that seem to have come out of nowhere, created
by the people we least expect to change the world.

The combined computational power is not causing our current limitations. The limitations are actually in our
software. The speed of a modern computer is not controlled by the growth in its clock cycle. It derives from a
combination of factors that are not the primary limiters of modern computers. Hardware continues to grow
according to Moore’s Law, and it is expected to do so into the foreseeable future. Software is a different
matter. The progressive improvement of modern computer software is the creative product of the human
mind. When many minds work together, more complexity enters the system, although there is a limit.

One key aspect of bitcoin that is not generally known or considered is its ability to allow for distributed and
parallelised computations. In a traditional computer, since the 1970s or 1980s, complex algorithms and
systems are simplified through iterative processes, such as looping. But, quantum computers do not work
this way. The nature of a quantum computer is to simultaneously solve all possible states, or so we hope.
Bitcoin script is aligned with this type of computation. Instead of traditional looping, bitcoin scripting is
targeted towards massively paralleled computations.

One way to achieve this can be implemented by using hash puzzles and other computational puzzles that
can be secured through Boolean statements that link the puzzle to be solved with the addition of a payment
address. Transactions that substitute each possible value of a variable can be created. If we wanted to trial a
variable from 0 to 1 billion instead of sequentially cycling through each of the states, we could run them
simultaneously in parallel. Each transaction would be executed with the one that correctly solves a puzzle
leading to the payment. This leads to the possibility of complete economic outsourcing for computation. Not
just storage, mind you, but each sub-routine and each calculation or computation.

Therefore, Moore’s Law is not about the number of transistors; it concerns the economic growth of a system.
The effectiveness of the utilisation of a system is a separate matter, and the creation of larger and faster
computers is limited by the software they run. We are now headed towards more economical systems, in
which we will see the costs of computers continue to decrease over time. Most importantly, the results of
Moore’s Law relate to the energy economy. This does not mean that we will use less energy to run our
machines; it means that the amount of energy we use to complete an individual calculation will decrease.
What truly matters is not the number of transistors we exhibit; it is the extent of our computing efficiency.
Even now, the drive towards Exascale technologies moves us into the future. The creation of systems that
run multiple cores will certainly change the nature of computing.

THE NATURE OF THE COMPUTATION IS CHANGING

Computer science and, in particular, computational theory, is a field that will be actively explored and
researched in coming years. One reason that we began extensive experimentation with technologies like
CuDa and the Xeon Phi architecture was our hope of taking one transaction processing and the bitcoin
blockchain. Many of the papers we are now writing concern the use of highly parallelised code structures.
Using a combination of puzzles and calculated ECC addresses, we can engage multiple parties or processes
simultaneously to work out computational solutions with the expectation that they will be paid. This is not a
standard pay-for-work situation; it is a distributed proof or work within a transaction.

The changes mirror and parallel several others that I have recently seen. In the move from 8-bit to 16-bit to 32-
bit and now 64-bit architectures, we have had to change and adapt our software along the way. The next
change in software will be one of highly parallelised systems running across ultra-wide buses. The next
generation of computer architecture is already available running on 512-bit registers. The change in code is
immense, but we can hope it is sufficient to keep us going for several more years.

In the aforementioned article from The Economist , there is the argument of a definite limit to clock speed
and thermal design. Soon, even the number of transistors will change. But, this does not mean that
computational power will stagnate or diminish. The article jokes, ‘Moore’s law has been predicted to end for
as long as it has been in existence’. However, many facts in the article should be corrected. For example, the
cost of computer chips has not been increasing—statements that it is increasing are not true in either
absolute or relative terms.

The most cogent concern relates to issues with the software we create. Software does not scale anywhere
near the rate that hardware does. For all the advances we have made, the one that we have not made (to any
great extent) is in software. Software is slower now and becoming bloated; many of the skills needed to create
more efficient software have been lost because we use hardware to fix software problems.

Perhaps it is not technology as much as it is economics that allows the downward slide. Market forces dictate
much of this effect. The uptake of newer types of architecture has been delayed, although by consumers
more than by manufacturers. Similar to the pain felt in the slow change from 16-bit to 32-bit architecture, the
change from our existing 64-bit registers to the newer 512-bit systems has been difficult, to say the least.

The article in The Economist did not mention many of the technological changes already available. The main
point of this is that knowledge of these areas is limited. This is not to say that changes cannot be
implemented or implemented quickly, but the software to make those changes must be developed. As
stated above, I do not see a technological end to the increase of processing power in my lifetime. I see
technological limits caused by problems of software. The level of complexity is growing faster and faster.

In our leap forward, we will create more specialised chips and better software. The chips are the easy part for
us; the software is the part that will always take us a longer time to work out. For example, multi-core chips
already exist, and the difficulty is in figuring out how best to use them.

The comment that some mathematical tasks cannot be computed is technically incorrect. It is true that
some large processing requires large chips, but the fact is that there is very little that we know of that cannot
be done on a 512-bit chip. How well we do this is a different matter. So, the introduction of multi-core
machines must be managed in new and novel ways, and, in this regard, programming has become a
different beast. We have moved from something that people could do with a small skillset into a highly
specialised technical area. I hate to admit it, but, today, the best I can do is dabble.

I am an adequate programmer for selected tasks. Algebraic mathematics, functional design stages, and
complete back-end work are all within my technical bailiwick. Recently, and, by that, I mean in the last three
years, my ability to code across parallel systems and with many threads has improved, although I remain
extremely inefficient. For this reason, we have been hiring many talented developers who are far better
coders than I could ever hope to be, demonstrating the nature of specialisation. So, in the future, Moore’s Law
will not hold us back; the boundaries of the human intellect will determine whether we stagnate or grow.

Thus, to make these new systems work effectively and efficiently, we must code and develop at a level and
pace far superior than our current activity. This is the heart of my worries. The costs and prices of computers
and computational power are decreasing daily. The skillset needed to successfully develop new systems is not
increasing as fast as it must to keep up. In the end, what we have is hope that human ingenuity and
innovation can solve the problems as they arise.

MOORE'S LAW
Jean-Paul Sartre, signing and significance
| 02 May 2016 | Bitcoin & Blockchain Tech
By Craig Wright
On Tuesday 26th of April 2016 I did the final stage of instruction to a select group of people concerning
the origins of the form of signing and a set of digital keys that I am going to communicate the origins of
on this blog. I spent time with the BBC, the Economist and GQ. Prior to this I had already met Jon
Matonis , Gavin Andresen and others. I will not provide an account of what occurred in each of these
meetings and will leave it for others to disclose if they choose. It is always preferable to have evidence
firsthand and to pass over hearsay.

All truth passes through three stages.

First, it is ridiculed.

Second, it is violently opposed.

Third, it is accepted as being self-evident.

Arthur Schopenhauer

In the last few years many people have misunderstood requests I’ve made. I’m not asking for money and
on any occurrence where I have sought to contact people, it has been for what would have been a
mutual exchange and one where I was not requesting compensation. On those occasions where I do
seek to meet someone, I do it on my own or my company’s expense; depending on the circumstances. I
will not ask for money nor do I want from you. If you feel compelled to aid my cause, the best I can offer
is that you donate money to Burnside a charity that helps single parents and children.

In this post, I will explain the process of verifying a set of cryptographic keys. It will be for others to
expound upon what is included here, as to the significance and on what they have seen. The nature of
evidence is the collection of body of facts that lead to belief. Right now, I am at the point where I’ve seen
the limit of what people take to be truth. It seems that a large component of this is formed through
hearsay, Chinese whispers and innuendo. For many, proof is not required when a desire to believe
something exists. In these instances, truth just gets in the way.

The process I have recently engaged in will be the only time I do this. I do not seek your approval and
nor do I seek fame.

Shortly, you will learn of the organisation I have been building. I wanted more time, but it seems that is
not available to me.

Before I start this post I will state categorically that I will never accept a cent that I have not earned. If
you decide that it is in your interest to honour me against my wishes, without consulting me; if you put
me up for an award, I will never accept the money that is associated with it . This does not matter in the
slightest whether it is a small and trifling amount or even something as large as a Nobel prize. The best I
will do is donate this money. I can appreciate you aiding causes I promote, but I will not benefit from you
directly. A process to implement a legal framework that will constrain me and never again allow me to
change my mind on this matter is underway.

“If I sign myself Jean-Paul Sartre it is not the same thing as if I sign myself Jean-Paul Sartre, Nobel
Prizewinner”
– Jean-Paul Sartre, 1964

I remember reading that quote many years ago, and I have carried it with me uncomfortably ever since.
However, after many years, and having experienced the ebb and flow of life those years have brought, I
think I am finally at peace with what he meant. If I sign Craig Wright , it is not the same as if I sign Craig
Wright, Satoshi .
I think this is true, but in my heart I wish it wasn’t.

IFdyaWdodCwgaXQgaXMgbm90IHRoZSBzYW1lIGFzIGlmIEkgc2lnbiBDcmFpZyBXcmlnaHQsIFNh
dG9zaGkuCgo=

I have been staring at my screen for hours, but I cannot summon the words to express the depth of my
gratitude to those that have supported the bitcoin project from its inception – too many names to list.
You have dedicated vast swathes of your time, committed your gifts, sacrificed relationships and REM
sleep for years to an open source project that could have come to nothing. And yet still you fought. This
incredible community’s passion and intellect and perseverance has taken my small contribution and
nurtured it, enhanced it, breathed life into it. You have given the world a great gift. Thank you.

Be assured, just as you have worked, I have not been idle during these many years. Since those early
days, after distancing myself from the public persona that was Satoshi, I have poured every measure of
myself into research. I have been silent, but I have not been absent. I have been engaged with an
exceptional group and look forward to sharing our remarkable work when they are ready.

Satoshi is dead.

But this is only the beginning.

KEY VERIFICATION

In the remainder of this post, I will explain the process of verifying a set of cryptographic keys.

To ensure that we can successfully sign and validate messages using the correct elliptic curve
parameters in OpenSSL, it is necessary to ensure that the secp256k1 curve is loaded. This is not the
default on Centos Linux. I will not detail this process here. I do point out that RPMForge maintains
binaries that have already been patched. My recommendation would be to download both the source
files from the OpenSSL website and the patch, if, like me you’re running Centos.

I will also point the reader to the following websites for some preliminary reading:

https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations

http://www.secg.org/sec2-v2.pdf

https://www.openssl.org/

https://www.bfccomputing.com/bitcoin-and-curve-secp256k1-on-fedora/

The first stage of this exercise will be to explain hash functions. In the figure below we’re displaying a file
called “sn7-message.txt”.
Script fragment

The series of hexadecimal values displayed in the figure above represents the SHA256 hash of an input
value. A good hash algorithm will produce a large string of values that cannot be determined in advance.
The amount of information and possible permutations always exceeds the range of imitations that can
be output from any hash function and as a result, collisions will always exist. What makes a hash
function such as SHA256 useful and considered “secure” is that it is infeasible given the current state of
technology to determine and find a set of input values to the hash function that collides with the same
value that is returned as output.

The SHA256 algorithm provides for a maximum message size of (2 128 – 1) bits of information whilst
returning 32 bytes or 256 bits as an output value. The number of possible messages that can be input
into the SHA256 hash function totals (2 128 – 1)! possible input values ranging in size from 0 bits through
to the maximal acceptable range that we noted above.

In determining the possible range of collisions that would be available on average, we have a binomial

coefficient that determines the permutations through a process known as combinatorics [1].

I will leave it to a later post to detail the mathematics associated with collision detection. It is important
to note though that there are an incredibly large number of colliding values associated with each hash
but that the probability of finding two colliding values or determining them in advance is infinitesimally
small. Next week, I will follow-up with a post based on combinatorics and probability theory
demonstrating the likelihood of finding collisions for “secure” hashing algorithms.

HASHING

Hash functions are relatively simple and can be done by hand. This of course belies the complexity that
is required to reverse them. A good hash function is simple to use and yet is infeasible to reverse. In the
figure below we have run the Linux hash routine “sha256sum”. This simple program will return a unique
value that corresponds to a set and fixed input.

Script fragment

In the figure above, we have run this on several files including one that we are using for this OpenSSL
signature exercise. The particular file that we will be using is one that we have called Sartre. The
contents of this file have been displayed in the figure below.
Script output

Digital signature algorithms sign the hash of the message. It is possible to sign the message itself but in
signing the hash it is possible to ensure the integrity of the message and validate that the message has
not changed. If even a single space or “.” was to be altered, the hash will be radically different to the
value returned initially.

In order write this value and save it to a file, we can use the Linux command, xxd . This will write the
ASCII values into a hexadecimal binary file. In the command below we would be writing a string of zeros
into a file called “file.name”.

In doing this, we can change the string we received as output from the hashing algorithm into a hex
encoded file. This will be the message we can sign and verify. It is important to validate the string of
numbers that you are putting into the echo command above. If a single digit has been typed incorrectly
then the message will not verify.

PUBLIC KEYS

In order to verify a digitally signed message we need number of components. These include:

The algorithm,
the public key of the signing party that we wish to verify,
the message that has been signed, and
the digital signature file.

The first part of this, the algorithm is obtained through the installation of OpenSSL with the
incorporation of the secp256k1 curve patch. In the step above we covered the creation of a hashed
message. In the next section we will cover the use of ECDSA public keys.
Script fragment

For this exercise I am using a public-private key pair that is saved is a PEM file in OpenSSL. David Derosa
has written an excellent page defining the creation of an elliptic curve key pair in OpenSSL. In the figure
above you can see the particular PEM format public key that is associated with the key pair used in
signing the message in this exercise. A thorough reading of David’s page will provide all of the
information for the reader detailing how a private key pair used in bitcoin transaction can be formatted
as a PEM file. This page details the creation of a new private key and not how an existing private key can
be imported into OpenSSL. I shall cover this additional process and demonstrate how an existing private
key pair based on elliptic curve cryptography can be imported into a ASN.1 format for use with OpenSSL
directly.

The command to export our public key is given below.

The string returned is the public key value used by programs including bitcoin for the verification and
addressing of the signing function.

Casascius has developed a nifty tool that will help you decode this public key and return the associated
bitcoin address that it maps to. We have a blog on this site that will help you understand the technical
aspects of how bitcoin addresses derived from the public and private keys. Several online tools are also
available that can calculate the bitcoin address from the public key.

SIGNING

The process of digitally signing a message using OpenSSL requires that the party signing the message
has access to the private key. I will document and cover this process further in a later post. In recent
sessions, I have used a total of 10 private keys are associated with bitcoin addresses. These were loaded
into Electrum , an SPV wallet. In one of the exercises, I signed messages that I will not detail on this post
for a number of individuals. These were not messages that I personally selected, but rather ones that
other people had selected. In some instances, we ensure the integrity of the process by downloading a
new version of the electrum program, installing it on a fresh laptop that has just been unboxed having
been purchased that afternoon and validating the signed messages on the new machine.

The version of electrum that I run is on Centos Linux v7 and runs via Python. For the exercise I noted
above we used Windows 7 and Windows 10 on different occurrences.

SIGNATURE VERIFICATION

The final component that we need to cover is the signature itself. We will be using the following
command to convert our base64 format signature into a file format that can be loaded into OpenSSL.

The signature filed we will be verifying contains the following data.

In the figure below we display the signature file as it is stored on the computer that was used for this
process and we see the result of the verification exercise. In saving this file, you could cut-and-paste the
encoded signature and insert it into a saved file using an editor program such as vim. Not that I’m
looking at getting into a holy war over the choice of editing programs.

Script fragment

There are two possible outputs from this process that concern us. OpenSSL will either return as “Verified
OK” where we have validly verified the signature. All of the information that is required to import the
public key, the message and the message signature used in this post is available on this post.

I could have simply signed a message in electrum as I did in private sessions. Loading such a message
would have been far simpler. I am known for a long history of “being difficult” and disliking being told
what “I need to do”. The consequence of all of this is that I will not make it simple.

SOME SCRIPTS

In order to simplify this process, I have included two shell scripts. For variations on scripts like these,
please visit a site such as the one hosted by Enrico Zimuel . This site is not particularly focused on elliptic
curve cryptography but it is not too difficult to update his code for the use on a bitcoin based system.

SIGNING
For you to try and test this at your leisure I have included the signing script below. To use this script, the
input consists of the variable <file> which signifies the file that you desire to sign using a selected
<private_key> under your control. In this command, the <private_key> variable represents the file
containing the private key to be used in signing the message and which will output the signature.

The output from this shell script consists of the signature saved as a Base64 encoded file. This will be
saved to your hard drive or other location using Base64 format as a file named <signature.der>.

EcDSA.sign.sh

VERIFICATION

We can use a similar process to verify the signature we have created using the script that I have
included below.

In this commandline, the variable <file> is used to signify the name of the file we seek to verify. The
variable <signature> represents the file where we have saved the signature (and coded using Base64),
and the final variable, <public_key> contains the PEM formatted public key. We use these files together
and if they are valid and correct they will allow us to successfully to verify the digital signature.
EcDSA.verify.sh

CHOICES ON FORMATTING

The signature format used within bitcoin is based on DER encoding. Other methods have been applied
in the original code has changed significantly in the last seven years. The choice of DER encoding for the
signatures and other information was based on a desire to ensure that information could be shared
between incompatible systems. It is not the most efficient means of storing information but it does allow
for disparate systems to communicate efficiently.

Like many open source projects, OpenSSL is poorly documented in many areas. bitcoin addressing and
the storage of key pairs could have been far more efficient and the code has been updated to ensure
that this is now the case. But like every new system it is far better to have something that is working on
something that is not available but is aiming at perfection.

Security is always a risk function and not an absolute.

REFERENCES
[1] Lovasz, Laszlo (1979) “Combinatorial Problems and Exercises” North Holand Publishing Co.
Amsterdam
Bitcoin vs The anti-capitalistic mentality
By Craig Wright | 18 May 2017 | Bitcoin & Blockchain Tech
Bitcoin has been created as a libertarian form
of money. Unfortunately, many of the people
currently attracted to it have a bent towards
socialism or anarchism. The primary feature of
modern capitalism has derived from the mass
production of goods and services destined for
consumption by the masses.

Bitcoin creates a system that allows any

person to challenge any millionaire or
billionaire. Taken to its conclusion, it allows a
market not sabotaged through government
mandated controls and restrictions. The
problem for many with this sort of system is
that it leaves fault exclusively on the
individual. If you fail to succeed, there is no
one but yourself to blame. In the bitcoin economy, you need to develop systems that satisfy the public in
order to be made wealthier. This lack of monopoly control through the international distribution and
geographic dispersion of the bitcoin network means that companies and individuals who seek to profit
through mining need to do so competitively.

Each of these organisations would know and understand that they cannot rest on their laurels. To do so
would be consuming the very capital that they need to prosper and advance in the future and would open
wide the door for further competition.

Any individual can decide at any point that they wish to become a miner on the bitcoin network. In the
unseen fallacy, the argument against this comes down to profitability. On one hand, the anti-capitalist states
emphatically that the greed of the miners is taking control away from the people. This greed is an
overwhelming desire for profit. Perversely, at the same time the same individuals try and tell us that we
cannot mine because it is no longer profitable to do so. They argue on one hand the need for profitability and
on the other the need to give away services altruistically. Both diametrically opposed arguments cannot be
true. This is the nature of the contradiction. Anyone can mine. The choice is one of profitability.

Miners serve the masses. This is not some nebulous economic majority or other form of demagoguery. It is
very simple; any person can vote with hash power. Bitcoin solves the byzantine general problem by creating
peer nodes that signal a level of economic intent.

As Adam Smith said: It is not from the benevolence of the butcher, the brewer, or the baker that we expect
our dinner, but from their regard to their own interest.

Bitcoin does not allow for fashionable doctrines. It does not promote either the right nor the left in politics. It
acts purely as a source of measurement. In this, it takes measure of the amount of wealth that people are
willing to value within society. It is a form of wealth that is not easily manipulated. At the limit, in a scenario
where bitcoin became the predominant form of international currency, it leads to a common measurement
that cannot be altered or manipulated easily by government. This does not say manipulation cannot occur,
rather any manipulation would come at a great cost.

A golden age

As a result of capitalism we have entered an era of unprecedented prosperity. We live in an age of amenities
that are beyond the comprehension of even the richest of individuals throughout most of history and we are
far from the end of history. This cry of utopians that we have an ultimate goal is one that cannot even be
imagined and is one that we are not even close to for all our growth. In the long run, wealth is accumulating
at greater and greater rates. The growth of capital is accumulated faster than the growth of population. At
the same time, we are in a system that is attacked through people who loathe the concept of capitalism.
They seek to revert as to the good old days, days of toil, days of despair and days of poverty.

Attacks against capitalists, especially those operating mining facilities point out the greed of the miner or
other capitalist. They liken these entrepreneurs to the aristocrats and oligarchs of times past and other
societies.

The wealth obtained entrepreneurially cannot be compared with the wealth of an aristocrat. The bitcoin
miner derives wealth through a market-based process. In securing the network they are supplying the
consumers with a valuable good. The aristocrat does not serve the market and is immune to the displeasure.

Capitalism makes no pretence of rewarding people to their true merits or any moral judgements, the
prosperity that one accrues is simply the result of providing services that one’s fellow man desires and is
willing to pay for. In this system, the consumers are supreme. It is extremely simple. In a world of distributed
mining pools the capitalist owner of any individual corporation seeks to attract others to their system. The
motives for this are profit. In the event that consumers are unhappy they can at any time change allegiance
and moved to an alternative pool. In the bitcoin economy, it is not academic judgements or vocal
demagoguery but rather the valuations that manifest through choice.

Any system that does not abide within these conditions is set to fail.

It is not for the centralized whims of a few that the path of the network must be decided. It is for those who
are willing to pay that the network has been provisioned.

The hierarchy of experts and the priesthood of knowledge

As with all systems, hierarchies will exist. The expert rails at the consumer who fails to perceive the worth of
the expert opinion. The expert has knowledge and they believe others should be made to listen to them. In a
market economy, expertise is a marketable commodity and it is only when you deliver what the consumer
requires, what they ask for, and what they are willing to expend their money on that you will succeed.
The resentment of the experts
By Craig Wright | 19 May 2017 | Bitcoin & Blockchain Tech
In this paper, we will expand on some of the reasons why many of the early developers in bitcoin loathe
capitalism.

These individuals see themselves as special. They have more knowledge, and they believe they are more
intelligent than the other people around them. They look back to stories and tales of caste and status based
societies. In these, they do not think about the degradation and poverty of the many, but their own fate. In
that caste or status based society, one can always ascribe the conditions of the world to fate and to
scenarios beyond one’s own control.

If you are poor or you’re a slave, it is because it is your place in society. There is never any reason for you to be
ashamed of your place or your rank. There is nothing that is your doing. Your family cannot take fault with
you. You cannot ask “why are you not King?” for to do so would invite the rejoinder “if I were a king, you
would not be my family. If I were born a son of a king, I would have married Princess”. In this society, one
has no fault for we can never be clever enough to choose our own parents.

In a meritocracy, in the world created in free market capitalism, in the world envisioned in the creation of
bitcoin, every person determines their own fate. Your life is not fated, it comes from your own luck,
judgement, effort and sweat. Those born with gifts need to apply them. Those with aptitude need to
compete. Those who desire to alter the fundamentals of bitcoin, to restrict it, to leave it small, they will know
their own missed chances. They see that they have been found wanting by their fellow man.

In bitcoin, they see nothing special. They see that the cryptography has been available for many years and in
some cases decades. They see code that they could have created. They see missed opportunities. They are
asked, “if you were there from the beginning and saw the potential, why didn’t you start mining in 2009?”.
They see nothing special and do not understand that bitcoin is not simply an aggregation of cryptographic
techniques.

We all have missed chances and things that we have failed at. The only true failure is when you give up and
stop trying. Those trying to hold bitcoin back understand that their ambitions have not been fully gratified.
They see their missed chances. They see the system that they believe they could have developed and they
like to say how much better they could have made it. It is easy to pick on something and say that it is
flawed, that it is not perfect and that they could have done better. The fact is very simple – they did not.
They did not create the system and they are doing nothing to ensure its survival.

Bitcoin needs to grow. The only way that it will ever be successful is for it to have rapid user adoption. This is
not some half-cocked idea that every person on earth must control access by their own wallet that acts as a
full mining node. The vast majority of nodes will always be SPV nodes if bitcoin is to be successful. Most
people will access their money using third-party tools. This was the way it always was meant to be and it is
the way that it will scale and will work.

Those who resent bitcoin the most present themselves as its core supporters and experts. They state how
they know more than us. They tell us about bitcoin and its cryptographic controls and yet they overlook the
most fundamental aspect of bitcoin, the one that they could not understand and the sole reason none of
them created it. That reason is economic. It is the economic aspects of bitcoin that make it what it is. It is the
ability to take away the control others have over our lives through the reintroduction of the ability to
manage our own finances. This simple understanding is the core to what makes bitcoin all that it is. It is not
cryptography, it is not the mathematics, it is the modelling of economic risk.

No cryptographic system is perfectly secure. They are all probabilistic. Many will try and tell you otherwise
but they are either lying or seeking to subvert the truth to their own ends. It is the interaction of markets
and the individuals that make them up that creates the freedom that bitcoin can provide. This is what they
seek to subvert. Those developers, the ones that fear markets and shy away from them, the ones who failed
to understand and grasp enough of economic theory to have created bitcoin and now try and change the
model a conscious of their own inferiority and feel humiliated.

These people talk about the sternness and unfairness of capitalism. It is the system mirrored in bitcoin. It is a
system that allows everyone to provide for themselves according to their own contribution. It is not equal
and nor can any system ever be equal unless we are equally destitute.

The call of bitcoin and capitalism together is simple; to each according to his accomplishments.

Everybody understands that many like ourselves have succeeded where we have failed. We know of those
self-made people who started with less than us. We know the reproach on why we could not have been
smarter, worked harder, achieved more and for those who give up, those who say that they understand and
control bitcoin, the ones who sit dictating a world that they want to control, they look upon those who
succeed with contempt. They bundle the entirety of the Chinese market into one nebulous whole and
insult them. They call them the Chinese horde and treat them as if they are second class citizens.

The truth is that these people are fearful of their own failures. They criticise the Chinese and others in the
mining industry within bitcoin from their own fears. All of these people feel unhappy under capitalism, not
because it has not helped them immensely, but because they don’t have the position that they believe they
deserve. A position that is only granted ever to the few and capitalism is granted on merit. Bitcoin is
capitalistic. It is a system based on merit and achievement. Some of us will work forever and fail and others
will be lucky and succeed with ease but the truth of the matter is that life is never fair and it is not about
being fair it is about building as much as we can and that is something that does not lead to equality.

Many in the bitcoin community called for Satoshi’s bitcoin to be destroyed. None of these people have
moved to destroy a single one of their own coins. They talk about what they are owed. They talk about the
need for people to give back to them and forget that capitalism is about what you can give to others.
Capitalism requires the merchant to deliver the most profitable solutions to the most people.

To the people in core and those who think that they know best the bitcoin, I say you suffer an inferiority
complex. You see an unknown person and think that you must be better, that you could have created
something better, that this system has flaws and you could have a solution that is better. The truth of the
matter is none of you made a system that was better. Now, you seek to restrict and restrain, to hold back
and limit that system through a sense of your own inferiority.

The miners all know and understand that bitcoin can scale many times its current size. None of them fear
an 8MB or even a 20Mb block size increase and yet you hold the entire market hostage. You put in
arguments about compromise and ignore your customers. You lie to people and denigrate others and this is
what you call a fair and equal society.

Well, I for one reject your idea of society.

I see a world where people fight not with their fists and guns but through commerce. A world of trade. A
world of open communication with people know that they have to work harder if they want to succeed. Not
the lazy world we are in now but one where people are happy and celebrate their success. Where they are
not afraid to gain an education. Not a nebulous degree with no purpose but something that actually helps
them build a career and where academics are not lauded for their intellectual pursuits that have no focus or
purpose. A world where applied research is considered more valuable than nebulous studies that no one
will ever read.

Those who radically reject the idea of enlightenment are those who try to limit bitcoin. That philosophy of
rationalism, utilitarianism and laissez-faire that has driven progress to the heights it is now is the heart of
bitcoin. It is not altruistic, it is a struggle and it is a tragic vision but it is the only vision that has taken the
majority of humanity and raised them to the heights we now stand upon.

To those in core, we separate those who have helped build, not through a desire for altruism that is
expressed to the public but as a secret lie from those who try and tell us of the nature of bitcoin and how it
is a sharing community of altruism and care. Bitcoin is a system of self interest. This is what we need to
embrace. Those who are part of bitcoin and have been for a long many years need to remember this. Those
gains that they sit upon far exceed any investment they have made to the system. Those that have lost
because they did not invest early enough all sold out too soon can remember what could have been.

Those who seek to limit bitcoin search for a scapegoat, another the blame for their own faults and failings.
They can say it was not my fault things did not go the way I wanted, it was the actions of this other.
Capitalism and the system that will come from bitcoin is a society and social order which treats everybody
according to the contribution that each of us make to the well-being of our fellow man. We are all the
founder of our own fortune. For each in this society there is no place for those who resent the fortune of
another who has done better. The world and bitcoin is for those who try and those who succeed. For there is
no failure unless we give up.

There is no perfection. There never will be, the never can be. This is a tragic world. It is a world of pain and it
is world of suffering and the only thing we can do to make it better is to engage in trade and commerce
and seek to deliver solutions that provide profit to our investors because profit is that capital that is used to
create more.

This is the world of bitcoin. It begins.

Attacks, Slander, and Censorship
By Craig Wright | 20 May 2017 | Economics
Those who live in a society where
each cannot be equal and whose
ambitions fail to be satisfied look
to others and blame them for
what they have not achieved.

The fool releases these repressed

feelings in slander. It is simple to
defame another and it requires
little proof. Many will listen
without any evidence and be
drawn in but none of these
people matter. It is those of us
who can look above and beyond
that can check and validate and
accept more than the lies, those of us who can do this are the future of bitcoin.

It is the fool and the idiot that needs to reside in a world that offers little more than attacks and persecution
and it is the fool that makes themselves happy in this endeavour. For those who can look past this, for those
who can ignore the slanders and deformation and move forth there is opportunity. This is a hard and tragic
world and for those who can work beyond it and its associated problems there is much to be gained.

The problem is never the fool. It is the sophisticated fool. These individuals do not denigrate themselves to a
level where they will publicly degrade another that lead others to that position. They don’t lie but mislead.
Either is a deception. The worst of these create a philosophy that opposes capitalism. This anger when
focused inwards helps to silence their own inner voice, that small niggling voice that tells them of their own
faults and failures. As they see those more successful than themselves they bundle this anger into a ball that
goes deep within themselves and they say how they could have been better and could have done more if
only for a better society and that it would be so if not for capitalism

They become fanatics. Their

opposition and attacks against
capitalism focus wherever they
see it most and in many cases
that subvert the system that
they hate. We see this in bitcoin.
They critique the capitalist
mentality and call that evil. They
do this in order to feel better in
themselves and to assuage that
gnawing doubt telling them how
they are not as good as another.

In the West, we live in a society

that has grown through equality
under the law. This is not
equality of genetics and nor is it
equality of birth. It is the right to
have and own property and to do with that as we wish and even that is being eroded. Bitcoin has been
developed not for a fairer more altruistic world but for a world where people will strive to make the world
better in an endless search for profit. This is simple because it is profit and profit alone that is that saved
capital that society is built upon.
We live in a society equal under the law that is populated with people who are not equal in ability. People
with different intellects and physical capabilities.

In the world of bitcoin, everyone no matter what their origins can become a millionaire. This is the problem
that many see. This creates a divide, a gulf between us as some of us see what others have achieved. We do
not admire those who do more but rather back and think of our own failings. We daydream and imagine a
fair world. This fair world is not one where we truly seek equality but one where we all wish to equally be
treated based on our perceived “real worth.” The capitalism of bitcoin is one that is fair.

To each his own from his own ability

This is not a call to need, is a call to achieve. Those who attack and denigrate the system hide in refuge from
reality. They are plagued by their own inability and the self-loathing that they failed to admit. It gnaws at
them, it grates inside for they know not only did they not create bitcoin but they cannot save it.

Bitcoin does not need saving. Once the cap is removed bitcoin will scale and it will scale even if they
attempt to keep it down for the market will respond and they will be removed.
Genesis
By Craig Wright | 22 May 2017
| Philosophy
It seems that many people within the bitcoin community are willing to accept whatever they’re told
blindly without validation. Others have been subdued through the repeated attacks and character
assassinations. We have seen this format used in many totalitarian governments. As core say with one
voice we offer you freedom, the changes and enslave us in the shackles of artificial restrictions.

Too many of us have been “Sheeple” too long. It is time that we started to take back what is ours.
Today we are going to investigate some of the origins of bitcoin. Many of these have been subverted
and even quotes by Satoshi himself are being deleted and censored from those who seek a different
and more controlling path. In this, we will start at the beginning. This is not the first time that bitcoin
was mentioned online, but it was when any of us took notice.

To do this we need to start with a fact that you likely did not know.

In 2009, the headlines from a UK newspaper sector is a marker to demonstrate that bitcoin could not
have been pre-mined more than a few days. It was the initial statement that has been subverted into
an attack on banks and others for all reasons. It is something that has become a socialist and anarchist
cry for the dissolution of many of the systems that we have in place. Today we will investigate not that
scenario that they wanted to believe, but something that says more about bitcoin than any anarchist
utopia could.

If we pull back the veil on the message, we see Satoshi quoting The Times. The date is an interesting
point in itself. Satoshi used 3 January 2009 and this was written into the Blockchain directly in the
format “03/Jan/2009”.

This format is a standard used within the Commonwealth. The UK, Australia, Canada and other
countries with the Commonwealth use this format. In the US it is more common as month, day, year.
So this in itself tells us a little. The mixed writing style favouring British English but occasionally
reverting to the US style demonstrates that Satoshi is more likely Canadian or Australian. Both of these
countries mix grammatical standards.
Most importantly, let’s start by opening up and investigating the article.

In this article, we see reported the government’s concern with banks not simply throwing money out
there for anyone to take. They actively sought to incentivise bad behaviour and push in typical
Keynesian style the problem down the road. It would be a bigger problem, but it would be someone
else’s problem. Chancellor Alistair Darling considered actively buying bad debts and assigning them to
the taxpayer:

“Under one option, a “bad bank” would be created to dispose of bad debts. The Treasury would take
bad loans off the hands of troubled banks, perhaps swapping them for government bonds. The toxic
assets, blamed for poisoning the financial system, would be parked in a state vehicle or “bad bank”
that would manage them and attempt to dispose of them while “detoxifying” the main-stream
banking system.”

Many people comment on the headline but it seems very very few have taken the time to read the
article. The article wrote about the erosion of markets through government intervention. Following a
£37 billion nationalisation, the government was considering devaluing the currency further. After
having set conditions that required the banks to be more aggressive, to offer home loans to people
they knew could never repay them, and to expand and heat up the economy, the banks reacted by
trying to protect the little profit that they still had. The government responded by saying they needed
to take more risk:

“They are close to cutting off their noses to spite their faces”

Lord Mandelson, Business Secretary, accuses the banks of being too conservative, Nov 30

It is interesting that we remember the concocted tales of how banks play with our money and risk our
futures. What seems to be forgotten is that when the banks try to act responsibly, the central banks
and government officials step in and change the game. They see this as something that cannot be left
to a market. It is political because it is about their being re-elected. In the election process in any
democracy the integration of the economy into the government’s sphere leads to market
manipulation.

In a well-managed market, that is one without interference and external government incentives to act
against the profit motive we see a balance of conservatism and risk within banking. This changes
radically when organisations are incentivised poorly. In this case, the policy of kicking the can down
the road only reintroduced risk. The inflationary process driven by government policy led to artificially
lowered home loan rates and lending standards. This spiralling trap of artificial value manipulation
pushes/drives the price of housing up. The price of housing that year fell by 16.2% on average. This
sounds great if you’re buying, but that neglects the cost and the other losses in society.

The fact, Bitcoin was never anti-banking. It was opposed to anti-free-market intervention.

This was far from the first time that the British government had to bail out the banks and even its own
currency. There is an earlier link to the creation of the Chicago Board of exchange. I will discuss this in
the next post.

Links to Friedman and Chicago

In 1963 Milton Friedman released a book, “Capitalism and Freedom”. In the 60s, there were many who
supported socialist and anarchist ideas. This is more widespread than ever now. The result was that
only the Times of London would review this book. The Times reprinted a review that was originally
published in the Economist of London (this was not favourable) and ran a small but positive review of
Milton Friedman’s masterful work. What is really unfortunate is that every other paper on Earth
rejected this book – and it was on the best-selling list as number 1 for over a month.

For those of us born in the late 60s and 70s and who learnt enough to reject the ill-conceived ideas of
the time we were able to grow up listening to and watching the series “Free to Choose”. The show
aired in the 80’s and we can see ideas expressed by Satoshi in this book. In the end, Milton Friedman
even admitted the problem of working with government. Satoshi was a libertarian. This is someone
who follows an Austrian / Rothbardian School of economic thought and it comes clear in the response
he had to the government’s actions in 2009.

Dushi reviewed the later book in China with a title called “Not so free to choose” by author Nan
Shizhong. The book inspired Wu Xiaoying and and Zhang Weipang who did a good deal to open up
China to capitalism (although slowly).

Free to Choose sold over 200,000 copies in Japan.

After the 60’s, the Times was one of the first newspapers to change. This paper called “Capitalism and
Freedom” one of the “hundred most influential books since the war” and started to promote Milton
Friedman. We can compare this to the New York Times was promoting Krugman. The following was
later in the year, but it gives us the flavour of the writing:
The Guardian… Nothing good to say.

The Times promoted Dr Freidman in the UK where he was taken seriously. The US, well they rejected
him:
Thatcher for all her flaws was a remarkable woman and took what Friedman had said and make the UK
a far better place, So, it is simple to see why a libertarian such as Satoshi would have chosen The
Times. It was a paper that did a good deal to promote both Friedman and Sowell.

So, before we start making assumptions about a utopian anarchist or socialist reality we need to think.
Satoshi was not a socialist and he was not an anarchist, bitcoin was never designed for either of these
philosophies. So, although many seem to want to subvert it to their own ends, the simple truth of the
matter is that bitcoin is libertarian and this is a free market approach to capitalism. The free market
embraces everything that allows people to trade openly. That has value in people’s rights and
property. It does not dictate to others what they should and should not believe but encourages them
through profit and incentivises behaviour based on what the majority are willing to pay for.

I do not see a call to tear down the banks and the message inscribed upon the foundation of bitcoin, I
see a free market money, one without central controls and one without manipulation. This is what
people want to subvert. This is why they leave the cap on bitcoin and refuse to raise it. They
introduced an artificial scarcity that the protocol was not designed to have and use this to drive bitcoin
towards a different system one that they can control and one that bitcoin was never designed to be.
Myth and Reality, Security is Really About Economics
By Craig Wright | 23 May 2017 | Bitcoin & Blockchain Tech
Many people, likely the majority, who work within the information security industry hold a misconceived
notion that information security is about technology and tools. They believe that cryptography is the answer
to all problems associated with risk and trust. Unfortunately, the same attitude has crept into bitcoin. It is
insidious and it is wrong.

Security is more about economics than it is about technical tools. Yes, it is nice to play with the new technical
toys and used wisely these can aid in securing a network, but no technical tool alone is effective. They all
require management and maintenance and monitoring or they were little more than expensive toys. I’m
hammering home this point having seen many organisations spend lots on implementing the latest tool
only to leave it and neglect between audits. Computer security is an oxymoron. It is a contradictory term. It
does not matter how good the encryption is if people do not implement it wisely and monitor its use.

The merger of Yahoo and Verizon was valued at over US$4.8 billion. This merger was nearly derailed following
a series of data breaches that exposed customer information. We have recently seen black-market extortion
schemes, hacking the hire and Internet piracy is as rampant as ever. This is not going to stop any time soon.
Our entire model is broken. We move security into centralised systems that become more and more
tempting to attackers. This is not a cyber flaw, it is a flaw in the economics of the model. Peer models do not
make anything inherently secure. What they do is distribute the risk.

An attacker seeking to breach a credit card company can make massive gains attacking a single system and
stealing a single database. Conversely, attacking a distributed database such as the one used by bitcoin is
infeasible. The reason for this is that none of the keys that control access to the ledger are stored within the
Blockchain itself. These are distributed across a myriad of diverse systems. An attacker can target any one of
these systems and at best will gain access to the funds held by an individual. If that individual has a lot of
funds, they can distribute these on multiple systems.

Using a combination of tools and techniques, this individual can hold keys in multiple locations. The
cryptography involved in bitcoin is not particularly special EcDSA has been around a long time and is widely
implemented. It is the economics of the system that make it particularly special. And this is the aspect that
most people don’t understand.

People believe that you need to validate your own transactions, this could not be further from the truth. It is
not whether you have a valid transaction, it is whether the entire network recognises your transaction. In fact,
even if you should find a discrepancy in your transaction, if it is accepted into the majority of the nodes that
mine bitcoin, then your transaction will be accepted in the way that the miners agree. Any node votes on the
acceptance of a transaction purely through mining. Any wallet that disagrees with this process is simply
isolated. No matter how many wallets disagree, they can never form a consensus.

The reason for this is that the miners on the network create blocks as transactions are propagated and
updated within the ledger inside blocks. So, contrary to popular wisdom, there is absolutely no advantage in
running a full node unless you are a merchant monitoring the double spends or a miner. In fact, even were
90% of the nodes to initially reject the transaction in favour of a double spend, as the majority of miners will
have worked on the initial transaction, the transaction in a wallet will be reorganised when the new block
comes.

Because wallets failed to create blocks at all, they have no say on the network. At present, they are not
needed for propagation of transactions and their removal would actually make the network more efficient.
There is a reason that Satoshi called these non-mining wallets SPV wallets.

It is extremely simple. As a wallet can only veto its own transactions and its own blocks, it has two options:

Isolate itself from the network, or

Accept the transaction and new block.

In order to form consensus, the system requires a majority of mining nodes to accept a block. It’s a very
simple concept. If you’re not creating a block through mining, you cannot engage in the consensus process.
At best large well-connected wallets could interfere with propagation, but as the network is so densely
connected, this matters little at all even for the largest connected wallets. We can use an analogy of voting
with the people going into the poll and casting a ballot as the miners. The wallets of those people who do not
vote but picket outside, the best that they can hope for is to slow down the propagation of a transaction.

At worst, the wallet who decides to ignore the transaction rules that are agreed in consensus through the
distribution of blocks is simply isolated. No transaction that they send outside of the ledger will have any use
or meaning.

The benefits of bitcoin include decentralising control of our money. This does not mean running a full node, it
means the ability to hold our own keys. Any individual can create a raw transaction and send it onto the
network from any machine connected to any part of the Internet. If they can validly sign that transaction and
it meets the consensus rules on the network, it does not matter if they created the transaction by hand.

The truest check of your transaction being accepted is other machines having accepted. Not your machine,
the other machines on the network. We have to rely on the former trust models to understand how bitcoin
has truly changed our environment, our money and eventually our entire system. It is not running a node
that is important, it is ensuring that our transaction reaches a node. This requires highly interconnected
mining systems that link to exchanges and online wallets. There are zero benefits in running your own wallet
if you don’t mine. Anyone who does not see this fails to understand bitcoin.

The Economics
The most overlooked aspect of bitcoin is the use of
economic incentives. Many in the industry consider
this the weakest part of the system, the reality is this
is the true strength. Attackers are more rational than
many others [1, 2]. As much as we like to deny this
fact, cyber criminals and other economic criminals
are generally more rational than the average person
and exhibit a higher risk tolerance than a more law-
abiding citizen. In [1], Wright expressed the
economic truth;

More security costs = higher costs to the consumer.

Higher expected loss from risk = higher costs to the consumer.

It is astounding that most people do not understand this. The notion that “Criminal groups act as profit
seeking enterprises, and the ability to shift the economic returns away from this activity results in a lower
amount of crime” [2] this simple to understand when you think about it even though it seems counter-
intuitive at first.
Bitcoin works in the same manner. The more we delve into the system and truly understand it, the more we
can start to see that this is a system created through economic incentives. It does not use the most modern
cryptography, it doesn’t use the coolest security technologies, what it does is truly remarkable because it is
simple. It creates economic incentives.

These incentives are aligned to the securing of the network [5]. The larger the network grows, the more
secure it becomes. This begs the question, why are people seeking to limit its growth? It is the on chain
growth that makes bitcoin secure. It is the distributed consensus mechanism and the shared nature of the
ledger, so the question is why are people trying to remove this key aspect of the protocol. Why are they trying
to move to off chain solutions that mirror the traditional security models and require secure nodes and
permissioned systems?

Do they not understand the benefits of economic controls or scarcity or is there something else at play here?

Problems of Software
There is no way to make any computer or software completely secure. Every version of code will have bugs in
some of these will end up resulting in a compromise of a system. Even if an application is written with no
flaws (and this is only possible for the simplest of systems) we need to remember that it is running on an
operating system and that operating system will have numerous bugs.

More, not less is better. The key aspects of bitcoin is competition. What we need is a central protocol that all
agree on. From this protocol, many versions of software can divulge. If we have many developers working on
new front ends, new mining systems, new exchanges and new platforms, then the chances that any one of
these will be compromised in a way that impacts a large number of users will be lowered. No matter how
many bugs impact Microsoft Windows [3], it would be rare to see these impacting a Linux or Mac
implementation and vice versa.

It is about time that we stepped back and started looking at the system we purport to know. To start
understanding these controls we want to change and what impact that change will have. The core of bitcoin
is not cryptography, that is just a tool, the core of bitcoin is economic incentives.

Attacking the network costs money. There are many ways of attacking the bitcoin network. All of these
involve trade-offs in all of these trade-offs are economic in nature. Do you buy more hash power and try to
increase your control, do you buy other systems and try and inject packets, do you hire people to attack
Routers? There are many other attacks. The issue is not whether a computer system can be attacked but
whether it can be attacked efficiently. There is no such thing as perfect security and security is always an
economic trade-off [4]. None of us choose to live in a perfectly secure environment, people living in California
live in an earthquake zone, yet few of them choose to leave. All decisions and security are risk trade-offs and
the fact of the matter is that all of these are economic.

Any change of a protocol has an economic impact. Leaving the block has an economic impact as it limits the
size of the network. This was discussed before; the security of the network is directly related to the investment
in the network and the investment in the network is related to how many people use it. Not how many
people run wallets acting as non-mining nodes, but how many people invest in creating mining systems to
secure those transactions that we wish to run. Right now, we are artificially capping the growth of the
network and the result is that we are limiting the security of the network.

I will say it again, the core of bitcoin is not cryptography, that is just a tool, the core of bitcoin is economic
incentives.

References
[1] Wright C.S., Zia T.A. (2011) “Rationally Opting for the Insecure Alternative: Negative Externalities and the
Selection of Security Controls”. In: Herrero Á., Corchado E. (eds) Computational Intelligence in Security for
Information Systems. Lecture Notes in Computer Science, vol 6694. Springer, Berlin, Heidelberg,
https://link.springer.com/chapter/10.1007%2F978-3-642-21323-6_26
[2] Wright, Craig S, (2012). “Criminal Specialization as a Corollary of Rational Choice,” International Conference
on Electronics, Information and Communication Engineering (EICE 2012), Garry Lee, ASME, New York, 6 pp.
http://ebooks.asmedigitalcollection.asme.org/content.aspx?bookid=408&sectionid=38787998

[3] Ari Takanen, Jared D. Demott, Charles Miller (2008) “Fuzzing for Software Security Testing and Quality
Assurance” Artech House information security and privacy series, IT Pro, Artech House, 2008 ISBN 1596932155,
9781596932159

[4] Andreas Gregoriades, Jae-Eun Shin, Alistair Sutcliffe (2004) “Human-Centred Requirements Engineering”
In 12th IEEE International Requirements Engineering Conference, pp. 154–163, doi:10.1109/re.2004.28

[5] Andreas Gregoriades, Alistair Sutcliffe, Jae-Eun Shin (2003) “Assessing the reliability of socio-technical
systems”, Systems Engineering, Vol. 6, №3. (16 June 2003), pp. 210–223, doi:10.1002/sys.10044
The SegWit 15% attack
By Craig Wright | 25 May 2017 | Bitcoin & Blockchain Tech
It is well known that Bitcoin solves the byzantine distribution problems through a probabilistic risk
algorithm. In this scenario, it is proven that Bitcoin is safe as long as 50% of the miners respect the rules of
the system. The system is economically incentivised. Any company that has gained 51% of the hash rate
quickly lost controlling share of the network. Time and again we see that the so-called experts in Bitcoin
have failed to understand the primary controls that govern the system. It is not cryptography, it is economic
incentives.

This is no different with the introduction of SegWit as a proposal. These experts again talk about how much
they know about technical protocols and yet fail to understand again the economics that govern the
system.

I recently read a post that was distributed throughout some of the forum postings where a few people
discussed a possible attack against SegWit if it activates. In this article I’m not going to discuss this as an
attack, I’m going to take a slightly different approach to the speculation that has been floating around, I’m
going to discuss this from the point of law and economics. The technical promoters of change seem to
overlook these areas so I will take it upon myself to explore some of the less savoury aspects of a SegWit
hard fork. I say hard fork, for the reality is the SegWit soft fork as they try and call it is far less reversible than
anything else in Bitcoin’s history. This makes it harder than a diamond in a comparison scale.

Contract Law

A recent proposal by Barry Silbert has put forth an agreement consisting of two parts:

Raising the block cap to 2 MB,

Implementing segregated witness.

Each of these are done at an 80% acceptance rate in the existing protocol proposal, the first interesting
point is that these are not linked. If miners signal to raise the block and failed to implement segregated
witness, then by the agreement, the cap needs to be increased. There are some interesting legal aspects to
all of this, the first is that this is a binding offer in many aspects of common law. Barry Silbert is a direct
participant and investor within Blockstream and this company funds many of the core developers. If we
take the decision of [1] Lord Reid in Tesco Supermarkets Limited v Nattrass, we see that the common law
has derived such that liability can account for associated action. This is something that transpires when
someone is “not acting as a servant, representative, agent or delegate” of the company, but as “an
embodiment of the company”. Ties to control under company law standards and the common law mean
that Mr Silbert’s agreement can be seen to be binding in a contractual sense. The offer has been made.

The unilateral nature of the offer removes this distance from an offer to treat, acceptance is provided
electronically. In these scenarios the facts of the case always come into consideration but if we look at the
electronic commerce directive, and couple this with every student of common law’s favourite case, [2] Carlill
v Carbolic Smoke Ball Company, it becomes clear that this would be seen as an offer with acceptance
coming from the transmission of electronic signal embedded in the creation of a Bitcoin coin base on a
block creation.

The next part of any contract is consideration which is perhaps the simplest aspect. Whether we see bitcoin
as money as I would or as some people argue, a commodity, it has value. As we approach USD$2,500 each
bitcoin, we can easily see that the creation of a block that is used to signal the acceptance or rejection of a
proposal incorporates consideration. In the miner’s case however, this can be a conditional acceptance
without any implied terms, I believe that will be important later in this discussion.
The implication states that SegWit would activate, the implied terms come from the system. It is defined
within the system [3] that a majority can set the protocol rules. This is never made to be simple, but that
does not change the fact of the matter: a majority can change the protocol and the majority can undo any
change.

This fact is extremely important when it comes to something such as SegWit. With a normal protocol
change in the form of a simple block size increase, the threat does not come from the theft of coins, miners
do not get to reallocate ownership. This cannot be legally enacted and a miner who was to do this within
the standard protocol would be liable for prosecution. In many countries this would be a criminal act. The
fact of the matter is that the standard protocol within Bitcoin limits attacks leads to double spend attempts
and censoring of the format would lead to the collapse of any pool.

SegWit alters this.

Segregated witness does not mildly alter the protocol, it radically changes it. From a legal perspective, the
splitting of a chain into a segregated witness chain and a large block chain increases the risk for anyone
deciding to use segregated witness without medium and unanimous support that can be maintained for all
time.

Anyone Can Spend

The nature of the protocol change is in some ways insidious, in dividing the scenario technical ‘experts’ have
again ignored economic incentives. They have used the technical format known as AnyoneCanSpend to
capture the existing protocol and redirect selected transactions into a new divided protocol.

They have assured us that this is right.

They have assured us how safe it is.

They have tried to tell us this is a soft fork and it can be reversed.

I will attempt to show you how all these statements are false, let us start by considering how an economic
interest could undermine the protocol.

There are methods of making short-term gains within Bitcoin, even miners are able to lease equipment for
a limited time periods and sell the Fiat as soon as they gain any profit. I will give you an extension of one
proposed methodology of economically benefiting from SegWit.

With the current proposal, it is only necessary for 80% of the network to signal support for SegWit. This does
not say that they have to continue support nor could they be forced to do so under the protocol or under
the law. There is also the problem of intent. There is no way to definitively show that a particular miner,
especially those made up of pool members who fluctuate intended to signal and then change shortly
afterwards moving a signal to reject SegWit from acceptance.

I won’t go into the full technical details in this post, rather, I will document a simplified version of the attack.
More complex versions have been discussed in technical forums. The most effective version of this requires
around 50% of the hash power this example will be discussed in a simplified version without all the
technical details.

Let us start with the first presumption. There is a group or pool or even an individual miner with control of
30% of the network. And the more secretive version of this action, a mining pool would require only 15%. We
will ignore the 15% “attack” as that could be individually deemed to be legally questionable.

The 30% action would breach no laws even though it could result in the appropriation of funds. Not double
spends, but the redirection of bitcoin wealth, if taken and distributed quickly this could be extremely
problematic.

The pool attempting to subvert the SegWit activation could simply stop signalling. If they stopped mining,
stopped making temporary losses through consuming electricity and slow down the operation, this would
result in the hash rate dropping to 70% of the former amount.

If 40% of the network had been signalling in opposition to the introduction of SegWit, and now we are left
with 20% of the signalling network against and the remaining original 60%, the network will see over 85%
support for SegWit.

Turning off network power would not be considered a violation of one’s legal rights to engage in a later vote
in the system, that vote could be self-funded. A speculative option could be taken on the primary chain,
Bitcoin in its native form or with a larger block size as a long option. Alternatively, the SegWit coin could be
shorted.

As one chain collapsed, it would fund the rise of the other.

Segregated witness, even with the block size increase, remains incredibly limited, a 2Mb block cap still only
allows 10 transactions a second. An individual with a raspberry Pi and the dial-up modem could flood the
network with small transactions making segregated witness less effective and aiding in the creation of
value from the short. More than this, the change in support would allow this block split and the scenario.

At 51% of total hash power, an anyone-can-pay segregated witness transaction can be grabbed by any
miner seeking to do so. With the re-signalling of our pool, network hash rate would go up to 40% opposing
segregated witness again. An external party could use a temporary cloud mining contract to add an extra
short term 15% hash rate to the network. Coupled with the combination of a long and short scenario which
can be done through multiple accounts on anonymous exchanges, 51% of the network would now oppose
segregated witness and incorporate larger blocks.

Our 15% pool would be able to gain just under one third of transactions on the split network. Remember
this is coupled with a degraded segregated witness chain that is unable to process the majority of
transactions through an extended rebroadcast of large numbers of complex segregated witness
transactions. The combination of a long and short drains funds from one source and adds them into
another. This is of course market manipulation, however location varies in bitcoin mining and this attack is
even legal in some jurisdictions.

What is insidious is that the 51% now allows for the theft of funds. This cannot happen in Bitcoin, it can
happen in segregated witness coin. In segregated witness coin, the 51% attacker does not just have the
ability to reverse a transaction or block transactions, they have the ability to redirect them to their own
payment address. This is part of the protocol. Contractually, it is paid to anyone’s address and the offer has
been accepted.

We like to think that technical solutions will help us with everything.

Anyone who has actually run a business will understand economic incentives mean far more than technical
toys. We have a protocol that can scale and we have proposals that come with risk, no actually great risk
and few benefits.

A party who decided to falsely signal could gain the support of those who seek larger blocks and yet also
oppose the introduction of SegWit. This false signalling could be done with as little as 15% of the network
hash power.

The offer has been made, consideration is inherent in the system. We wait to see whether someone will take
up this offer, move funds into segregated witness addresses and whether that is enough incentive for a
party to attack the network. Much has been made about the Litecoin network’s adoption of segregated
witness, however Litecoin has a lower transaction volume than Bitcoin and a higher effective cap which
makes them a very poor testbed. Arguments that money has been put into Litecoin addresses failed to take
the incentives structure into account. Buying hardware for Litecoin and trading Litecoin are far more
difficult than Bitcoin due to the limited exchange volumes and liquidity.

The incentives in Bitcoin are massive.

What is worse, this is an incentive for those wanting to destroy Bitcoin., attacking the existing network
would be difficult and expensive. Any government or large organisation seeking to attack Bitcoin could
actually profit with the introduction of segregated witness.

There are many governments and there are many organisations that would like to see the end of Bitcoin,
and with segregated witness we may just be handing them a gun, checking that it is loaded and holding it
to our own heads as we put the trigger in their hands.

As a standard disclaimer, I am neither your lawyer, nor am I suggesting that you engage in any criminal
activity. I am simply pointing out a highly likely scenario given the incentives involved.

References

[1] Lord Reid in Tesco Supermarkets Limited v Nattrass

“I must start by considering the nature of the personality which by a fiction the law attributes to a
corporation. A living person has a mind which can have knowledge or intention or be negligent and he has
hands to carry out his intentions. A corporation has none of these.”
page14 http://law.unimelb.edu.au/__data/assets/pdf_file/0006/1709583/29-201345.pdf

[2] Carlill v Carbolic Smoke Ball Co [1893] 1 QB 256 Court of Appeal

https://www.australiancontractlaw.com/cases/carlill.html

[3] Nakamoto, Satoshi (2008) “Bitcoin: A Peer-to-Peer Electronic Cash System” https://bitcoin.org/bitcoin.pdf
Segregated witness or separated legality
By Craig Wright | 27 May 2017 | Bitcoin & Blockchain Tech
I have been reading a fair bit lately on forums such as Slack, these have me thinking.

My first concern started with possible patent infringements that people had been attributing to segregated
witness. That in itself is an issue, however, there are larger legal concerns. My biggest problem having
studied law is this ill-founded conception that has been promulgated by several of the most prominent
people within the bitcoin community. The message is simple:

Code is Law

This misguided attempt to believe that Bitcoin is above society will damage it all in the end. Code is
developed by people, mathematics is a construct created by humans it is not perfect, and even the
blockchain does not stop fraud. The level of ignorance that I see expressing the misconception that this can
be the case never ceases to astound me. I apologize in advance for this rant, but this idea is simplistic and
childish, and it is extremely adolescent. It is one of many memes that have propagated through people who
seek to deny reality. What’s worse is when Utopian ideals come to pass.

This is why I have been expending any energy on this topic in no more than a simple preliminary post, to
flesh out the consequences will take time and effort. I only truly started looking at this recently after
following several of the online discussions. I thank those people for pointing out this scenario.

In this moment, I’m not sure of the depth of the problem, however there is at least a medium level of
concern right now and this is before I have investigated in any depth.

The main concern I see is that the process of separating the signature data from the transaction record and
contract used within segregated witness could be a problem. There are two ways of looking at this, the first
comes down to the perceived savings. It’s been widely touted that segregated witness will save up to 60% of
the storage space associated with the blocks. As one who thinks deeply on legal problems, that immediately
started me thinking.
Signatures have a legal and probative value.

Segregated witness doesn’t necessarily make a transaction or any associated contract inherently invalid or
legally unenforceable, please do not misunderstand me at this point. As long as you maintain a complete
copy of the signature data, all the information that they tell you is able to be easily pruned, then you
shouldn’t have any real issue in the attribution of the signature to the contract. Of course, we are assuming
that most parties, not just a few selected archive nodes, will keep a complete copy of all witness data and
that it will be available on request and without fee.

Following that sentence, the first thing I think about is the cost of accessing information for legal cases.
Some people wonder how archive nodes will be funded, personally, having access to a Thomsons Reuters
account concerning legislative search gets me thinking that this could be quite a lucrative business. That of
course does not help the majority of people.

Proof Attacks

There would be a good argument that makes a transactional contract or associated record highly
vulnerable to proof attacks.

Let me explain a little on this concept.

The following excerpt does not express any level of stare decisis, that is the legal principle of determining
points in litigation according to precedent, rather it expresses well the point I seek to make in a simple
format that I believe people without a law degree can well comprehend:

When the party with the burden of proof attacks the legal sufficiency of the evidence to support an adverse
finding, the party “must demonstrate on appeal that the evidence establishes, as a matter of law, all vital
facts in support of the issue.” See Dow Chem. Co. v. Francis, 46 S.W.3d 237, 241 (Tex. 2001) . In reviewing such
a challenge we, “must first examine the record for evidence that supports the finding, while ignoring all
evidence to the contrary.” Id. “If there is no evidence to support the finding, [we must] then examine the
entire record to determine if the contrary proposition is established as a matter of law.” Id. The legal
sufficiency challenge will only be sustained “if the contrary proposition is conclusively established.” Id.

In court, when a party with the burden of proof attacks the factual sufficiency of the evidence, it is necessary
to demonstrate that the adverse finding is against the great weight and preponderance of the evidence.
This requires a factual sufficiency review. When common tools such as SQL are being examined this is a well
determined matter, Bitcoin itself uses a standard transaction signature that is attached to the transaction. I
see no difficulty based on existing case law in arguing this point.

Being that the signature data is separated from the transaction record, multiple transaction steps are
required to recover the data. The process of linking each of the various Merkel trees, and the signatures, and
reporting the numerous steps in the chain of authenticating evidence, and the accuracy of the data, this is a
difficult enough process when a digital signature is directly attached to a document. There are numerous
steps in the chain of authenticating evidence which all lead to the accuracy of data and the ability to have
evidence accepted in a court.

Linking the exact signature data back to the corresponding transaction is of course feasible. The technical
knowledge associated with this process and the corresponding difficulty that would be associated with
these findings being converted into language that a judge could easily understand, let alone a jury, starts to
give me headaches.

I can foresee challenges in the proof of the transaction for legal purposes and disputes which would apply to
courts of both civil and criminal law matters, and I’m not sure even if this would apply correctly when
administrative law is taken into account. Laws governing corporations in the US incorporates several
inclusions to digital signature rights and processes that are legally accepted and require the direct
association of a signature with the document. The ability to re-attribute a document is in itself not a direct
attribution and it is certainly not attached.
SEC filings and audit requirements could also be a problem. Many in the code is law side of the Bitcoin
community do not understand that a pseudonymous system such as Bitcoin makes many types of fraud
simpler and not more difficult. The classical case of an organisation running two sets of books immediately
comes to mind. In this, the organisation can run a set of transactions in the blockchain as well as another
that are mirrored on separate hopped transactions also located on the bitcoin blockchain.

Classic stock fraud would also be trivially simple using the blockchain. The fraudster could create multiple
statements that could be validated to show how they knew the movements of a share in advance. This
could of course be applied to any equity or other speculative investment. After the event, the fraud would
involve simply pruning those that did not make money and demonstrating the set of documents that prove
your ability to predict after the event.

Those difficulties coupled with the added problem of re-incorporating signatures would make audit
requirements difficult to say the least.

Financial services

Financial services organisations would be my main concern. As a minimum requirement, I cannot see that
any of them would be legally allowed to prune any signature data. Some of the more restrictive document
retention laws could require that they maintain this data for a period of over 95 years. Given the age of the
Internet let alone bitcoin it is ridiculous to have any presumptive requirement of an ability to prune
signature data.

Financial service providers in the US at least have a utter jungle of laws that they are required to comply
with lest they fall into a regulatory quagmire. Not least of these laws is the requirement to keep records of
transactions, it would be insufficient to simply rely on a third-party document provider. Many in the industry
such as some of the early adopters like Charlie Shrem discovered how easy it is to violate these regulations
the hard way.

Consequently, I can see no way for either miners, wallets, exchanges or other bitcoin providers to ever allow
themselves to prune information associated with signatures. The idea of being able to do this and not
breach financial services legislation within the US is at best opportunistic and at worse criminal. The tortious
nature of claims against organisations failing to maintain this information can be easily foreseen.

I am yet to investigate all the intricacies that are associated with segregated witness, particularly those of a
deep technical depth. At this point I already have to express concerns, not with the technology but with the
claims, I really fail to see the ability to save space. I see that anyone running a node could potentially be in
breach of certain financial services legislation within the US that require the retention of documents. In the
coming weeks I will investigate this further, but for the moment, I simply note that this is something to
consider strongly.

I advise any organisation considering the adoption of the strategy to look deeply into the impact of
removing a digital signature from a transaction.

Please note, this is not legal advice and I am not your lawyer.
Nodes
| 13 Jun 2017 | Bitcoin & Blockchain Tech
By Craig Wright
It’s become quite clear to me that the terminology within bitcoin has been hijacked.

The paper is extremely clear about what a node happens to be:

A node in bitcoin is a miner. There are no exceptions. Anyone who is running anything that is not mining is only running a
wallet.

The thing people really don’t understand is that what matters in bitcoin comes from block consensus. The idea that you
need to check your own node to know that a transaction is going through is ludicrous and it doesn’t matter anyway,
your transaction goes through because it is incorporated into a block. The only way that you can get a transaction into a
block is for it to be received by a node. That is the system that is mining your transactions.

Sitting and watching your own system means nothing. If you are not creating blocks you are doing nothing for the
network, you are not helping it propagate. You are not helping it validate.

There is never been a single time in the history of bitcoin when any transaction or any block has been rejected other
than as a result of miners rejecting it.

The point is, if you’re not creating blocks, you’re only following the nodes. At this point I will emphasise once again that
a node is a system controlled by a mining server. It creates blocks. If you look at the early code it was documented very
clearly. [1]

And this is detailed in the code comments [2]:

Personally, the comment stating that nodes collect transactions into a block
et cetera is rather clear. If you are not mining you are not a node.

This should be intuitive. There are few hops between getting your transaction from your machine and into a mining
node. There are rarely ever two hops in the bitcoin network other than regarding systems that have nothing to do with
mining.

Let’s do a little thought exercise.

Imagine you have a computer that has nothing to do with mining, it’s running a wallet. You receive a transaction that
you consider invalid, what happens? Basically, you don’t forward this to any other system.

In effect, you do nothing.

What if you receive an invalid block? Again, you simply don’t propagate it, you do not tell other nodes that that is a bad
block, all you do is ignore it. Now, and this is the bit that people seem to have real difficulty in understanding, doing
nothing changes nothing. If you’re mining and you reject a block it means you don’t mine on top of it and you select an
alternate fork. If you’re not mining you don’t select an alternate fork. You don’t create blocks so you don’t propagate
anything other than what you been told about.

This is the simple flaw in this half-baked reasoning about the need to have people running raspberry pi’s, they do
nothing.

It doesn’t matter if you don’t accept the transaction unless you mine, you don’t have any say in the structure of the
Blockchain unless you mine. This idea of a validator, unless you’re mining does not exist. You can audit the Blockchain if
you so desire, but for that there is no reason to ever keep a copy. Once you have validated to a certain point, if you write
down the hash of the last block and prune from there, you are gaining no security at all through the process of keeping
all the old transactions and validating them over and over.

All that matters are machines that mine.

Now, the first thing we need to understand is that all encryption systems are probabilistic. Password systems and any
modern information security system works on probabilistic information. The so-called experts who talk about the
probabilistic system of bitcoin fail to comprehend that strong encryption is probabilistic.

To me, it seems very clear. You can download block headers invalidated transaction has been received without needing
to be a miner. The current terminology where block stream has been trying to tell us how we should run “ running a full
network node ”s runs directly in contradiction of what it says in Satoshi’s White Paper.

I think that it is about time we start looking at all these changes and what people are seeking in their attempts to hijack
the network.

[1] See the following:

https://github.com/trottier/original-bitcoin/blob/92ee8d9a994391d148733da77e2bbc2f4acc43cd/readme.txt#L34

And note that all the checks are within the “Miner” function for block validation:
https://github.com/trottier/original-bitcoin/blob/92ee8d9a994391d148733da77e2bbc2f4acc43cd/src/main.cpp#L2133

https://github.com/trottier/original-bitcoin/blob/92ee8d9a994391d148733da77e2bbc2f4acc43cd/src/main.cpp#L2333

[2] https://github.com/trottier/original-bitcoin/blob/92ee8d9a994391d148733da77e2bbc2f4acc43cd/src/main.h#L795

So… only miners are nodes

Life-cycle hypothesis
By Craig Wright | 19 Jun 2017 | Bitcoin & Blockchain Tech
The life-cycle hypothesis is a relatively simple model based on a micro-economic analysis of family spending
habits that was developed by Franco Modigliani and Richard Brumberg (1954) in the early 1950’s. It sure has
many similarities with Friedman’s (1957) model of income expenditure. The primary assumptions of each
model start with an assumption that consumers seek to maximise the utility they obtain through both their
current and future consumption habits. In each theory, it is assumed that the only effects that will influence
current assumption are associated with long-term income changes. In each model, temporary fluctuations
in income level would be saved or invested rather than being consumed.

This model contradicts the opinion expressed by Keynes (1937) that put forth an argument that “a greater
proportion of income being saved as real income increases”. In Friedman’s model, the consumer plans over
an infinite of time, this assumption is made through the inclusion of planning for one’s descendants.
Modigliani took the alternative approach of limiting a consumer’s expenditure in planning period to be
limited to their individual lifespans. This model incorporates a belief that a consumer saves to secure the
consumption across their retirement age. Many economists use the income hypothesis (Friedman, 1957)
and the life-cycle hypothesis (Modigliani & Brumberg, 1954) interchangeably.

The theoretical basis of the Life Cycle Hypothesis of consumption

Franco Modigliani and Richard Brumberg proposed a theory of spending (Modigliani and Brumberg, 1954)
that used the concept of a utility function from an individual consumer that is based on rational decisions
concerning the amount of expected income that the consumer will have and the amount that they can
spend at each age. The only limit on this spending model was the limit of the resources that are available at
each stage of the individual’s life. They extended this idea to incorporate the idea that the consumer
maximises utility at each period subject only to the level of current income, discounted future income and
current net worth (Ando and Modigliani, 1963).

This model was predicated on the assumption of rational expectation (Muth, 1961). Following the criticisms
of Keynes’ consumption function (Keynes, 1937), researchers including Kuznets (1952) and Goldsmith (1955)
conducted an econometric analysis of these early models. These early results appeared to refute Keynes’s
work and have led to the development of many of the mainstay theories surrounding the life-cycle model of
consumer spending. The life-cycle model does not require that there is any rigorous relationship between
consumption and income in any short run period. Consequently, as Modigliani’s theory incorporates the
individual’s expected lifespan as the planning unit for an individual’s consumption, the theory has come to
be known as “life-cycle hypothesis” (LCH).

Modigliani relies on two primary assumptions that are central to the hypothesis:

1 Each individual plans to consume the income added even right throughout the lifetime;

2 The individual utility function that is created by the consumer forms I proportion of the resources that that
individual plans to consume in any given period of their life. This consumption is determined only by the
consumer’s preferences and not by the resources managed at any point.

Development of the Life-Cycle Hypothesis

Consumption has been the cornerstone of macroeconomics throughout the last century. Researchers such
as Mitchell (1913) started using a theory of cyclic expansion to explain under-consumption within the United
States. It was with Keynes where this was developed into a systematic study relating to nations
macroeconomic performance to consumption. In “The General Theory of Employment, Interest and Money”
(Keynes, 1937, Page 90), Keynes uses a simple equation to demonstrate how expenditure on consumption
can be determined:
(1)

In Equation (1) represents consumption and models income. To define the form of this function, Keynes
argues, “men are disposed to increase their consumption when their income increases, but not by as much
as the increase in their income” (Keynes, 1937, Page 96). From this, the derivative forms a constant that is
referred to as the marginal propensity to consume. The predominant influencers to the propensity to
consume are categorised to the objective factors and the subjective factors. Here objective factors include
but are not restricted to:

· Movements in price level,

· Variations in the worth of capital, and

· Fluctuations around the interest rate.

Subjective factors cover the “animal spirits” as motives to consume and incorporate pleasure, generosity
and indulgence. In this model, apart from variations in the prices, all other factors normally don’t alter the
marginal propensity to consume (taken over short run periods). Hence, Keynes argues that once the price is
removed as a factor, the level of consumption is predominantly contingent on income level.

Later economists (Modigliani, 1944; Duesenberry, 1949) have introduced modifications to Keynes’s original
equation. In Equation (2) we see an early relationship between consumption and linear income where
represents the marginal propensity to consume and is the coefficient of Y.

(2)

In this model the relationship between consumption and income is linear. This is argued as consumers must
spend to consume on life’s necessities just to ensure subsistence and thus this model is said to work even if
individuals have no income.

A more recent and more complex version, known as the two-period consumption model is represented in
Equation (3).
(3)

In this, Keynes’ consumption function is extended to incorporate two variables:

· Labour Income:
· Property Income:

Ando and Modigliani (1963) made an argument that property income is a function of the high-income
consumers and that these individuals have a lower propensity to consume. The result is that (the coefficient
of) would correctly be smaller than (the coefficient of).

Modigliani and Brumberg further extended the two-factor consumption model to flatten consumption
patterns over an individual’s lifetime in a manner that is independent of current levels of income.

Then construct an equation that relates current consumption with its determining factors:
(4)

In Equation (4), current consumption is a linear, homogeneous function of current income, expected
average income and preliminary assets. The coefficients depend on the age of the consumer (Modigliani &
Brumberg, 1954). The variables and coefficients are defined as:

· represents an individual’s current consumption,

· and Y^e relate to existing and expected income,

· L represents the life span of an individual consumer,

· N represents that consumer’s length of time used in earning, and

· represents one’s assets at the beginning of the time-period.

Per Equation (4), current income effects current consumption only to a trivial degree. As the consumer over
their remaining life span must evenly distribute income, it remains that a minor portion of any change in
current income is all that will be allocated towards current consumption. Ando and Modigliani (1963)
developed this theory to incorporate an aggregate consumption function for the life-cycle hypothesis. The
result they obtained is substantially the same as Equation (4).

In the LCH, it is possible for a consumer’s expenditure to exceed income. This will occur through the making
of major investments (the purchase of a family home) and investments in human capital (university studies)
and is common early in an individuals’ life. AT this stage, the individual is said to be borrowing against their
future. In this model, middle life is generally associated with increases in income and savings/investment.
During this stage in life, the consumer repays loans and starts a savings fund for retirement. The last phase
is associated with retirement, and in this stage, the consumer reduces expenditure and dis-saves until
death.

It is argued that an individual will be more or less inclined to borrow against their future early in life
dependent on their expected levels of wealth later in life. This is a function of the individual’s anticipated
skills, talents, and initiative and is related directly to the degree to which an individual believes that they can
later repay those debts and to how much they discount later activity (time preferences). An individual who
does not believe in their future ability to earn would express higher rates of time preference which comes
with a greater discounting of future activity.

Is the LCH viable given econometric data?

The LCH sees consumers storing and expending assets across different periods of their life. The consumer
makes provision for retirement and modifies the consumption pattern throughout their life and at different
ages independent to the income received at each age. This is a simple theory that can be developed into
economy-wide predictions of consumer behaviour. The LCH leads to a further hypothesis that national
savings are dependent upon the growth rate of the national income and not its level at any point in time. It
further predicts that the aggregate wealth of the entire economy is related to the length of time that
consumers throughout the economy spend within retirement.

The predictions posited using the LCH were unable to be tested in the 1950’s but have received Later
empirical support (Modigliani,1966). More recent econometric methods allowed researchers to test these
theories more rigorously. Keynes’ consumption function (1937) was generally accepted early on. With the
increased ability to test the validity of economic theories started to become possible using time-series data,
evidence started to be uncovered that conflicted with the theory. In the General Theory, Keynes claims:
“The fundamental psychological law, upon which we are entitled to depend with great confidence both a
priori from our knowledge of human nature and from the detailed facts of experience, is that men are
disposed, as a rule and on the average, to increase their consumption as their income increases, but not by
as much as the increase in their income.” (Keynes, 1937, Page 96)

As such, with a rise in the level of income, the ratio between saving and income was predicted to increase
correspondingly. Kuznets (1952) analysed saving patterns using data from the United States over the period
1899 to 1949. This study reported no significant increase in the ratio of savings. This was noted even as the
levels of real income was demonstrated to increase significantly during this same period. Goldsmith (1955)
confirmed these results.

The United States

Studies connected to the life-cycle hypothesis have been conducted by many economists and are
becoming more commonplace as the creation of econometric tools as allowed for more robust testing
methods. Robert Hall (1978) claims that empirical research focusing on the consumption function fails to
address the endogenous distributions of income. Accordingly, the allocation of income into the
consumption function as an independent variable would distort the estimated function to a significant
degree. Hall (1978) offers a different method where he treats consumption as a random walk, this is
expressed in Equation (5):

(5)

Equation (5) resolves the problematic aspects of endogeneity, the problem is that this may offer little in
explanatory power. Equation (5) states that present consumer spending is disparate to all other economic
variables that are associated with any prior previous period. From this, the current consumption (and a
random error) is all that would be required to predict future consumption.

From Hall’s analysis, he presents the result that “the pure life cycle hypothesis… is rejected by the data”.

Doubts concerning the rationality of consumer behaviour have been further voiced following the 2008
financial crisis. Cynamon and Fazzari (2008) present a model of consumption and financial behaviour that
holds consistently both prior to and during the financial crisis. Their model offers an alternative description
of consumer behaviour to the LCH.

Cynamon and Fazzari’s (2008) theory of consumption and financial behaviours delivers a more logically
reliable account of behaviour when tested against the data using modern econometric methods and tools
than does the LCH.

Various works that are critical of basic concepts of the life-cycle model include Campbell and Mankiw (1989),
Palley (2002) and Setterfield (2010). The above-noted work of Cynamon and Fazzari theory (2008) that
extends Duesenberry’s (1949) model of relative consumption also demonstrates flaws in the LCH. In this
work, regression results indicate that some balance sheet variables are significant in the consumption
function, even though they are not expected to be so under the life-cycle framework. Modigliani’s Life Cycle
hypothesis fails to explain the data when exposed to econometric time-series models.

Japan
David Horlacher (2002) notes that:
“If the LCH is valid, then evidence should reveal an inverse relationship between the elderly dependency
ratio and the household saving rate. Studies by Horioka based both on cross-sectional and time series
evidence have confirmed that there is such an inverse relationship”.

He proceeds to present evidence that the elderly do dis-save. The problem here comes from findings () that
demonstrate the elderly don’t dis-save as quickly as the model predicts. As Dekle (1990) reports, “the
Japanese are keeping their wealth intact”, a result that does not accord with the LCH.

One rational purpose for this disparity is reported by Bernheim, Shleifer and Summers (1985). This is that
most families seek to leave a bequest and aid their children, a particularly strong motive in Japan even if
Horlacher (2002) dismisses it.

Conclusion and criticisms

Given that the life-cycle hypothesis describes the long run behaviour of consumers, a short run testing
model is insufficient. OLS can only be used in an analysis of the short-term models. The models of both
Friedman and Modigliani are based on long term effects and many earlier tests based on the use of OLS
alone may be inadequate. Many models based on the use of applying OLS to macroeconomic data may lead
to spurious results.

Palley (2002) reported that by the start of the 2000’s, the average debt-income ratio of households with
income under USD $50,000 [1] was 298%. This alone demonstrates errors in the assumption of rational
planning in the LCH. In the 2008 financial crisis, the long-term ability to maintain household debt growth
was further discredited with household liabilities starting to drop abruptly.

We conclude that these variances in consumer debt are not explained through the models developed by
Modigliani and Brumberg (1954). Consumer expenditure in the United States and Japan seem to be
explained more effectively using models such as Campbell & Manikiw’s (1989) “explanation of “Rule of
Thumb” consumers that long-term rational planners.

Many researchers (Fuhrer, 1992; Mayer, 1973; Mulligan, 2014) have empirically demonstrated that the
estimates suggest that, in the short run (at least), consumers will respond more vigorously to a temporary
policy change than the LCH would predict (Fuhrer, 1992).

The LCH obscures the relationship between current consumption and current income. Ando and Modigliani
(1963) propose that the analysis of the association of current consumption to the present value of the whole
future income for a consumer advocates that an alteration in current income not attended by an alteration
in the planned future income would lead to a relatively minor alteration in the existing spending behaviour
of a consumer. Individuals do not and could not be seen to have all the information that they require to
make a complex calculation of their upcoming income decades into the future. The assumptions of
spending patterns are likewise unrealistic.

No definite vision of life-time income, credit rates over one’s life, family structure, opportunities, etc. could be
viably imagined by any individual no matter how rational they are.

References

1. Asteriou, D and Hall, S. G. (2007). Applied Econometrics. Palgrave Macmillan: New York, N.Y.

2. Ando, A. and Modigliani, F. (1963). The “Life Cycle” Hypothesis of Saving: Aggregate implications and Tests.
American Economic Review, Vol. 53, №1, Part 1(Mar 1963), pp. 55–84.

3. Bernheim, D. B., Shleifer, A., Summers, L. (1985)The Strategic Bequest Motive, Journal of Political Economy

4. Campbell, J. Y. and Mankiw, G. (1989). Consumption, Income and Interest Rates: Reinterpreting the Time-
Series Evidence. NBER Macroeconomic Annual.

5. Cynamon, B. Z. and Fazzari, S. M. (2008). Household Debt in the Consumer Age: Source of Growth — Risk of
Collapse. Capitalism and Society, 3, 2, Article 3.
6. Dekle, R. (1990) Do the Japanese Elderly Reduce Their Total Wealth? A New Look with Different Data,
Journal of the Japanese and International Economies

7. Duesenberry, J. S. (1949). Income, Saving and the Theory of Consumer Behavior. Massachusetts: Harvard
University Press.

8. Friedman, M. (1957). A Theory of the Consumption Function. New Jersey: Princeton University Press.

9. Fuhrer, J. C., (1992), Do consumers behave as the life-cycle/permanent-income theory of consumption

predicts? Federal Reserve Bank of Boston New England Economic Review (Sept./Oct. 1992), pp. 3–14 USA

10. Goldsmith, R. W. (1955). A Study of Saving in the United States. New Jersey: Princeton University Press.

11. Hall, R. E. (1978). Stochastic Implications of the Life Cycle-Permanent Income Hypothesis: Theory and
Evidence. Journal of Political Economy. 86:971–87. October 1978.

12. Horlacher,D. E., (2002) ‘Aging in Japan: Causes and Consequences’, Part II: ‘Economic Issues’

13. Keynes, J. M. (1937). The General Theory of Employment, Interest and Money. New York: Harcourt, Brace
and Company.

14. Kuznets, S. (1952). Proportion of Capital Formation to National Product. American Economic Review, Vol.
16, pp. 507–526.

15. Mayer, T.,(1973) Permanent income, wealth, and consumption: A critique of the permanent income
theory, the life cycle hypothesis, and related theories, (University of California Press, Berkeley)

16. Miles D., Scott A., Breedon F., (2012). Macroeconomics: Understanding the Global Economy, Publisher:
John Wiley & Sons Incorporated

17. Mitchell, W. C. (1913). Business Cycles. Berkeley, University of California Press

18. Modigliani, F. and Brumberg, R. (1954) Utility Analysis and the Consumption Function: An Interpretation
of Cross-Section Data. Post-Keynesian Economics.

19. Modigliani, F. (1944). Liquidity Preference and the Theory of Interest and Money. Econometrica. 1 (12): 45–
88.

20. Modigliani, F. (1966). The Life Cycle Hypothesis of Saving, the Demand for Wealth and the Supply of
Capital. Social Research. 33 (2): 160–217.

21. Mulligan, R. F., (2014) The Central Fallacy of Keynesian Economics Quarterly Journal of Austrian
Economics (11/19/2014)

22. Muth, J. F., (1961) “Rational Expectations and the Theory of Price Movements, reprinted in The new
classical macroeconomics. Volume 1. (1992): 3–23 (International Library of Critical Writings in Economics, vol.
19. Aldershot, UK: Elgar.)

23. Palley, I. T. (2002). Economic contradictions coming home to roost? Does the U.S. economy face a long-
term aggregate demand generation problem? Journal of Post Keynesian Economics, Fall 2002, Vol. 25, №1 9.

24. Setterfield, M. (2010). Real Wages, Aggregate Demand and the Macroeconomic Travails of the U.S.
Economy: Diagnosis and Prognosis. Trinity College Department of Economics Working Paper, 10–05.

[1] At the time, this accounted for 66.2% of the total US population.
Bank lending decisions, Asymmetric information, Adverse
selection, and Moral hazard.
By Craig Wright | 24 Jun 2017 | Bitcoin & Blockchain Tech
Minsky (1975, 1982, 1986) supported the position that stability destabilises. In analysing the
development of the economy across the post-war period he proposed a basic theory that captured
Schumpeter’s (Schumpeter, 1986) dynamical change in the system that involves dynamical forces that
are so explosive that they require constraint. This constraint was proposed in the form of institutional
ceilings and floors that create a safety net for the economy. The problem with this approach is that the
success of the constraints in achieving stability altar the behaviour of the participants in a manner that
leads to “unsustainable speculative euphoria” in what Minsky (1986) called his financial instability
hypothesis. In this system, each boom will build in intensity leading to an inevitable crash that will test
the safety net. This system cycles across time with the crises becoming more unstable, more frequent
and more severe until a total collapse is possible.

Banks primarily exist for the purpose of allocating funds gathered in the form of short term deposits
and converting these into longer term loans. This process changes liquid funds into less liquid and
riskier forms of capital (Fama, 1980; 1985; Diamond & Rajan, 2001). In consolidating depositor funds and
providing credit, banks and related financial institutions reduce the amount of monitoring required in
the allocation of capital (Gorton and Winton, 2003). This process lowers the overall cost of
redistributing capital to its most effective use (Leland & Pyle, 1977; Diamond, 1984). The counter side to
this benefit is an increase in risk to the bank which is compensated through its profit margin. This risk
comes in the form of an imbalance in liquidity. Many banks have a greater liquidity of liabilities than of
their assets. In many instances, the assets held as capital by banks a long-term are prone to market
risk leaving the bank vulnerable to runs and market fluctuations. For this reason, banks can fail if they
are unable to retain ongoing lines of credit to account for depositor withdrawals as well as due to
large-scale repayment failures from their clients as happened in the 2007/2008 period. Instances
where depositors have made runs on the bank can be started because of unsound economic
conditions or even rumours. These scenarios can lead to even sound firms being left in a position that
is insolvent as they are forced to sell assets to cover the withdrawal of funds to their depositors at an
unfavourable rate(Diamond & Dybvig, 1983).

Minsky analysed the financial innovations created by profit-seeking firms, he noted that many of these
within the US were constructed in a manner that was designed to circumvent the constraints imposed
through the New Deal. The federal funds market for instance reduced the Fed’s power to curtail bank
lending. At the same time the introduction of deposit insurance and other protections allowed the
banks to believe that they were safe and that their risk was lowered. This consequently led to the
banks implementing poorer liquidity controls (Minsky, 1957), a further development was seen through
the development of securitisation. Banks could move interest rate risk away from the balance sheets
and simultaneously reduce capital requirements leading to a scenario that resulted in the 2007 global
financial crisis.

Regulatory intervention has impacted the banking industry throughout the globe and the differing
degrees a competition that have resulted can be compared across countries. Throughout the early half
of the 20th century and up until the mid-1960s it was common practice to limit competition within the
banking and finance industry, the argument in support of this practice was one of consumer
protection. Governments argued that excessive competition would lead to banking failures. The result
was an increase in regulations governing deposit rates, capital allocation, where banks could set up
branches and constraints on mergers between financial institutions. The reasons for this derived from
a widespread belief that there is a trade-off between competition and financial soundness. In this
thesis, intense competition increases the incentives to issue more risk and to engage in more risky
projects (Keeley, 1990). Capital controls are introduced to limit excessive risk-taking (Hellman, Murdock
& Stiglitz, 2000) in this model.
Others including Allen and Gale (2003) have suggested that regulation is one dimension of an all-
encompassing information asymmetry. In their model, a more chaotic and multidimensional
relationship exists between the stability of the financial system and competition within it. Information
needed to mitigate the moral hazard problem and adverse selection comes at a cost to acquire. This
cost acts as a strong endogenous barrier limiting market entry and in the model allows the entrenched
firms (Broecker, 1990) obtain a monopoly level profit achieved through rent seeking. This is
investigated in more depth by Dell’Ariccia (2001) following the work of Dell’Ariccia, Friedman and
Marquez (1999). In this work, it was argued that competitive equilibria cannot maintained due to the
failure to allow the introduction of new firms and the consequential stifling of new innovation. Shaffer
(1998) provided evidence that new firms have to compete through increased risk. The imposed barriers
to entry place before new firms by the incumbents requires the new firms to seek higher profit
through risk-taking in a manner that could lead to systemic market failures.

Sharpe (1990) put forth a hypothesis that information asymmetries can be exaggerated through the
banks repeated dealings with long-term customers or clients. This practice was known as
“relationship lending”. Rajan (1992) demonstrated that banks use this relationship to lock customers
into ongoing arrangements that allow the firm to maintain a monopolistic level of information on their
clients. Petersen and Rajan (1995) propose that this information asymmetry coupled with the cost of
obtaining information through the marketplace leads to a reduction in competition in the short-term.
They propose that deregulation of the financial services industry would provide for greater
competition between the banks opening up the scope for innovation within transactional lending. Not
all authors agree and others (Boot & Thakor, 2000) counter this argument stating that capital market
financing reduces bank competition. They propose that capital market financing leads to more limited
opportunities for relationship lending and a weaker financial sector.

The banking industry, particularly in the US has been changing markedly since the mid-1980s. The
combination of deregulation in consumer banking markets coupled with international competition on
interest rates led to what Minsky referred to as money manager capitalism. Wray (2009) went as far as
to call the second half of the 20th century the “Minsky half-century”based on the nature of these
changes.

Further changes to the regulatory structure of the financial institutions including increased
liberalisation in the structure of banks with the ability to start nationwide branches resulted in a
significant decrease in competition with many smaller banks forced to either merge into larger
conglomerates will go out of business. This was coupled to the introduction of the BASEL accords in
1998. These changes altered the capital requirements needed to be maintained by the financial
institution with the result that banks moved from highly regulated activities into increasingly risky off-
balance-sheet investments.

Changes within the European union including the introduction of the common currency, the euro
further created a series of changes with a widespread introduction of a wholesale banking market
throughout Europe (Berger, Kashyap & Scalise, 1995). The suspension of the Glass–Steagall Act of 1933
opened up new markets for banks. The repeal of this act led to the introduction of new financial
services that firms previously were blocked from offering. This not only opened up increased
competition between the banks and other investment firms and insurance companies but changed
the nature of relationship marketing within banks, allowing them to increase their monopoly on
information and gain further advantages and consolidate their existing positions. This information
asymmetry would introduce advantages based on size and a non-linear manner.

In the manner predicted above, the extensive wave of deregulation throughout the 80s within the US
led to a run of merger and acquisition activity in the following decade. This phase of M&A consolidated
the numerous smaller banking operations into a small number of large firms. The US was not alone in
this process and is severe reduction in the numbers of banks occurred within the majority of
industrialised countries. Those fearing the loss of regulation argued that the anticompetitive effects
would negatively impact the consumer. Berger and Hannan (1989) presented strong evidence that
consumers remain unharmed and that competition was not weakened in this progression. In their
paper, they offered a negative correlation between the concentration of local banking and the level of
deposit rates provided by consumers.

They argued that the evidence indicated a positive effect. It was postulated that larger financial
organisations gained a level of efficiency over their smaller former rivals. The gain in efficiency as been
argued by several other authors who support a similar position to provide a more than adequate offset
for any loss of competition (Berger, Kashyap & Scalise, 1995; Focarelli, Panetta & Salleo, 2002). Although
the overall position of deposits and loans remained favourable, the distribution was not symmetrically
redistributed. The newly merged banks increased overall lending but at the expense of a contraction
of credit to smaller clients in favour of large organisations banks (Berger et al., 1998).

In both the short and medium term, the consolidation of many of the smaller firms offered increased
efficiency in the merged bank. For the most part, the efficiency extended across the processes on offer
from the acquired bank. Overall, the clients of the banks as depositors benefited from this increase in
efficiency (Focarelli & Panetta, 2003).

Where to?

Predicting the future is precarious at best but there are aspects of the banking industry that can be
clearly seen to be causing change going forward. As the world globalises, international competition
has opened new markets and started to redefine the financial services industry. This has itself led to a
wide push for regulation, some local and more frequently across global boundaries. Most importantly,
innovative new technologies are redefining the marketplace. The introduction of digital currencies to
the international environment coupled with generalised information technology innovation are
redefining the marketplace. New competitors from distributed systems such as bitcoin to more
traditional innovative information technology players such as PayPal are starting to change the nature
of money and the underlying market structure.

Each of these conditions have been leading to increased competition within the financial industry,
especially banking. In many ways we could expect to see a wave of mergers and acquisitions along the
lines of consolidations that occurred in national markets as a global banking conglomerates form. This
would be expected to lead to a combination of larger and more efficient banks acting internationally
and the acquisition and assumption of less efficient organisations in underdeveloped areas by the
currently more efficient firms in the developed world (Focarelli & Pozzolo, 2005).

The primary consequence of technical innovations, especially in information technology is the ease of
storing and distributing information. At present, it remains uncertain how this wave of innovation will
impact problems such as adverse selection and the monopolistic retention of information stores. Many
specialist information providers have been filling niches that came from the information advantage
obtained in relationship lending. As these providers increase their scope, the informational advantage
of asymmetric information stores will diminish. From the perspective of a bank making a lending
decision, it is likely to become less profitable to other non-bank entities and to the lending market.
This is demonstrated through the rise of peer-to-peer lending and Internet lending providers. It is clear
that one of the results of this form of disruption will be the enlargement of local credit markets
reducing the role of small to medium banks. These firms are likely to lose out both to small specialised
co-op’s operating peer marketing as well as to large globalised firms.

Globally it would be expected that regulation will continue to allow more competition (Kim &
Santomero, 1988). As we enter an era of non-bank based finance, more importance is being attributed
to the market evaluation processes (Detter & Fölster, 2016).

References

Allen, F.&Gale, D.; (2003). “Competition and financial stability. Journal of Money, Credit, and Banking 36,
Pp 433–80.

Basel Committee on Banking Supervision. (2005). “International Convergence of Capital Measurement

and Capital Standards: A Revised Framework”. Basel: BIS.
Berger, A. & Hannan, T. (1989). “The price–concentration relationship in banking”. Review of Economics
and Statistics 71, 291–9.

Berger, A., Kashyap, A. & Scalise, J. (1995). “The transformation of the US banking industry: what a long
trip it’s been”. Brookings Papers on Economic Activity 1995(2), Pp 55–201.

Berger, A., Saunders, A., Scalise, J. & Udell, G. (1998). “The effects of bank mergers and acquisitions on
small business lending”. Journal of Financial Economics 50, Pp 187–229.

Boot, A. & Thakor, A. (2000). “Can relationship banking survive competition?” Journal of Finance 55, Pp
679–713.

Broecker, T. (1990). “Credit-worthiness tests and interbank competition”. Econometrica 58, Pp 429–52.

Dell’Ariccia, G. (2001). “Asymmetric information and the structure of the banking industry”. European
Economic Review 45, 1957–80.

Dell’Ariccia, G., Friedman, E. & Marquez, R. (1999). “Adverse selection as a barrier to entry in the banking
industry”. RAND Journal of Economics 30, Pp 515–34.

Detter, D. & Fölster, S., (2016). “The Public Wealth of Nations: How Management of Public Assets Can
Boost Or Bust Economic Growth”. Springer.

Diamond, D. and Rajan, R. (2001). “Liquidity risk, liquidity creation and financial fragility: a theory of
banking”. Journal of Political Economy 109, Pp 287–327.

Fama, E. (1980). “Banking in the theory of finance”. Journal of Monetary Economics 6, Pp 39–57.

Fama, E. (1985). “What’s different about banks?” Journal of Monetary Economics 15, Pp 29–34.

Focarelli, D. and Panetta, F.; (2003). “Are mergers beneficial to consumers? Evidence from the market
for bank deposits”. American Economic Review 93, Pp 1152–72.

Focarelli, D., Panetta, F. & Salleo, C.; (2002). “Why do banks merge?” Journal of Money, Credit, and
Banking 34, Pp 784–803.

Focarelli, D. & Pozzolo, A.;(2005). “Where do banks expand abroad? An empirical analysis”. Journal of
Business 78, Pp 2435–64.

Gorton, G. & Winton, A. (2003). “Financial intermediation”. In the “Handbook of the Economics of
Finance”, Vol. 1, Ed. G. Constantinides, M. Harris and R. Stulz. Amsterdam: North-Holland.

Hellman, T., Murdock, K. & Stiglitz, J. (2000). “Liberalisation, moral hazard in banking and prudential
regulation: are capital requirements enough?” American Economic Review 90, Pp 147–65.

Leland, H. & Pyle, D. (1977). “Informational asymmetries, financial structure and financial
intermediation”. Journal of Finance 32, Pp 371–87.

Keeley, M. (1990). “Deposit insurance, risk, and market power in banking”. American Economic Review
80, Pp 1183–200.

Kim, D. & Santomero, A.M., (1988). “Risk in banking and capital regulation”. The Journal of Finance,
43(5), pp.1219–1233.

Minsky, H. P. (1975). “John Maynard Keynes”. Columbia University Press, New York.

Minsky, H. P. (1982). “Can it Happen Again?” M. E. Sharpe, Armonk, NY.

Minsky, H. P. (1986). “Stabilizing an Unstable Economy”. Yale University Press, New Haven and London.

Petersen, M. & Rajan, R. (1995). “The effect of credit market competition on lending relationships”.
Quarterly Journal of Economics 110, Pp 407–43.

Petersen, M. & Rajan, R. (2002). “Does distance still matter? The information revolution in small
business lending”. Journal of Finance 57, Pp 2533–70.

Rajan, R. (1992). “Insiders and outsiders: the choice between relationship and arm’s length debt”.
Journal of Finance 47, 1367–400.

Schumpeter, Joseph A. (1982). “The ‘Crisis’ in Economics — Fifty Years Ago,” Journal of Economic
Literature 20(2): 1049–59. (Manuscript thought to have been written in 1931.)

Shaffer, S. (1998). “The winner’s curse in banking”. Journal of Financial Intermediation 7, 359–92.

Sharpe, S. (1990). “Asymmetric information, bank lending and implicit contracts: a stylized model of
customer relationships”. Journal of Finance 45, 1069–87.

Wray, L. R. (2009). “The rise and fall of money manager capitalism: a Minskian approach”.
CambridgeJournal of Economics, 33(4), Pp 807–828.
Fearing companies
By Craig Wright | 28 Jun 2017 | Bitcoin & Blockchain Tech
The current bitcoin debate has nothing at all to do with centralisation. As I wrote in my piece on the
hijacking of the term ‘node’ we can easily see that any non-mining node is simply a wallet. It doesn’t help
the system propagate, and it doesn’t create blocks.

In a paper by Eli Afram, it is noted that:

“According to the Satoshi’s whitepaper, nodes were miners. The hijacking of the word seems to have placed
unneeded importance on these validating nodes. But what would Bitcoin look like without these ‘nodes’,
and how centralized would mining be, with the removal of the blocksize limit?”

Gregory Maxwell of Blockstream has in the past stated:

“With gigabyte blocks bitcoin would not be functionally decentralized in any meaningful way: only a small,
self-selecting group of some thousands of major banks would have the means and the motive to participate
in validation.”

Craig Wright debunks the centralization myth with a very simple analysis:

“There are around 15000 banks. Add financial organisations including savings and loans… We are up to
60,000. Then add in all the major merchants and operations that need to have transaction data by law, and
that’s around 17 million organisations. That is decentralised do you not think?”

In that simple conversation between Eli And Dr Wright we see the entire argument made by Blockstream
and Core debunked.

The argument is very simple. People ask why a company would need to run a node. This, mind you, can be
either a large exchange propagating many transactions, or a merchant seeking to get their transaction
included as quickly as possible. These nodes may mine or form partnerships with mining organisations
using anyone-can-spend transaction types to arrange payments with miners and to ensure that
transactions are included without being malleated. At times, it will not even matter that the transaction is
settled within a block. There are times when certain miners will include non-standard transactions and what
matters is that these are settled within a reasonable time-frame. Not everything will require 10 minutes and
the result is one that may be suited to specialised mining farms.

Satoshi clearly understood and planned for the integration of large companies. He stated succinctly:

“The current system where every user is a network node is not the intended configuration for large scale.
That would be like every Usenet user runs their own NNTP server. The design supports letting users just be
users. The more burden it is to run a node, the fewer nodes there will be. Those few nodes will be big server
farms. The rest will be client nodes that only do transactions and don’t generate [1]”

Pulling this apart, we clearly see the intention of big server farms that simply stated happens to be a system
managed by companies. What we need to create is a simple SPV wallet just like the White Paper
mentioned, then we can get back to having zero conf transactions as we always had been promised:

“See the snack machine thread, I outline how a payment processor could verify payments well enough,
actually really well (much lower fraud rate than credit cards), in something like 10 seconds or less. If you
don’t believe me or don’t get it, I don’t have time to try to convince you, sorry.”

When Satoshi talked about generating, he simply meant mining. There is no option here, in all proof of
work-based systems the end whether based on ASICs or not is corporatisation. Dr Wright put this clearly in
a draft he posted for checking on Slack:

“In the instance of bitcoin mining, the firm is able to increase in size through the integration of multiple
specialist roles. Even given the assumption that any one process can run on but a single CPU, we come to
the scenario of high-end data centre servers. The Intel Xeon Phi 7290f implements 72 Atom CPU Cores. Each
core runs two threads. Even taking the control system into account, this leaves 142 processes able to run per
system. With four cards per RU this allows for data centre implementations of 5,964 mining processes to
run on a pure CPU-based proof of work implementation.

One person can manage a small number of mining server implementations within a home or small
business environment. In large data centre-based organisations such as Facebook, a single administrator
can run 20,000 servers. The effect of this would be one individual managing 2,840,000 individual CPU-
based mining processes. This alone is outside the scaling capabilities of any individual. This can be further
enhanced as cost savings through the creation of large data centres, management savings and integrating
multiple network and systems administrators is taken into account. As we start to add additional layers we
come to a maxima where it is no longer profitable to grow the firm in size. Right up until that point, the firm
will grow…

For all proof of work systems, economic efficiencies naturally lead towards larger competing firms. There is
no known system that allows for the fair distribution of resources in a distributed manner that does not lead
to competing corporations managing the primary system.”

In a paper that is about to be published, Dr Wright simply proves that all proof of work systems tend
towards corporate management and control.

It is clear that Satoshi always intended companies to manage bitcoin.

The companies that manage bitcoin, they require profit.

There exists an error in the thinking held by many of the anti-capitalist and socialist developers that are
strangling bitcoin and limiting its growth. These individuals are not seeking to grow bitcoin, they believe
they can take personal control and paternalistically manage the system for everyone else. They talk a big
game stating how they wish for everyone’s freedom as they oppress us.

This could take many forms.

In the figure above, we see recent statements from one of the core developers. They are not seeking free
competition but control. They don’t want a capitalist society. In a capital society, the people who can best
deliver a solution to the most people win. This is the last thing on their mind.

Socialists are not afraid of government, they are afraid that they are not government. It is not that they want
you to be free, it is they want you to be dominated by them.

These people in Core try to tell us that they are fighting for our freedom as they oppress it. They are not
seeking to grow the bitcoin Blockchain. They are seeking to inject sidechains to devalue it and make it
worth less. They’re not seeking our privacy, they seek to create centralised lightning networks that sit on top
of bitcoin and steal its ability to allow us to freely trade. and in doing so create centralised platforms they
can manage and monitor.

They try to tell us how this is good for our own interests. They say that everyone needs to run a node for if
we don’t run a node we will not be able to validate transactions. This lie, this outright blatant deception is
the biggest flaw within bitcoin as it is generally taught. At the heart of it we have the anti-capitalistic
mentality rearing its ugly head. It is a position of coercion and paternalistic contempt.

One big issue that seems to be overlooked is that it is the merchant that is going to care about payments,
and not the consumer.

When we go into a store, we do not care if the merchant validates our transaction. We care that we receive
the goods and that we have paid. It is the merchant and not the consumer that desires validation. Then, the
issue here once again comes to companies. They try to tell us of some post Utopian wonderland where no
companies exist and everyone freely trades settling individually. This ignorance of scarcity is one of the key
aspects of the oppression they push upon us.

The unwarranted attack is not against centralisation but against companies in general.
Mining is how you vote for rule changes. Greg’s comments on BU revealed he has no idea how Bitcoin
works. He thought “honest” meant “plays by Core rules.” [But] there is no “honesty” involved. There is only
the assumption that the majority of miners are INTELLIGENTLY PROFIT-SEEKING. — ForkiusMaximus

Miners are not “Honest”, they are rationally profit seeking!

Honesty is not required in the protocol. That is the beauty of Bitcoin, it takes the self-interest of each
individual and directs it to the creation of something better.

These people do not hate and attack centralisation. They hate and attack companies. They would rather
hand bitcoin to government than the state. That is the goal. Not freedom but control. And they use the
ignorance of people unversed in economics to create a framework of demagoguery that leads us straight to
1984.

Their error is not understanding that all Proof of Work systems are inherently capitalist!

1 https://bitcointalk.org/index.php?topic=532.msg6306#msg6306
Banks versus markets.
By Craig Wright | 29 Jun 2017 | Bitcoin & Blockchain Tech
We will attempt to show that banks and financial markets offer both complimentary and competing
services depending on a range of factors including the clients that they are serving on the type of finance
that they are seeking to provide. Both banks and financial markets exhibit a range of beneficial and
detrimental behaviours and outcomes.

Finance has been the centre of many economic concerns and in the 18th and 19th century. Business cycle
theory began with the study of credit cycles in the fluctuations in finance. The development of the general
equilibrium theory [Walras, 1954] marked the decline and the use of finance as an explanatory variable in
economic analysis. The reasons for this resulted from the difficulties in integrating finance into economic
theory. In classical economics, the problem arises with the view that monetary theory is less relevant than
other aspects of business. In fact, one of the main concerns in classical theory is that money simply acts as a
price level determinant and ignores the fact that there is a demand cycle for money itself.

Keynesian theory erred in assuming the aggregation of several financial instruments, including long-term
bonds and equities. In this framework, the method used in the financing of a firm had little relevance.
Further, the emphasis on money both within Keynesian schools and later with that of the monetarists
resulted in the exclusion in the study of the effects other financial instruments had on the firm and an
exclusive focus on money and monetary policy.

This simplification ignored the interaction between the various interconnected markets [Robinson, 1937].
And lead to the development of more formalised approaches to the general equilibrium model [Tobin, 1969]
with the special case of mean variance models and the differentiation between debt and equity markets.
Others such as Modigliani and Miller [1958] followed the general approach of Keynes and argued that
financial structuring was irrelevant to the development of companies within the economy.

These approaches came under attack starting with the works of Stiglitz [1696a, 1974d] who demonstrated
that bankruptcy and the risk there of impacted the interest rates associated with corporate bonds leaving
them to reflect higher interest rate than government debt for the same level of risk. Researchers such as
Majluf and Myers [1984] provided evidence as to the effects of moral hazard in adverse selection and how
that impacted the financial structure of corporate organisation. Factors such as credit rationing and equity
rationing were shown to impact the market value of shares and equity. It was also noted that differences in
the impact of obligations derived from debt and equity contracts resulted in agency effects. In these
instances, managerial incentives played a strong deciding role as to the allocation of funds.

Capital markets with imperfect information

A role for financial institutions can come about because of the distinctions between capital markets and
more general markets for products within the economy. A primary note here is the difference where capital
markets cannot be treated as an auction market. Banks do not maximise their expected returns through
the allocation of credit to the highest bidder. Just as there can be times of equity rationing [Stiglitz, 1985],
banks and other financial institutions engage in credit rationing. Some of this results from the changes in
credit availability and how they affect investment and the real interest rate but also lead to firms acting in a
risk adverse manner.

External forces can also act through finance to result in changes in risk where the changes in the firms that
worth and cash flows are shown to have a noticeable impact.

Consequently, capital is not allocated through an auction market. Banks and other financial institutions act
to monitor and control the use of capital that they apportion. It has been argued [Mayer, 1989] that credit
rationing results in part from the difficulty in determining the overall quality of the various players
competing for credit.

In recent years, especially in the United States, an increased reliance has been placed on the market for
raising funds. In particular, the securitisation of mortgages and other debt instruments has opened up
opportunities for brokers and other third parties reducing the impact and necessity of banks.

Banks and efficient markets

It is a widely held belief [Beck & Levine, 2002; Sharpe, 1990; Gertner & Sharfstein, 1994, Wurgler, 2000] that
markets are more efficient than banks in the allocation of capital. The primary reason for this comes from a
view that markets offer lower transaction costs. Transaction costs can be lowered where large well-
respected firms with international connections are able to raise capital through the market. Due to factors
of scale, banks may become an unnecessary cost when a firm becomes sufficiently large. The governance
and compliance factors delivered through the screening operations of banks can be achieved through
other sources by a firm when a sufficient scale has been achieved. Risk diversification can be provided
through the internal functions of the firm and it is possible to increase security and diversify risk in the
manner of an insured bank through the use of government backed securities.

In this way, banks as such can be a specialised intermediary who engage in the role of compliance and
governance for smaller firms as well as those firms that are well understood [Franklin, 1993, Hellwig, 1991]. In
aggregating funds, the bank can create a comparative advantage through the specialisation of risk control.
In their pure role as an examiner and allocator, banks act with an informational advantage judging the
quality of management in the supervising of allocated funds [Gehrig, 1998; Gorton & Mullineaux, 1987, Kon &
Storey, 2003].

One key advantage that banks have over direct market players comes from the informational advantage
attached to a long-term relationship with the client. These long-term relationships can offer advantages in
cases where less perfect information is available to the market. There are mutual advantages to both the
bank and the firm in this relationship. The bank is in a position where it can accumulate more quality
information than the market and the bank also gains through the ability to control and minimise agency
problems [Stiglitz & Weiss, 1983]. This comes as a consequence of the incentives placed on management
within the firm who act against the threat that their credit might be terminated if they fail to achieve set
corporate governance targets.

The aggregation of funds also allows banks to be more flexible. Standardisation of credit lines and contracts
offered through banking mechanisms provides the bank with a transactional advantage. A line of credit is
one such provision that would be difficult for markets to maintain. Small firms and firms that are not listed
lack the means to distribute information widely and accurately. This limits the ability for a market to offer
equivalent products to all entrants.

Firms can insure against risk but they cannot insure against the risk that their credit rating will be impacted
negatively. If an organisation was able to insure against the risk of their credit rating decreasing and offset
the increased interest rates that would result, the organisation would be able to act in an adverse manner.

There are also problems with borrowing more than is needed for the immediate needs of a firm. The
difference between lending rates and borrowing rates leave a spread that makes it economically infeasible
to maintain more in a line of credit than an organisation needs for its immediate use. Further, the market
may deem an organisation that retains a larger cash balance from loans that it needs immediately as a sign
of diminished confidence and may hold that the organisation is less likely to achieve its goals.

Whereas, bank finance is more flexible than market finance, banks are limited to an extent through the
actions of monetary regulation and authorities. These limits are a direct consequence of the requirements
for capital controls that limit the amount of money a bank may be able to loan. For large companies, there is
often little cost in moving from bank finance to commercial paper as a source of finance but this option
only comes with scale.

Bank finance is generally bundled with close supervision and monitoring. To the market, the choice of
raising funds through long-term debt can signal of a lack of credit worthiness. Conversely, a firm can also
argue that its financial strength is great enough that it does not need to rely on the additional flexibility
offered through banking institutions. Hence, multiple signal equilibria exist [Spence, 1974b]. In this, we see
that both the best and worst firms can be seen to resort to market finance over the flexibility of bank
finance.

Three factors to be considered when contrasting banks and financial markets include:

1. The transaction cost of using the market,

2. Credit crunch that may result through monetary policy, and

3. The impact of stabilisation policies that have been seen until recently to have limited the impact of
cycling fluctuations through credit cycles [Kocherlakota, 2000].

It can be also argued that both banks and markets are inefficient in the allocation of finance. Due to the
agency effect, companies do not act in the interest of shareholders and often do not disseminate
information such as risk to the market. Consequently, some of the differentiation between market and bank
financing can arise through the differences in their inefficiencies. Whereas banks can offer efficiencies in
certain markets such as well-known industries, and small firms markets can offer advantages for innovative
start-ups in the Schumpeterian sense, as well as large firms where the benefits of diversity and risk
allocation a less important. In this manner, the comparison of financial intermediaries and markets may be
more of an analysis of their inefficiencies then their effectiveness overall.

Banks provide the capability to closely monitor organisations. In particular, they offer governance to
managerially run firms. The consequence of this is that some managerially run firms may opt for market-
based finance have a bank based finance as it results in greater managerial discretion. Banks, like markets,
may also fail to monitor the clients effectively. Banks also offer specialist risk services that can be far more
effective and efficient in the assessing of risks then for lenders in markets generally.

The securitisation of finance has led to a more widespread reliance on market based systems. As banks
handoff the mortgages they issue into marketable packages, more opportunities for brokers who write the
mortgages arise. These brokers are incentivised differently than banks who maintain loans for extended
periods of time and often do not have reliance on a requirement to monitor those receiving finance.

As information becomes more widely available we have seen a shift away from banks towards an increase in
the use of market-based finance [Franklin & Gale, 1997]. A move away from the monitoring capacities of
banks into specialised lending activities is one of the many changes in capital markets that have
consequentlydeveloped. These changes are argued to have increased the level of moral hazard associated
with finance [Hoff & Stigliz, 1990]. A further consequence has been a decline in governance associated with
the allocation of funds and a limit to the level of specialisation that existed in the banking sector. Markets
allow for greater risk diversification than small local banks, but the actions of the borrower are less likely to
be controlled and monitored. The difficulty is that although markets do provide opportunities for
diversification, the level of knowledge and information required to achieve that is limited.

Information provision

The secondary market for securities has improved markedly. These markets provide a means such that
previously issued securities may be re-traded and allow for the later trading of finance products. This
process adds liquidity and helps to ensure that the true value of the security is reflected in the market.

Stock markets act as a simple benchmark in the understanding of capital markets. The assumption made
on this model is that share prices reflect the expected profitability of companies related to the equity on
offer.

The cost in raising new finance (at least in US markets) suffers extremely high transactional costs relative to
the level of the financial transactions [Summers & Summers, 1989]. This is a result of the inflated costs of
operating the markets when contrasted to the amounts raised.

The main factors that enhance the use of the market within the framework of the Allen and Gale model
of diversity of opinions and system of financing
We see from Allen and Gale [1993, 1997] that there is no reason to conclude that any one method of finance
could be optimal across all situations. The authors present several different parameters that result in the
optimisation of financial solutions. As a result, a single type of financing solution provided across the entire
economy is not likely to be efficient. In the example of Germany, a strong bias leans towards intermediated
finance. This is compared to other countries such as the United States. In this market, the market is
demonstrated to have a more dominant role.

Some of the differences might stem from restrictive regulations that stymie the development of markets or
the fixed cost that come with the development of markets. These differences lead to multiple equilibria.

The model presented can be further developed. In particular, financial markets and banking intermediaries
exist side-by-side to different degrees within all countries. The model could be validated or approved
through an analysis of the types of technologies and the extent of financing through each system in each
country. The primary aspects of the model rely on an assumption that firms financed within the market will
be predominately of a diverse opinion where there is a low assessment cost. Conversely, the model implies
that tanks will finance firms and well-known industries that utilise technologies that are expensive to
individually assess.

Financial intermediaries such as banks are shown to function poorly where there is limited information and
adversity of opinion. This divergence in views is systemic in the development of new industries. As
innovative technologies and processes disrupt the status quo, the traditional ways of assessing performance
themselves become obsolete. Simply, markets are superior at providing for the financing of highly risky
endeavours whilst banks provide more stability in times of calm.

Conclusion

We conclude from the work of Allen and Gale [1997] that market-based systems are more suited for the
financing of disruptive and innovative industries which contrasts directly the role of bank-based finance
which is more effective in the financing of more established industries where analytic models exist and can
be applied.

Banks and market actors substitutes for one another, but they are not complete substitutes. The primary
focus of the presented model is weighted towards a Schumpeterian [Schumpeter, 1911] system based on
dynamical change and disruptive technologies. Disruptive technologies can be shown to promote the
development of wealth via the creation of new products on the provides strong support for this role and
industry [McKinnon, 1973].

With the overlap, we can see that banks and financial markets are to some extent complimentary as well as
competing. No market is perfect, and consequently financial intermediaries can be seen to arise as a market
response that limits the effects of information asymmetry in respect to investment. One thing that we can
expect is to see the development of disruptive technologies and changes within the banking sector itself as
markets apply pressure to these industries. In this, we can expect to see change in both the means
deployed by markets and banking as disruptive technologies undermine existing models.

References

Allen Franklin (1993) ‘Stock Market and Resource Allocation’ in C Mayer and X Vives (eds) Capital Markets
and Financial Intermediation, Cambridge: Cambridge University Press.

Allen Franklin and Douglas Gale (1997) ‘Financial Markets, Intermediaries, and Intertemporal Smoothing’,
Journal of Political Economy 105, 523–46.

Allen Franklin and Douglas Gale (1998) ‘Diversity of Opinion and Financing of New Technologies’, The
Wharton Financial Institutions Center.

Allen Franklin and Douglas Gale (2000) Comparing Financial Systems, Cambridge, Massachusetts: MIT
Press.
Beck, T. and Levine, R., 2002. Industry growth and capital allocation: does having a market-or bankbased
system matter? Journal of Financial Economics, 64(2), pp.147–180.

Boot Arnoud and Anjan Thakor (1997) ‘Financial System Architecture’, Review of Financial Studies 10, 693–
733.

Brealey, Richard A.; Myers, Stewart C. (2008) [1981]. Principles of Corporate Finance (9th ed.). Boston:
McGraw-Hill/Irwin.

Deidda L and B Fattouh (2008) ‘Banks, financial markets and growth’, Journal of Financial Intermediation 17,
6–36.

Fama Eugene (1970) ‘Efficient Capital Markets: a Review of Theory and Empirical Work’, Journal of Finance,
383–417.

Gehrig, T., 1998. Screening, cross-border banking, and the allocation of credit. Research in Economics, 52(4),
pp.387–407.

Gertner, Robert H., David S. Scharfstein, and Jeremy C. Stein. Internal versus external capital markets. No.
w4776. National Bureau of Economic Research, 1994.

Gorton, G. and Mullineaux, D.J., 1987. The joint production of confidence: Endogenous regulation and
nineteenth century commercial-bank clearinghouses. Journal of Money, Credit and Banking, 19(4), pp.457–
468.

Grossmann Sanford J and Oliver D Hart (1980) ‘On the Impossibility of Informationally Efficient Markets’,
American Economic Review, Vol. 70, 604–20.

Hellwig M (1991) ‘Banking, Financial Intermediation, and Corporate Finance’, in A Giovannini and C Mayer
(eds) European Financial Institutions, Cambridge UK: Cambridge University Press.

Hoff, Karla & Stiglitz, Joseph E, 1990. “Imperfect Information and Rural Credit Markets — Puzzles and Policy
Perspectives,” World Bank Economic Review, World Bank Group, vol. 4(3), pages 235–50, September.

Kocherlakota, N., 2000. Creating business cycles through credit constraints. Federal Reserve Bank of
Minneapolis Quarterly Review, 24(3), pp.2–10. Vancouver

Kon, Y. and Storey, D.J., 2003. A theory of discouraged borrowers. Small Business Economics, 21(1), pp.37–49.

Leland H and D Pyle (1977) ‘Informational Asymmetries, Financial Structure, and Financial Intermediation’,
Journal of Finance (May) 371–87.

Majluf, Nicholas S. and Stewart C. Myers. “Corporate Financing and Investment Decisions When Firms Have
Information That Investors Do Not Have,” Journal of Financial Economics, Vol. 13, №2, 1984, pp. 187–221.

McKinnon R. (1973) “Money and economic development in finance”, The Brookings Institution, Washington
DC

Miles, J.; Ezzell, J. (1980). “The weighted average cost of capital, perfect capital markets and project life: a
clarification”. Journal of Financial and Quantitative Analysis 15: 719–730. doi:10.2307/2330405. JSTOR 2330405.

Mishkin FS (1995) The Economics of Money, Banking and Financial Markets, New York: HarperCollins.

Modigliani, F.; Miller, M. (1958). “The Cost of Capital, Corporation Finance and the Theory of Investment”.
American Economic Review 48 (3): 261–297. JSTOR 1809766.

Modigliani, F.; Miller, M. (1963). “Corporate income taxes and the cost of capital: a correction”. American
Economic Review 53 (3): 433–443. JSTOR 1809167.

Robinson, J. (1937; 2nd edn 1947) ‘The Foreign Exchanges’, in J. Robinson, Essays in the Theory of
Employment (New York: Macmillan) pp.183–209; 2nd edn (Oxford: Blackwell) pp. 134–55.
Schumpeter, J (1911) “The Theory of economic development” Oxford University Press

Sharpe, S.A., 1990. Asymmetric information, bank lending, and implicit contracts: A stylized model of
customer relationships. The journal of finance, 45(4), pp.1069–1087.

Spence A, (1976) Market Signaling: Informational Transfer in Hiring’s and Related Screening

Processes Recherches Économiques de Louvain / Louvain Economic Review Vol. 42, №3 (1976), pp.

263–265

Stewart, G. Bennett (1991). The Quest for Value: The EVA management guide. New York: HarperBusiness.

Stiglitz, 1974. “Equilibrium Wage Distributions,” Cowles Foundation Discussion Papers 375, Cowles
Foundation for Research in Economics, Yale University.

Stiglitz Joseph (1985) ‘Credit markets and the control of capital’, Journal of Money, Credit and Banking 17,
133–52.

Stiglitz, Joseph (1996a) “Some Lessons from the East Asian Miracle,” World Bank Research Observer,11(2),
August, pp. 151–77.

Stiglitz, Joseph (1996b). “Financial Markets, Public Policy, and the East Asian Miracle,” with M. Uy, World Bank
Research Observer, 11(2), August 1996, pp. 249–76.

Stiglitz, J., Hoff, K. (1990) Introduction: Imperfect information and rural credit markets: Puzzles and policy
perspectives. The world bank economic review 4 (3), 235–250

Stiglitz, Joseph & Weiss, Andrew (1983), “Credit Rationing with Collateral” Bell Communications Research
Economics Discussion Paper No 12.

Page |

Stiglitz, Joseph & Weiss, Andrew (1981), “Credit rationing in Markets with imperfect information” American
Economics Review, June 1971, 71, 410

Summers, Lawrence H., and Victoria P. Summers. 1989. “When Financial Markets Work Too Well: A Cautious
Case for a Securities Transactions Tax.” Journal of Financial Services Research 3 (2): 261–86.

Tobin J (1969) “A general equilibrium approach to monetary theory Journal of credit and banking” Journal of
Money, Credit and Banking, Vol. 1, №1 (Feb., 1969), pp. 15–29 Ohio State University Press.

Walras, Léon (1954) [1877]. Elements of Pure Economics. Irwin.

Wurgler, J., 2000. Financial markets and the allocation of capital. Journal of financial economics, 58(1),
pp.187–214.
The Asian currency crisis
By Craig Wright | 04 Jul 2017 | Economics
It has been argued that the currency crisis in Asia in the late 90’s differed in significant ways to many of the
previous crises (Cogman & Dobbs, 2008) and that the countries involved, Thailand, Malaysia and others
expressed solid fundamentals (Lacovone et. Al., 2009). For many years before the crisis, these economies
had been growing at impressive rates leading to these countries being defined as the Asian Tigers. This
quickly changed when taken on an economic timescale. Radelet and Sachs (1998) have designated a
definition of a financial crisis as the sudden shift between capital inflow and capital outflow in preceding
years.

Kaminsky &Reinhart (1996) introduced the terminology of a twin crisis to designate the simultaneous
calamities in banking and balance of payments that was occurring across the Asian countries.

The joint existence of both banking and currency crisis conditions (the Twin Crises) is only one of many
explanations. Other explanations have been proposed including herd behaviour [1] (Calvo &Mendoza, 1998
and Devenow & Welch, 1996), moral hazard in banking (Krugman, 1998) and even the right of deregulation
in the Asian sector. Some researchers (Rodrik, 1998) have criticised the IMF and argued that the capital
accounts in these countries should have been liberalised over a more extended period.

Whilst some authors (Krugman, 1998 & Corsetti, et al., 1998) promote the concept of moral hazard in
explaining the source of currency crises (especially the 1997 Asian crisis) as a reason for access and
speculation and market failure, the bailouts created by the IMF provide more case for moral hazard when
associated with government. Foreign investors provided capital for the belief that they would have
profitable returns, not that they would be bailed out. Researchers, Radelet and Sachs (1998), note that only
state-owned enterprises were bailed out in a currency crisis. They show how the spread on bonds did not
increase a

Investigating the use of capital controls

To explore the possible impacts of capital controls, we can focus on either a particular crisis or the
interaction between the joint crises. In focusing on an aspect of the crisis, whether related to the balance of
payments or banking problem. We can investigate the individual causes and qualitatively eliminate issues
related to government policies, in doing so we can begin to match differences between countries. This
could be extended further if we incorporated an analysis of other similar crises such as those in Latin
America, this research is outside the scope of this paper. One can further investigate the differences in
similarity between government policies with an aim to determining the effects that could diminish the
probability of a crisis occurring because of those policies. The problem with this approach is that many
distinct policies can lead to the same results.

It is noted that all the countries experienced similarities in the twin crises. Primarily, these can be expressed
as:

1. A policy of fixed exchange rates,

2. Large-scale capital flight and speculative attacks.

To address these dual problems, two responses have been proposed:

1. Abandon policy of using a fixed exchange rate,

2. The introduction of capital controls.

The introduction of capital controls involves the strict control of the inflow and the related outflow of
capitals coming into and out of the country. Krugman (1979) reasoned that any fixed exchange rate policy
could not withstand speculation once a minimal amount of reserve is held by the central bank.
Several economists (Krugman, 1979; Flood & Garber, 1984; Salant & Henderson, 1978) have reasoned that
excessive fiscal deficits from government have led to many of the currency crises. The inflationary pressure
that results in an increase in the money supply that comes about with liberal domestic credit being offered
by central banks is proposed as a possible cause. This is stated to lead to an inconsistency between deficit
financing and the use of the fixed exchange rate policy. In this model, the money supply has an extra genius
equilibrium with the money market. The result is as the central bank increases domestic credit, foreign
reserves correspondingly diminish. The key hypothesis to this theory is that as the volume of farm reserve
held by a central bank is finite, any fixed exchange rate regime must eventually fail.

The Mundell-Fleming models (Mundell, 1963; Flemming, 1962) consist of an extension of the IS-LM Model.
These models describe the short-run relationship amongst an economy’s designated exchange rate, the
interest rate, and yield, that is a significant feature of a minor but open economy that has incorporated a
fixed exchange rate and which experiences unhampered capital mobility. This contrasts with a closed-
economy IS-LM model.

Krugman’s argument was to state that a crisis needed to occur whenever the central bank’s foreign reserve
crosses a minimal threshold. Once the threshold has been crossed it would be necessary for the
government to either devalue the currency or to abandon a fixed exchange rate policy.
Speculation and the concept of a self-fulfilling crisis

Obstfeld (1994) had investigated earlier crises in European countries with a focus on the breakdown of the
exchange rate mechanism (ERM). Some of the suggested reasons for why a government would choose to
abandon a fixed rate included desire to inflate away debt burden nominated in domestic currency or to
implement an expansionary monetary policy to reduce unemployment or other domestic problems.
Conversely, the government might also desire to maintain a fixed exchange rate to better facilitate
international trade and investment, or even as a source of national pride and perceived political
competency. Multiple equilibria can result because of these conflicting goals. As individuals and investors
begin to speculate that the fixed peg could be abandoned, the cost of maintaining a fixed exchange rate
will rise. This anticipation of a devaluation event can come about as a trigger resulting from the expectation
of the people investing in a country both from within and externally. This expectation of devaluation leads to
pressure on the central bank as investors convert the domestic currency to foreign currency ahead of what
they see as a devaluation.

Once a threshold event occurs, the central bank could run low on foreign reserves which would necessitate
a currency devaluation. *In a manner like bank runs, this form of crisis is self-fulfilling.

Obstfeld (1996) proposes three separate scenarios.

1. The resources of the speculators are less than that of the reserve held by the central bank,

2. The resources of each of the speculators exceeds the reserve of the central bank, or

3. No individual speculator has reserves grade of more than the central bank, but combined pools of
speculators can exceed this reserve.

In these three cases, the evaluation will only occur in the second and third instances.

In the second case, the actions of anyone speculator will lead to a run on the currency resulting in
devaluation. Each speculator will compete to be the first to unload the positions. In the third case, where a
threshold of speculators hold the belief that devaluation is inevitable, this belief becomes a self-fulfilling
prophecy. Here, each of the speculators rushes to close positions causing the devaluation to occur. Without
this belief, the fixed rate exchange policy would have been able to survive.

A crisis that results, in this case, has multiple Nash equilibria that form based on the actions of speculators
and what is reflective of a herd mentality.

Twin Crises: Banking & Exchange Rate Crises

The notion of a twin crisis comes from newer models that emphasize the importance of both finance and
capital flow. By the time that the Asian currency crisis had occurred (1997/8), many other twin crisis events
had already been experienced. These include the Scandinavian countries (Early 1990’s), Turkey (1994),
Venezuela, Argentina and Mexico (1994) and Bulgaria (1996). Each of these has experienced a banking crisis
proceeding the currency crisis. The direct results have been through either an increased monetary supply or
through capital flight with the resulting decrease in monetary demand.

Stoker (1995) and Mishkin (1996) independently put forth the argument that the balance of payments crisis
leads to the banking crisis. Stoker’s argument is that an external impact to the economy that is coupled to a
fixed exchange rate leads to a diminishment of reserves.
Speculators seeing the loss of reserves follow up with an attack on the currency that can result in an
abnormally high-interest rate level. As the level of interest rates increments, credit becomes more difficult to
obtain at a level affordable by businesses. This, it is reasoned, leads to bankruptcies and financial crises.
Mishkin takes the position that the resulting devaluation weakens the national banks. This effect is
particularly exaggerated where a large share of their liabilities is denominated in foreign currency accounts
which contrasts the perspective held by other researchers (Calvo, 1995; Diaz-Alejandro, 1985; Miller, 1987 &
Velasco, 1987) who hold the position that the banking crisis occurs before the balance of payment crisis. It is
reasoned that the attempt to bail out failing banks by the nation’s central bank reduces the countries’
ability to maintain a fixed exchange rate.

Other researchers (Reinhart & Vegh, 1996) propose that the twin crisis comes from a common cause. Their
thesis comes of the slow convergence of prices to international exchange levels. International financing
leads to a glut of money, low-interest rates and an associated flourishing in economic activity. This boom is
coupled to increased imports and further international investment and borrowing. As this occurs, the
current account deficit expands causing the inevitable result of increased speculation as entrepreneurs
perceive the unsustainability of the fixed rate exchange mechanism leading to a speculative attack on the
peg. International credit helps to finance the growth of the economy as an increase in bank credit leads to
enhanced risk-taking and economic expansion. As the speculative attack on the peg occurs, capital flows
reverse and currency leaves the country resulting in an asset market crash. The crash of the asset market
undermines the strength of the banking sector leading to banking sector crash.

It has been argued (McKinnon & Pill, 1996) that financial liberalisation magnifies micro-economic distortions.
It is reasoned that this results in economic and banking cycles that are more pronounced than they would
be in a more regulated system, and that this leads to the collapse of the banking system.

An intensification effect caused by the intermediating nature of banks has been demonstrated (Goldfajn &
Valdes, 1997) to magnify the differentials across international interest rates and the level of capital inflow.
These oscillations can result in business cycles and bank runs that lead to a financial and currency crash.
Kaminsky & Reinhart (1996) demonstrated that:

1. Banking crises are decidedly linked to currency crises.

2. Capital inflows intensify progressively before the crisis and collapse amidst the crisis.

3. Intermediation by banks rises before failure.

Goldfajn & Valdes (1997) model the creation of liquidity through credit allocation by financial intermediaries
against capital flows and exchange rate breakdowns. This is conducted under a bi-variate time context.

In the model presented, the intermediaries create liquidity that is consumed by foreign capital. As investors
are incentivized for short-term financial investment [2] (including real estate and interest rate derivatives)
over the long-term capital creation projects, they aid in increasing capital inflows. When this is coupled with
an exogenous shock, international investors seek to withdraw their investments leading to capital flight. The
financial intermediaries will have invested in illiquid assets and long-term capital loans. This international
run on the bank can result in an enhanced risk of failure. Capital outflows lead to currency collapse. In this
model, fractional reserve banking amplifies the negative effects of economic productivity and interest rates.

Most importantly, this model demonstrates:

1. The likelihood of a bank run will be positive and non-decreasing on the international interest rate
differentials,

2. The proportion of capital outflow in period one will be greater than later periods,

3. There is a balance between the creation of larger capital inflows and increased risk of capital flight and a
run on the country’s banks,

4. Expectations of currency devaluations increase the likelihood of runs on the banks, and
5. Fractional Reserve banking leads to the magnification of minor shocks such that these cause large
effects.

Could Capital Controls have helped?

Vinals (1996) and Eichengreen et al. (1996) have both argued that capital controls are ineffective. These are
illustrated to demonstrate the correlated with increased rates of inflation and growing trade deficits. The
main use is argued to come in the form of helping governmental expansionary policies. This form policy is
associated with detrimental imbalances to the economy in the long term. This line of thinking allows us to
see that the long-term effect of capital controls is market disruption and excessive devaluations. “Self-
fulfilling” currency attacks through market speculation can be argued to be justified. The increase in capital
flows to developing countries has been criticised (Stiglitz, 1998) with the claim that this makes these
economies more vulnerable to economic crisis. Stiglitz holds the view that is developing countries express
less regulation, that they are more vulnerable to shocks. It is his view that markets do not fully incorporate
information due to the dominance of private capital flows.

transferring capital systems knowledge

Friedman (1998) emphatically counters this argument showing how it is a detriment to any emerging
economy in the long term. Any developing country needs external capital to grow. The importance of well-
managed capital systems is tied closely to the discipline that is imposed through long-term capital
allocation and the transfer of knowledge that is associated with this. Friedman suggests that two options
are the implementation of a currency board or floating rate system. In the ideal scenario, a currency board
would have the discipline to manage the system so that when a balance of payments deficit appears it is
tied to a decrease in high-powered money. The more effective system would be to implement a floating
rate system where the exchange rate absorbs pressures that would lead to a crisis through a pegged
currency. This later system also helps to preserve national monetary freedom.

Many modern economists such as Rodrik (1998) are proponents of capital controls due to a direct distrust of
markets. Others such as Friedman and Henderson (1998) hold reasonable views of markets where they see
that “foreign exchange markets are a continuing, minute-by-minute election in which everyone with wealth
at stake, including residents of the country, gets to vote, an election in which the winners are those
countries whose governments have the most pro-growth policies”.
all other things being equal

Conclusion

The use of a fully flexible exchange rate results in capital inflows causing an appreciation of the currency.
This appreciation is expected to result in the deflation of pricing for international imported goods shifting
consumption, and this tends to reduce inflationary pressure within the country. Ceteris paribus, when we
compare rigid and flexible exchange rates, we would expect that inflationary pressure would increase the
rigidity of the exchange rate system.

Capital controls allow governments to act in the interest of politicians. They increase the ability to cover up
the damage to the economy that excessive policies enable and to cover-up the long-term effects of the
business cycle that results from their actions. This ability to hide the damage that is being done naturally
results in even more damaging policies being selected. Politicians and government officials are incentivised
for this type of behaviour. It is outside the scope of this paper, but it is believed that the introduction of
effective laws over property and bankruptcy would do far more to alleviate problems in developing
economies than can be achieved through the introduction of capital controls.

References

1. Calvo, Guillermo, (1995). “Varieties of Capital Market Crises”, mimeo, University of Maryland.

2. Calvo, Guillermo, Leonardo Leiderman &Carmen Reinhart, (1994). “The Capital Inflows Problems: Concepts
and Issues”, Contemporary Economic Policy, Vol.12, Pp. 54–66.

3. Calvo, Guillermo & Enrique Mendoza, (1998). “Rational Herd Behavior and the Globalization of Securities
Markets”, mimeo, University of Maryland.

4. Cogman, David, and Richard Dobbs. “Financial crises, past and present.” McKinsey Quarterly (2008).
5. Corsetti, Giancarlo, Paolo Pesenti & Nouriel Roubini, (1998). “Paper Tigers? A model of the Asian crisis”,
mimeo, NYU.

6. Devenow, Andrea & Ivo Welch, (1996). “Rational herding in financial economics”, European Economic
Review, Vol. 40, Pp. 603–15.

7. Diaz-Alejandro, Carlos, (1985). “Good-bye Financial Repression, Hello Financial Crash”, Journal of
Development Economics, Vol. 19.

8. Dornbusch, Rudiger, (1986). “Special Exchange Rates for Capital Account Transactions”, World Bank
Economic Review, Vol. 1 , September, Pp. 3–33.

9. Eichengreen, Barry, Andrew Rose & Charles Wyplosz, (1996). “Is there a safe passage to EMU? Evidence on
Capital Controls and a Proposal” , in The Microstructure of Foreign Exchange Markets, edited by Jeffery A.
Frankel, Giampaolo Galli, and Alberto Giovannini.

10. Fleming, J. Marcus (1962). “Domestic financial policies under fixed and floating exchange rates” . IMF Staff
Papers. 9: Pp. 369–379. Reprinted in Cooper, Richard N., ed. (1969). “International Finance”. NY Penguin
Books.

11. Flood, Robert & Peter Garber, (1984). “Collapsing Exchange Rate Regimes: Some Linear Examples” ,
Journal of International Economics, Vol. 17, Pp. 1–17.

12. Flood, Robert & Nancy Marion, (1998). “Perspectives on the Recent Currency Crisis Literature” , IMF
Working Paper, WP/98/130.

13. Friedman, Milton, (1998). “Markets to the Rescue” , Wall Street Journal, 10/13/98.

14. Goldfajn, Ilan & Rodrigo Valdes, (1997). “Capital Flows and the Twin Crises: The Role of Liquidity” , IMF
Working Paper, WP/97/87.

15. Haque Nadeem Ul, Donald Mathieson & Sunil Sharma, (1997). “Causes of Capital Inflows ad Policy
Responses to them” , Finance and Development, IMF Publication, March 1997, Pp. 3–6.

16. Henderson, David R., (1998). “Let capital flow freely” , The Wall Street Journal, 09/10/1998.

17. Kaminsky, Graciela, Saul Lizondo & Carmen Reinhart, (1997). “Leading Indicators of Currency Crises” , IMF
Working Paper, WP/97/79.

18. Kaminsky, Graciela & Carmen Reinhart, (1996). “The Twin Crises: The Causes of Banking and Balance of
Payments Problems” , mimeo, Board of Governors of the Federal Reserve System, Washington, D.C.

19. Krugman, Paul, (1979). “A Model of Balance-of-Payments Crises”, Journal of Money, Credit and Banking,
Vol. 11, №3, August 1979, Pp. 311–325.

20. Krugman, Paul, (1998). “What happened to Asia?” , mimeo, MIT

21. Lacovone, Leonardo & Zavacka, Veronika, (2009) “Banking Crises and Exports: Lessons from the Past”
(August 1, 2009). World Bank Policy Research Working Paper Series, 2009.

22. McKinnon, Ronald & Huw Pill, (1996). “Credible Liberalization and International Capital Flows: the
Overborrowing Syndrome” , in Financial deregulation and integration in East Asia, Ed. Takatoshi Ito & Anne
Krueger, Chicago University Press: 7–42.

23. Miller, Victoria, (1995). “Central Bank Reaction to Banking Crises in Fixed Exchange Rate Regimes” ,
mimeo, Universite de Quebec a Montreal.

24. Mishkin, Frederic, (1996). “Understanding Financial Crises: A Developing Country Perspective” , in Annual
World Bank Conference on Development Economics, World Bank, Washington D.C., Pp. 29–62.

25. Mundell, Robert A. (1963). “Capital mobility and stabilization policy under fixed and flexible exchange
rates” . Canadian Journal of Economic and Political Science. Vol. 29 (4): Pp. 475–485.

26. Obstfeld, Maurice, (1986). “Rational and Self-Fulfilling Balance of Payments Crises” , American Economic
Review, 76 (1): 72–81.

27. Obstfeld, Maurice, (1994). “The Logic of Currency Crises” , Banque De France, Cahiers

28. Economiques et Monetaires, №43, pages 189–213.

29. Obstfeld, Maurice, (1996). “Models of currency crises with self-fulfilling features” , European Economic
Review, 40: 1037–47.

30. Radelet, Steven & Jeffery Sachs, (1998). “The East Asian Financial Crisis: Diagnosis, Remedies, Prospects” ,
mimeo, Harvard Institute for International Development.

31. Reinhart, Carmen M. & Carlos A. Vegh, (1996). “Do Exchange Rate-Based Inflation Stabilizations Sow the
Seeds of their Own Destruction?” , mimeo, International Monetary Fund.

32. Rodrik, Dani, (1998). “Who needs Capital Account Convertibility?” in Should the IMF Pursue Capital
Account Convertibility? Ed. Peter Kenen, Essays in International Finance, №207 (May), International Finance
Section, Department of Economics, Princeton University.

33. Salant, Stephen & Dale Henderson (1978), “Market Anticipation of Government Policy and the Price of
Gold” , Journal of Political Economy, 86: 627–48.

34. Stiglitz, Joseph, (1998). “Boats, Planes and Capital Flows” , Financial Times, 03/25/1998.

35. Stoker, James, (1995). “Intermediation and the Business Cycle under a Specie Standard: The Role of the
Gold Standard in English Financial Crises, 1790–1850” , mimeo, University of Chicago.

36. Tobin, James, (1978). “A Proposal for International Monetary Reforms” , Eastern Economic Journal, Vol. 4,
Pp. 153–59.

37. Velasco, Andres, (1987). “Financial and Balance of Payments Crises,” Journal of Development Economics,
27: 263–93.

38. Vinals, Jose, (1996). “A Comment: In response to Eichengreen, et al. (1996b),” in The Microstructure of
Foreign Exchange Markets, Ed. Jeffery A. Frankel, Giampaolo Galli & Alberto Giovannini.

Wong, Kar-yiu, (1998). ‘’Housing Market Bubbles and Currency Crisis: The Case of Thailand, ” mimeo,
University of Washington; available at http://weber.u.washington .

[1] For an alternative approach to Her Behavior, see Flood & Marion (1998) in the case of partial explanations
to the Asian crisis and Wong (1998) in respect to real estate speculation in Thailand.

[2] This includes real estate and interest rate derivatives.

1/5 Bitcoin and the connection to contracting
By Craig Wright | 11 Jul 2017 | Bitcoin & Blockchain Tech
An introduction to contractual formation

Technological developments and the advent of the Internet, and now electronic peer to peer cash have led to
new paradigms in international as well as local commercial activity. These developments have reduced the
certainty of contractual negotiations leaving a commonly held belief that the law of offer and acceptance
does not readily apply to such transactions when conducted online ( Rasch, 2006 ). Some in the Digital
currency world go as far as to exclaim, “crypto is law” or even “code is law” and forget [1] that the law does not
end at the border of an electronic contract [2] .

Dealings and transactions that formulate or initiate contractual negotiations are not restricted to the written
word. The law of offer and acceptance applies to new technology in the same way that it applied to
technological advances of the past. This series of posts explores the issues that have created uncertainty
around contractual dealings with the advent of Bitcoin. It is necessary both to consider the origins of
contractual law and to investigate cases that will apply too and formulate the conditions necessary to create
contractual certainty in commerce when answering this dilemma.

The increased use of international commercial transactions using the Internet has been enhanced using
technologies such as Bitcoin, but this also creates another concern. In the past, international commercial
transactions were generally restricted to negotiations between commercial entities. The Internet and digital
currency use has increased the scope of business to consumer dealings, and even consumer-to-consumer
transactions across jurisdictional borders. The result is that, the formation of contract using the Internet for
digital currency and electronic contracts segregates the law into two distinct categories. These categories
include both those negotiations that occur strictly within a single jurisdiction, and next, those negotiations
that involve multiple legal jurisdictions.

Further concerns extend the focus to the relationship of parties. Case law has grown to encompass Web
based transaction engines that act as third parties during the process of offer and acceptance. This
interaction can complicate the formation of contract. The integration of electronic contracts and digital cash
only extends this. The result ( Debenhams Retail Plc v Customs and Excise Commissioners [2004] ) is that it is
necessary to determine the legal standing of the third party when the court seeks to answer questions of
contract law. The third party could be a party to the contract, an agent or one of the two contracting parties,
or may just be an ancillary facilitator or medium, across which, and through whom the contractual
bargaining occurs ( McKendrick [1], 2005, Pp163–164 ).

Lord Steyn ( Butterworths; The Law of Contract, 1999, Forward ) reminds us “. . . it is wise for practitioners to
bear in mind that the higher you go in the legal system the more important it is to concentrate on the
footholds of the secure theoretical foundations.”

Without legislation detailing the legal position of electronic contracts, the process of offer, acceptance and
the terms of a contract created using the digital currency (as with Bitcoin incorporated smart contracts) will
establish itself by means of the general law of contract. This will happen for the most part in the same
manner as for the negotiation of terms of a contract in the physical world ( Lee, 2002, Pp 62–100 ). Thus,
establishing offer, acceptance and the terms of a contract remains the same whether the form is in writing,
orally, or implied though the conduct of the parties in the same manner as existed prior to the rise of
ecommerce over the Internet through Bitcoin.

The Electronic Communications Act 2000 [ECA] (Statutory Instrument 2000 №1798) had alleviated much of
the uncertainty in the formation of an electronic contract. We shall investigate both the definition of an
electronic contract and consider other supporting legislation in this series of posts looking at the foundations
of digital contract law. The ECA cannot ensure that there are no areas of uncertainty in the formation of an
electronic contract, this remains especially true when new technologies such as Bitcoin are involved. It will aid
our investigation to explore the effects of the ECA on contract formation within the UK, looking in particular
at its effect on contract formation and certainty.
In stating that the ECA has not removed all uncertainty from electronic contract formation when allied to
contracts formed using to Bitcoin, we need to explore two key arguments. Firstly, legislation such as the
Electronic Signatures Regulations 2002 [ESR] (Statutory Instrument 2002 №318) is well understood now
following its introduction. This legislation went a long way in assuaging the uncertainty surrounding
technologies such as digital signatures and as a consequence set the foundations for the legislative
acceptance of Bitcoin. Logically, it must follow that if additional legislation was needed to improve on the
ECA, that the law could buy itself not remove all uncertainty in electronic contract formation nor was it the “f
inal piece of the jigsaw in creating an enforceable electronic contract ”. An attached digital signature is hence
clearing defined within the law and the foundation of digital Bitcoin contracts that are based on the
exchange of value using digital signatures has been set.

The alternative argument reminds us that contractual formation is inherently uncertain in and of itself (
Gamage & Kedem, 2006 ). Being that electronic contracts form a logical subset of the contractual superset
and that there is uncertainty within contract formation in general; it must naturally follow that there are
areas of uncertainty, which will remain in the formation of electronic contracts, subsequent to the
introduction of the ECA and with the introduction of new technologies (such as Bitcoin). The ECA, though
having alleviated many difficulties facing the formation of electronic contracts, cannot remove contractual
uncertainty. The result is, we cannot see that “code is law”, but rather, code is evidence in the creation and
defense of an electronic contract.

[1] http://blog.cryptoiq.ca/?=534

[2] http://www.coindesk.com/code-is-law-not-quite-yet/
2/5 Bitcoin and the connection to Contracting
| 13 Jul 2017 | Bitcoin & Blockchain Tech
By Craig Wright
Issues with electronic contracting in relation to Bitcoin

The Internet is fundamentally a means of communication. Issues with law that have arisen because of
the Internet are thus a result of the differences between communication in the physical world and
communication using the Internet. Contractual negotiations are the result of a series of communications
that create a legally binding agreement. For this reason, there is little difference between contracts
made online than those formed through face-to-face communication. The facts surrounding the form of
the communication are the primary difficulty. This has not changed in any way following the
development of Peer to Peer electronic cash and contract systems including Bitcoin.

At the most fundamental level, the existence of an offer and an acceptance is one of the primary
requirements for the creation of a contract. The set of laws used to determine whether there has been a
valid offer and an acceptance created across the Internet or a mere invitation to treat have their lineage
in the case law concerning postal and telex communications.
What is important to remember is that the Internet is not a single communications channel. Bitcoin (and
other crypto currencies) are also, as a protocol overlayed on the Internet, subject to this position in law.
The Internet is a collection of separate protocols used to communicate over the same physical
connection.

The result of this collection of protocols is that different legal issues will apply to the individual
communication protocols. Protocols such as e-mail correspond to the process of sending a letter by
post. A result of this is that we can match the physical world laws to the corresponding situations
created by each of the individual Internet protocols. In this manner, we may see that the World Wide
Web could be analogous to a mail order catalogue based purchasing system. The same principles
govern the process of contractual creation whether the process is faster or not. Analogously, Bitcoin is
clearly a means to exchange value or consideration.

As an offeror may stipulate the method of acceptance ( Eliason v Henshaw [1819] & Manchester Diocesan
Council for Education v Commercial and General Investments [1970] ), it would be wise for parties to
agree to the form of acceptance prior to the conclusion of the contractual negotiations. The recipient
does not have to accept a form of payment unless in a form that is defined to be legal tender. As Bitcoin
is not considered to be legal tender, the parties engaged in exchange need to come to an agreement to
accept Bitcoin as consideration.

A further important issue that surrounds Bitcoin based contracting is the general rule of law that, for an
acceptance of an offer, it must be “communicated” to the offeror ( McKendrick [1], 2005; Pp43–44 ).
Under normal circumstances, the offeror must receive the acceptance before a contract will come into
existence.

Where a merchant has posted a Bitcoin address and the acceptance includes payment using Bitcoin to
the proffered address, we can start to easily apply contract law. In this instance, we have a clear record
of the contract where the digital signatures are not pruned. Even without the signature pruned, we need
to maintain further evidence. With the incorporation of tagging technologies in Bitcoin (such as
OP_Return), this can be simplified further.
3/5 Bitcoin and the connection to contracting
By Craig Wright | 15 Jul 2017 | Bitcoin & Blockchain Tech
What is an “Electronic Contract”?

When contrasting contractual principles, it is clear that unless a contract is required to be in writing (
Columbia Law Review, Apr., 1929 Pp. 497–504; Columbia Law Review, Jun., 1907, pp. 446–449; McKendrick, E,
2005, p 184 ), that little additional uncertainty could be created where the contract is completed
electronically. In fact, electronic evidence must hold greater weight than verbal evidence ( Lord Justice Auld,
Sept 2001, Cpt 11 ). What is not clear is the extent of the weight attached to the various forms of electronic
evidence. The strength of a digital signature algorithm and the security surrounding the mechanisms used
to sign an electronic document will respectively influence the weight associated with any piece of
electronic evidence. The nature and form of the signature will also influence the weight that the court
attaches to it. Attached signatures would clearly be simpler to attribute and hence hold a greater
evidentiary weight.

It has been argued that the digital contract may appear on the computer screen to consist of words in a
written form but merely consist of a virtual representation (Allison et al, 2003). The ECA has removed the
uncertainty and doubt surrounding the question as to the nature of electronic form used in the
construction of a contract. In this, the ECA specifies that the electronic form of a contract is to be accepted
as equivalent to a contract in writing. The result of this legislation and the subsequent case law is that
payment to a merchant who offers to accept consideration by the exchange of peer to peer electronic cash
(in the form of Bitcoin) remains clear in at least the basic uses of Bitcoin for a simple exchange.

An electronic contract has a twofold structure. When it is thought of electronically, the contract is a
sequence of numbers and code saved to some electronic or magnetic medium. In the case of Bitcoin, this is
documented widely on the Blockchain in a manner that cannot be redacted nor altered. The contract
becomes perceptible through a transformation of the numeric code when broadcast to a computer output
device such as the Bitcoin wallet ( Bainbridge, 2000; Reed, 2004; Brownsword, 2000 ). Prior to the passing of
the ECA, this dichotomy exasperated the uncertainty contiguous with whether an electronic contract can
be regarded as being a contract in writing.

The English legal doctrines of offer, acceptance and consideration when coupled with an intention to
create legally binding relations define the necessary conditions for the creation of a contract. There is no
necessity for the most part [ Excluding contracts such as for the transfer of real property, which are covered
by a variety of specific acts ] that any contract be concluded in writing.

The question as to whether contracts performed electronically are legalistically equivalent to writing comes
more to a question of evidential weight and the application of the parole evidence rule ( Durtschi, 2002; Lim,
2002 ). By stating that electronic contracts are equivalent to writing, the ECA has in effect, forbid the
introduction of extrinsic evidence which could change the terms of the electronic contract.

The question would remain as to a determination of whether the electronic communications contain the
final agreement between the parties. Where some, though not all, of the terms are agreed in the electronic
communication, a partial integration will result in the allowing of extrinsic evidence ( Treitel, 2003 ).

The ECA did little to suppress the disputes surrounding the evidential weight attached to an electronic
signature due to the receipt of several objections [ Eg., London Borough of Newham for the National Smart
Card Project (2003) ] prior to the passing off the bill. Accordingly, when the Act was passed on 25 May 2000
its provisions as to the weight of electronic signatures did not meet the objectives of the EC Directive on
Electronic Signatures and where less detailed. Section 7(1) provides:

‘In any legal proceedings-

(a) an electronic signature [176] incorporated into or logically associated with a particular electronic
communication or particular electronic data, and
(b) the certification [177] by any person of such a signature, shall each be admissible in evidence in relation
to any question as to the authenticity of the communication or data or as to the integrity of the
communication or data.’
OP Codes and the push to confuse.
By Craig Wright | 07 Jun 2018 | Bitcoin & Blockchain Tech
A certain group of BTC Core developers have their (one day but not in my lifetime) sidechains that will
enable OP_Codes that have been left broken in BTC (and which are working in BCH).

In this post I will pick on the lack of thought of some of these by demonstrating how you can create the
same outcome without a new OP_Code.

Dup from Alt Stack

This copies a value to the Main from Alt stack leaving the Alt stack as it was.

SWAP Stack
Swaps the Main and Alt Stack.

We have now swapped the stack locations.

Dup TO ALT Stack

This copies to the Alt Stack while leaving a copy on the main stack. We do this as:

SWAP CAT
The command works as:

We can do this as follows in reverse as:

Using the following:

Good developers do not reinvent the wheel and sell it as if that makes them smart.

Basically, all that these commands allow is already there… if you think.
Lightning is malleable… Steel is not
By Craig Wright | 19 Jun 2018 | Bitcoin & Blockchain Tech
A little-known fact is that even Bitcoin is a security. The mistake is thinking that this is the issue. Bitcoin is a
security that is outside of the S.E.C.’s bailiwick. Bitcoin falls within a few extremely narrow exclusions in the
law. These came about as the U.S. Congress “ did not intend to provide a broad federal remedy for all fraud ”
[1]. Although Bitcoin is a security, the S.E.C. is constrained as to what it can act against [2]. There are
securities, and there are securities that must be registered. Bitcoin, at least in the form of cash, is a currency
and whatever may be created within it and the scripts it allows leaves Bitcoin itself as fundamentally an
excluded security.

Items ruled to be securities

Too many armchair lawyers believe that they can understand law from a cursory review of Wikipedia. There
are many reasons that I do not like Wiki, and the way it leads people to false conclusions is just the tip of
this. That, however, is not the focus of this piece. There are many things under U.S. securities law that are
securities. Some of these cover all the requirements to incorporate both Lightning and Bitcoin Core as a
base instrument in the purview of the S.E.C.

Two commonly cited examples include cases involving commemorative medallions [3] and that of Gold
Bullion sales [4]. These are far from extensive, and as the 1975 decision in United Housing Foundation v.
Forman [6] demonstrates, there will generally be an expectation of profit.

The addition of a system that makes the underlying network redundant in the long term is a thought-
provoking development in Bitcoin Core. The addition of a second layer fee structure [7] alters the nature of
Bitcoin in fundamental ways, changing the requirements of the system and introducing an overlay network,
Lightning, as an exchange system of promissory notes.

The fee for Lightning payments is paid by the sender. It is a requirement that the sender creates a
transaction that contains adequate funds above the intended base transaction to pay fees to all lightning
nodes along the route. Each hub in a channel acts as a paid money forwarder. It is interesting to note that
Lightning is a form of security itself. The use of a promissory note has long been held to be a security, and a
long history of judicial review covers this topic.

In “ SEC v. Western Pac. Gold & Silver Exch. Corp .” [3], the SEC issued a No-Action Letter to protect investors.
While the SEC does not directly regulate the bullion trade, it does act to regulate trade built around that
using abstract instruments. The creation of a promissory note or futures instrument is undoubtedly an
instrument the SEC regulates. In this, we see the strong analogy between commodity notes and Lightning.
Lighting is a means to issue a promissory note over a commodity (Bitcoin Core). As a HTLC [8] is a
Promissory note .

A promissory note is an unconditional promise in writing made by one person to another signed by the
maker, engaging to pay, on demand or at a fixed or determinable future time, a sum certain in money, to,
or to the order of, a specified person or to bearer. This is well defined in the [13] UK Bills of Exchange Act
(1882). From this, we see the definition of a promissory note:

· The instrument must contain an unconditional order or promise (respectively)

· Must be in writing (Electronic communications are deemed to be in writing).

· Must be addressed by one person to another (this does not require the strict naming of a modern AML
system, but can be a code

· Must be signed by the drawer (the person making the order or promise, and this may be using a digital
signature)

· A promissory note is an unconditional promise in writing made by one person to another signed (digital
signatures are ok) by the maker, engaging to pay, on demand or at a fixed or determinable future time, a
sum certain in money, to, or to the order of, a specified person or to bearer.

In the UK for example, there are distinctions as to form with a “ note which is, or on the face of it purports to
be, both made and payable within the British Islands is an inland note. Any other note is a foreign note ”. In
this, the use of cross-border payment nodes would become more complicated.

Looking deeper into a system such as Lightning, we start to understand the creation of a promissory system
and set of electronic notes that start through the use of a commodity backing and can later move to
become a purely fiat based construction.

We see this in the traditional flow diagram below. This system has Lightning nodes act as the banks issuing
a commodity secured note. In this, the note is secured using Bitcoin. That stated, it is analogous to any
promissory note.

The securities case that is commonly cited as to what is not a security is erroneously used in the negative by
most lawyers. The Howey case [5] did not constrain the court, rather, this case set the precedent that the
courts will not be constrained into what they may interpret as what can constitute regulation as a “security”.
This case sets the baseline as to what forms a security, not the bounds. The power of the S.E.C. and the
courts is higher than this lower limit. From this case, the U.S. Supreme Court upheld the will of Congress to
leave the scope of the term open to judicial interpretation was upheld.

That stated promissory notes fall within the range of SEC and other provisions. They are defined under
AML/CTF laws as bearer instruments .

Longines Symphonette Soc’y [3] demonstrated how widely a security can be defined. In this scheme, the
promoters of the commemorative medallion stated they would repurchase the product from the buyer.
This guarantee of being able to move the collectable was itself a security.

Interestingly, Bitcoin is unbacked pure commodity currency. This places it under the exemptions of 15 U.S.C.
§ 77c(a) (2000) [2]. Not as “Digital Gold” but as cash. The system completes each exchange. Unlike Lightning,
where a forward instrument is used (with penalties), Bitcoin is the commodity with a direct payment in that
form.

An interesting case that can demonstrate this point is that of Sauve v. K.C., Inc. [10]. In this case, the US
Supreme court acknowledged that Washington did not follow the risk capital test. This judicial assessment
demarcates a security as “ requiring only that risk capital be supplied with a reasonable expectation of a
valuable benefit but without the right to control the enterprise .” [1] Lightning hubs are profit-seeking
enterprises or ventures. The distinction from mining is in the scope of the exclusions to these laws and that
used by the SEC.

It is also something that will require LN Hubs to comply under the various AML/CTF regulations. It is foolish
to think any cryptocurrency cannot be stopped. It can unless it is used widely enough to ensure that it is not
a political target. Right now, all the space is too small to be a real concern. It is not even 0.1% of the daily
monetary velocity. This lack of concern can change rapidly.

Ability to move across chains

Let us now consider one of the sale points around lightning; that of Cross Chain payments. The image below
from a site promoting Lightning details the effects of this system.

We see the aim clearly in the example. This is the exchange of multiple coins using the overlay system of
promissory notes (an analogous system to modern debt banking). What is not explained in this system, is
the requirement for extended life channels.

Parasitic
The last start of a system such as Lightning is the creation of a system that mirrors a Strangler fig. This is
portrayed in the image below. The Lightning system itself becomes the token, leaving Bitcoin, Litecoin and
all Blockchains as dead and hollow ghosts of their former state. The myth is that we need to have an
underlying system such as Bitcoin. I say myth here as the truth is we live in a world where legal tender is no
longer backed by sound monetary policy and is designed to support the goals of the state.

In time, if Lightning was to become a trusted medium of exchange, it leads to the perverse scenario where
it no longer requires a commodity base to make it work. This leads to a system of State currency that eats
cryptocurrency (such as Bitcoin) away leaving only the promise of what it was. Some will get rich from this,
but the system will not be Bitcoin, it will be a form of government exchanges and banks that swap account
balances.

You can be told how this will never occur, but there is no other end. Exchanges and Lightning hubs are
already systems that come within the control of the legal system. Once the controls and requirements to
alter balances are incorporated (and this path leads to a Proof of State system with a Ripple-like consensus),
the system is just the shell of what created it.

Lightning becomes the system that enslaves, not the system that frees the world.

Miners
One major issue is the funding of the miners. Bitcoin has a looming issue. It needs to scale or die. In two (2)
years, the Block Reward drops to only 6.25 Bitcoin every 10 minutes. In six (6) Years this drops again to only
3.125 Bitcoin and in ten (10) years, just 1.5625 Bitcoin reward each block.

In the same six and ten years respectively, the effects of Moore’s law on ASIC systems will increase the
amount of computational power required to maintain the same level of security by 16 and 100 times
respectively. If we add investment to this model, the requirement will be for a system to scale in power
4,000 and 1,000,000 times respectively. The reasons for these following values are to account for the
increase in use. If Bitcoin is to grow to a global system in a decade, we can expect that the investment will
allow the number of machines to increase as well as the level of computation power and efficiency.

The requirement is each block will need to earn more to be secure. With more machines available, the price
per machine decreases. Even to maintain the same level of security as we experience today, the network
will need to be at least 1,000 to 10,000 times more powerful in a decade.
This will require the mythical 100k to 1 million USD Bitcoin valuation. The problem is that this also requires
direct use of the system, that is, on-chain. The problem few like to address is the division of fees between
lightning hubs and miners, more, the ability to swap chains (as is only lightly alluded to in BTC to LTC swaps)
and the fees required to use a system such as Bitcoin. We could expect a level of more than 1,000 times the
number of systems in a decade. This is a world, where ASIC production starts to become extremely
competitive (it is not competitive now).

As stated above, Lightning would become a parasite that takes from all mined coins. The system competes
on fees, and the only equilibria that can come from this is a beggar thy neighbour strategy where the lowest
fee not between competing miners, but in competing systems. This sounds good until you start to
understand that the competition does not require long-term viability, it can be a simple system that fails in
a year but can be easily exchanged. The promise of Bitcoin is diminished from this. Contracts that require
long-term immutable storage end with the control of third parties and many use cases on Bitcoin vanish
altogether.

However, it is digital
There is a false claim that is made all too often. In the Matter of Consolidated Investment Services Inc. [12], an
Administrative Law Judge of the S.E.C. found that the securities dealer in question who offered non -existent
high yield certificates of deposit could be subjected to the Anti-fraud provisions of the Securities Act. This
finding started that the “ [n]on-existence of an instrument does not logically preclude it from being defined
as a security ” [2] . The consequence of this being that a security formed using electronic means, and hence
being more “real” than a fraudulently created offer can be a security.

The claims that systems such as Lightning are not or should not be recognised as a security thus fails to
hold water. The issue is not if a cryptocurrency or even overlay (Lightning) is a security, but if the system in
question falls outside the narrow range of exclusions that allow selected securities not to require
registration. Unfortunately, as we have shown, many systems (including the Lightning Network) do not fall
outside these provisions.

Malleability
It has been (deceptively) argued that for Bitcoin to use Payment channels, a malleability fix is required. This
was and never shall be the case. Payment channels have been a feature of Bitcoin since the initial release. It
was later that many of the features that helped make this simpler have been disabled and removed.

The truth is one of bitcoin being stronger as an alloy. SegWit (Segregated Witness) was incorporated into
bitcoin to remove a (disingenuously) created vulnerability that never existed. The argued reason was to
allow Bitcoin to utilise payment channels [11]. The truth is payment channels do not require non-malleable
transactions. The only requirement for removing Malleability is to allow Lightning to act as a promissory
note over Bitcoin and other blockchains. That is, to allow it to consume Bitcoin and to remove the economic
system that created bitcoin.

The Lighting System differs from anything that Bitcoin used. It is a system of punishment-based bi-
directional payment channels. It uses negative inducements rather than positive economic incentives as
would be the case in Bitcoin natively. Punishment based channels of the form implemented in Lightning
require a malleability fix. Payment channels and even atomic swaps can be completed without a
malleability fix. A non-issue.

A high-frequency system such as we see discussed above never required malleability to be removed.
Malleability is of no concern to this system.

The thing that matters far more than any of the technical uses of Malleability [3] is what malleability breaks.
It makes the creation of a parasitic overlay more difficult and economically less viable. Bitcoin is a system
that is resilient in many ways. The central aspect of this is that in its true form, it can capture other systems
while remaining challenging to capture itself. More than anything else, SegWit and related “fixes” remove
this resilience.

Without some level of transaction Malleability, the system can easily fragment into many coins, and these
can then be captured (and consumed) by a system that is a digital equivalent of the existing fiat system. If
you want to create a system that replaces fiat with a system controlled by the banks and government but
which is more insidious… then you should be supporting SegWit and Lightning.

A miner of Bitcoin Core (BTC) should be concerned. BTC Hodl’ers should be concerned. Lightning required
that malleability be removed as this allows the system to move to long-term channels that with cross chain
swaps can eventually remove the underlying commodity cryptocurrency. As noted above, this in all forms is
a security and is in the range of systems that require registering and management under the various
AML/CTF laws.

In any system where there are asymmetries, one side has an advantage. In Bitcoin, the network was
incentivised asymmetrically to allow for the growth of a small world and eventually a near complete graph.
In Lighting, this forms a loose mesh with a small number of centrally controlled choke points. The
economics of each system are designed with distinctly separate goals in mind.

Removing transaction malleability does not make Bitcoin more secure, it allows for a system of off chain
swaps. It makes the creation and integration of side-chains simpler and removes one of the critical aspects
of Bitcoin, scarcity. When Lightning (or another system in a similar form) can set the terms of the
settlement and, in time even alter settlement to remove the requirement to hold the currency, we end
where we are now. A system that has and will be debased.

At least Bitcoin Cash (BCH) managed to avoid this trap.

To conclude…
In the coming weeks, I am going to start to document and detail how many of the less well-known parts of
Bitcoin (and any long-term viable cryptocurrency) all fit together.

We will explain later in the coming months how we can do Group signatures (as Schnorr is touted as a
solution) using ECDSA. This is a method we have created that remains to many as impossible. For all of that,
it is a form of signature that can be used on any ECDSA based system allowing for greater privacy. This
system allows us to combine both keys and signatures privately without sharing keys. The added keys
become a single valid key and Bitcoin address. The signature as seen on the Transaction and blockchain is a
single signature. The process is additive with no sharing of the keys.

Oh, we do not require OP_Codes and protocol changes to make this work. Bitcoin supported the
development of complex payment channels from Jan 2009. The difference is that these are channels that
do not allow other systems to subvert and consume bitcoin.

A few of the other topics to be addressed include Partnership law, Securities law and more advanced
tokens, Key aggregation and new security techniques and more.

Many deliberate that as they are not forming or a member of a company, that there is nobody in the group
to go after, this cannot be further from the truth. As a development group, it is likely that the entity forms a
Full Liability Partnership. This means that all members of the groups are exposed to all liabilities that can
result from the actions of all other members. The truth is, incorporation protects the shareholders and
members of a group. It allows for the limitation of liability such that the actions of one member do not
always result in the reciprocal debt and liability of others.

Following this posting, I shall also start to delve into the positive uses of Malleability in scripts as well as
more issues and problems that come about through misplaced “fixes” such as SegWit.

This is just the introduction . The topics posted here will be discussed in depth. Technology, legal issues
and more going forward.
References
(1) Marine Bank v. Weaver, 455 U.S. 551 (1982).

(2) E.g. 15 U.S.C. § 77c(a) (2000) {Exempting from registration a narrow range of instruments that are
otherwise securities}

(3) Longines Symphonette Soc’y, SEC No-Action Letter [1972–1973 Transfer Binder] Fed. Sec. L. Rep. (CCH) ¶
79,151 (Nov. 10, 1972).

(4) SEC v. Western Pac. Gold & Silver Exch. Corp., [1974–1975 Transfer Binder] Fed. Sec. L. Rep. (CCH) ¶ 95,064
(D. Nev. Jan. 30, 1975)

(5) Howey, 328 U.S. at 294–96

(6) United Housing Foundation v. Forman, 421 U.S. 837 (1975).

(7) Lightning Fee Calculation: http://github.com/lightningnetwork/lightning-rfc/blob/master/03-

transactions.md#fees

(8) Hashed Timelock Contracts http://en.bitcoin.it/wiki/Hashed_Timelock_Contracts

(9) BILLS OF EXCHANGE ACT 1882. Part IV, 1882 c. 61 (Regnal. 45_and_46_Vict), Part IV:
http://www.legislation.gov.uk/ukpga/Vict/45-46/61/part/IV

(10) Sauve v. K.C., Inc., 91 Wash. 2d 698, 591 P.2d 1207 (1979)

(11) Working with micropayment channels http://bitcoinj.github.io/working-with-micropayments

(12) Consolidated Investment Services Inc., Admin. Proc. File №3–8312, Initial Decision №59, 1994 SEC LEXIS
4045 (Dec. 12, 1994)

(13) UK Bills of Exchange Act (1882)

Negotiable Instruments
By Craig Wright | 02 Jul 2018 | Bitcoin & Blockchain Tech

From Simmons v. London Joint Stock Bank [1]; the House of Lords overturned the lower court on appeal to
set the definition of a negotiable instrument. This form of security is one, the property in which is acquired by
any one who takes it “ bona fide ” and for value. This is perfected notwithstanding any defect of title in the
person from whom the receiver took the instrument.

From this, it follows that an instrument cannot be deemed negotiable otherwise. Further, it is necessary that
the true owner can transfer the contract or engagement encompassed by the simple delivery of the
instrument.

Bona Fide : Genuine, Real

Without intention to deceive

With good faith

For Value : This indicates that a transaction exists, and

that the drawer of the bill has received good or money from its drawee.

some consideration (money or other value) has been given in exchange (as per the contract terms)

Lord Mansfield in Miller v. Race [2] held that money “ cannot be recovered after it has passed in currency ”. Not
from the thief, but the Bona Fide taker for value from the thief.

What I shall explain here is that Bitcoin is a negotiable instrument. It is perfected when passed from one party
on-chain to another. Unfortunately, Bitcoin is not always a negotiable instrument and does not always have
the protections under law that such a form of security maintains.

One counter to negotiability, on the Bitcoin Core chain is Lightning. Here, a transfer is more like a cheque and
is only perfected later. Delivery would be deemed to occur only when the channel closes. And, until this point,
the payment remains at risk.

Gift
The use of a transfer “for value” is an important distinction. A gift is not held to be for value. This is important
as the status of a negotiable instrument imparts many benefits. For one, the state can force recovery.

Bitcoin and Keys

A flaw int the “ Code is Law ” fallacy is that cryptographic keys do not stop a court assigning an asset. You can
destroy a key, but this merely stops all access to the key, not the courts ability to enforce payment. A court
can also hold a party in Contempt for not delivering value (leading to an indefinite period of incarceration
without trial). More, intentional destruction of the keys could be deemed a crime.
More, a court can liquidate other assets. A Token tied to share equity can be re-assigned no matter the state
on a blockchain. If a court orders a payment, the fact that you refuse top pay leads to a few possible
conditions:

· You are held in contempt until you pay

· You have your assets seized against your will

· The court assigns the ownership of the property to another and the system is updated

· You go away and live as a fugitive

Bitcoin when transferred as a negotiable instrument cannot be recovered.

If, Alice has received stolen Bitcoin and the law located her, and they find she has sold the Bitcoin to Bob for a
holiday that cannot be recovered (Alice had a good time), then Bob is safe if he was unaware of the nature of
the Bitcoin being illegally obtained.

Lightning is not a negotiable instrument. If Bob has a balance, then the state can have these funds forcibly
recovered. Alice paying Bob on-chain is a perfected exchange. A lightning exchange is a promissory note. The
distinction is one of real world consequences.

Bob who has received Bitcoin for value now has good title. No matter what, his bitcoin are his. The state
cannot touch them or force a repayment.

If Bob had used Lightning, the defect in the scenario presented is that the delivery remains incomplete. The
state has a legal right to take your assets if you will not return the Bitcoin (or cannot for that matter). An
innocent merchant, who used the Bitcoin from Alice or other funds, but who has this as a Lightning
(Promissory note) debt can be required to return the amounts.

This is why the status of a negotiable instrument is so important.

In Lightning, if you will not hand your Bitcoin keys over, they could sell your car, your house, any asset they
(the state) can get a hold of. This is not the same as cash. As a merchant, what you have received as cash
remains yours (if for value and Bona Fide), what you have as a Visa payment, well that is yours eventually (and
maybe as it can be taken back).

Owning your keys alone does not make you safe, it does not mean you are outside the real world. If you want
to trade and keep what you earn, then using Bitcoin on-Chain is safe. Lightning comes with risk.

I shall continue on this topic later. As I said, Bitcoin is an economic system. It works as it is not some Code is
Law fairy’s tail.
Cases
[1] Simmons v. London Joint Stock Bank, House of Lords, L.R. (1891), 1 Ch. 270; App, Cases (1892), p201.

[2] 2 Green Bag 151 (1890) Miller v. Race (1 Smith’s Leading Cases, 9th ed. 491)
Money Must First Be Stable
| 14 Aug 2018 | Bitcoin & Blockchain Tech
By Craig Wright
I’m writing this in a more accessible format; that is a blog rather than an academic paper.

Many people often wonder why Bitcoin used a 10-minute interval. Bitcoin is configured to adjust to a 10-
minute block interval. However, you will notice that the average time for a block on the actual network
is around 560 seconds or 9.3 minutes. The reason for this difference from the stated 10 minutes is related
to the growth of the network. For the conceivable future we can expect Bitcoin to grow on a near
exponential path following the prediction rates in Moore’s law. As such, we see lower block times.

While discovery in Bitcoin is not actually a Poisson or exponential process it approximates these only
when it is set to exhibit longer block times. One of the primary reasons this holds and I can make this
statement is that Bitcoin is an SEIR process. When scientists model epidemics they use a combined
model relating to the following terms:

– susceptible

– exposed

– infectious

– recovered

In a system such as Bitcoin, or for that matter any decentralised node system, we can describe this as
follows, the susceptible state is one where the network has selected a block and is mining seeking a new
block solution. In this, block zero [B(0)] is known throughout the network and all miners for practical
purposes are mining on it. Next, we have the exposed state. In the exposed state, a miner has discovered
a new block solution. One or more miners hold the solution and are now mining on a new block. This
needs to be propagated from the miner that discovered the hash solution to all other miners. There is a
definite time between the marking of time on an exposed state and the receipt of that block to other
miners.

The next state can be modelled in the infectious state in epidemiology research. Here, the miner has
validated and accepted the received block as satisfying a solution to the block hash and starts
propagating this to other miners. Straight after the validation stage each miner starts seeking a solution
now for block number one following block zero [B(1)].

The expected time to elapse before all nodes know the transaction is:

See the model at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=3151940

The result is not a limit above, but rather an asymptotic equivalence. The fact that the expected time
increases with N is related to the fact that we don’t scale I0 with N. From this we see that when a small
number of poorly connected nodes hold a transaction, and when nearly all nodes have a copy of a block
or transaction, the node’s propagation to the remaining nodes in a Gossip network occurs very slowly.

We can now extend this model to account for censoring and the fact
that when a block is discovered, the block will reset and restart
the process.
Each block received by a node is validated and checked for veracity. When two blocks are mined at
nearly the same time, the first block to be received by a node is included and is verified. The next block
will be placed into the “orphan pool” and is validated after the initially received block. This orphan block
is only added to the main chain for the node, if a further block is added making this a longer chain.

Each node verifies a block before it propagates it to the connected peer nodes. In this way only valid
blocks are propagated, and any invalid blocks are quickly isolated. The Bitcoin Core client lists all the
validation requirements in the following functions:

CheckBlock

CheckBlockHeader

In validating a block, the node will ensure that:

The data structure of the block is formatted correctly.

The block header hash is less than or equal to the set target difficulty for the two-week period.

The timestamp on the block is less than 120 minutes into the future. This allows for some time
drift on mining nodes.

The block size is less than or equal to the value set in the MAX_BLOCK_SIZE parameter.

The initial transaction is a coinbase generation transaction. This is transaction zero for the
block, and pays the winning miner.

No other coinbase transaction is present in the block.

Each transaction in the block is valid. Each transaction, as well as its hash, must be individually
checked and validated.

Next, the block is validated to ensure that:

The transaction index validity is correct.

The transaction hashes are correct.

Spend txouts have been spent in the main chain.

All prevouts are marked as spent.

Spent txouts are spent by a valid transaction that consumes them.

As UTXO caching saves received transactions, the validation of each transaction should be fast if it has
been received, cached, and saved in the pool. The case where a transaction is not in the UTXO cache
slows the process. The node requests a copy of the transaction from the network, validates it, and adds
this to the hash checks.

When a block is received that has a transaction the miner is missing, the mining node needs to
download a copy of the missing transaction before it can complete validation of a received block. In the
distribution displayed below we see the block times as recorded on the Bitcoin network. Although this is
approximately exponential with a 10-minute block time, we can see that it forms a power law
distribution when we look at the sub one minute times.
The validation and propagation time is small compared to 10 minutes . The result is that we can
approximate a Poisson approach which is far simpler to calculating differential equations associated
with true SEIR models or simpler power law approximations.

Time matters.
Bitcoin needs to work within the financial world, not to have this idea that the financial world can be
modelled to work in Bitcoin. Monetary transactions do not follow an equal distribution. Back in 2006 and
2007 I was involved with modelling monetary transactions in the creation of automated fraud systems
for accounting and auditing purposes. I became very familiar with the time distributions of monetary
transactions in global systems.

Something that is commonly overlooked within the crypto community is the time distribution of
transactions. In any period of time we can see that this distribution is approximately exponential in
nature. The larger the block interval, the closer the distribution is to an exponential function. In large-
scale commercial systems, over a period of time exceeding five minutes but remaining less than an hour
we generally would expect transactions to fall within a 95% confidence bound along an exponential plot.

Alternatively, as we lowered the interval, the data appears to be more and more random and the impact
of noise to the system makes it harder to predict.
The impact of not being able to model time intervals is a wider distribution of block sizes. At one minute,
even at the lower 10% alpha, we expect many deviations from a standard predictable distribution. The
result is far larger standard deviation for block size.

Although the distributions of blocks are asymmetric, a larger block time allows an increased range of
small miners. As the time is decreased, fewer miners are able to compete. Part of the reasoning is the
asymmetric distribution of transactions. At one minute the orphan rate is around 2.5 to 3 times that
exhibited at a 10-minute block interval. The graph below plots this as orphan rate against time in 10th of
minute blocks.

I could’ve spent more time doing the indices and playing up the graphs, however, this entire process of
explaining why money should not be altered is the problem.
Changing settlement (block times) to less alters the distribution and ends up favouring larger miners
more than the small. It skews profitability.

That is why 10 mins.

More importantly however, 10 minutes is not optimal, nothing is. For Bitcoin to work correctly it needs to
be somewhere between five minutes and 20. The exact ideal optimal time is not calculable because it
varies by time of day, season, use, electricity price and many other factors that are not standard.

The argument that this helps merchants is spurious at best. Money works best when it is stable. This is
the entire purpose of Bitcoin. To make money that is stable, and yet this is the one thing everyone tries
to alter, that is to make Bitcoin a typical Silicon Valley screw with it and hope that it works experiment .
That’s the thing, Bitcoin will never work in this manner.

When scaled to incorporate larger block sizes, this is 1 GB for a 10-minute block or the corresponding 100
MB for a one-minute block interval.
Although superficially, the two power law distributions of blocks displayed above appear similar, they
differ radically because of block processing time and distribution times that are not evenly distributed.

Moreover, with smaller block times it becomes simpler to withhold some transactions that the miner
creates themselves further skewing the distributions. At a 10-minute interval, the first quartile is 30% of
the mean. In a one-minute block, the first quartile is 40.5% of the mean.

Given quickly discovered blocks that exist in the third quartile and above for size, not distribution time
we end up with a scenario where the one-minute block ends up containing enough transactions to slow
distribution. Unfortunately, the majority of so-called scaling tests use evenly distributed processes rather
than power-law block size. Our one-minute block in the third quartile of size ends up being propagated
slowly to all but the largest miners. In the current environment that would be mining pools and solo
miners with 15% or more hash rate. The small miners would receive this block slowly enough that they
would fail to validate the block 27% of the time before a new block was discovered.

The increase in hash rate predominantly impacts miners with under 10% of the total hash rate.

Benefit
The touted benefit to a one-minute block rate is improved merchant adoption. Even at a one-minute
block, approximately 20% of blocks are discovered in a period exceeding two minutes. To be useful to a
merchant in a commerce scenario, a block would need to be discovered and propagated without
orphaning in an interval of under three seconds. This occurs extremely rarely at the best of times. The
argument is a false argument against the benefits of 0-conf. The reality is there are no realisable gains in
changing block time.
There are many negatives.

The primary negative is that Bitcoin is a cash-based payment system. Merchants develop software and
applications and every time a change is made, they need to redeploy these. This is the worst weakness
Bitcoin has exhibited. When compared to fiat, Bitcoin changes minute by minute.

If we are to make Bitcoin a global currency, we need to replicate the features of cash. First and foremost,
this comes down to creating a stable platform. Every time the protocol is altered, merchant
opportunities are lost. The original Bitcoin protocol was resilient enough. There is never a state of
perfection.

The 10-minute time interval within Bitcoin was a guess. It’s a good enough one. Maybe five minutes
would’ve been better or maybe 15 but the reality is none of this matters because it could never be
anything less than two minutes and successfully scale. The most important aspect of what needs to be
done is to stabilise and lock down the protocol so that merchants can build and use coins globally.

Larger block times lead to less uncertainty

We see the distributions of blocks in the figure below. A small (1-minute blocktime) is only able to be
modelled using a power law or exponential distribution. A larger block time is close to a normal or
Gaussian distribution.

As with many things, block time in Bitcoin is a trade-off. There is no perfect time and as you lower or
increase the time, you alter the incentives and change the system.

That, above all is what Bitcoin cannot do. Bitcoin was designed to be stable and set in stone.

This is how good money works.

© Copyright 2019 – 2021
The myths of Bitcoin
By Craig Wright | 14 Aug 2018 | Bitcoin & Blockchain Tech
Bitcoin is Peer to Peer electronic cash.

This is it first and foremost. In this I am going to address a few of the myths around bitcoin. Before I do that,
let me first set some terms and descriptive explanations.

First, there is one Bitcoin, set in stone as at v0.1 and we endeavour to return Bitcoin cash to align as closely
as is possible to that original. Only Bitcoin cash can do this. Bitcoin Core with the additional changes
(including Segwit) cannot achieve this.

The first one is peer-to-peer. The disinformation around this has been strong. An exchange in bitcoin can be
made from one party to another directly with no intermediary. The aim of cash is not to have a system
where a central bank signs off on the monetary unit, issuing these to third parties such as consumer banks,
MasterCard and visa, rather, it is a hard stable currency system that allows individuals to exchange directly.
In the first version of bitcoin, there was a rather poorly constructed IP to IP protocol that allow users to
exchange keys. The version implemented at the time was not secure and allowed man in the middle
attacks. This is something that can be easily fixed and many protocols exist to solve this now.

In handing a transaction from one party to another the primary concern is that:

‘’Transactions that are computationally impractical to reverse would protect sellers from fraud’’ [1]

This is what peer-to-peer means. Miners are a settlement layer. In the banking system even when money
clears into your account it may not settled. Any payment received by a merchant over the credit card
system can take 90 days to clear. Banks allow you to access funds, however any reversal can be applied
retrospectively placing accounts into arrears and requiring the payment of interest and fines.

This is the difference that makes bitcoin peer to peer. Not that every person needs to be a miner, but that
individuals can exchange transactions directly with each other and quickly verify that mining nodes have
received the transaction.

Scalability
This is the biggest myth around bitcoin. The only problem with scalability is the subsidising of home user
hobby nodes. Bitcoin can scale to terabyte size blocks today. The only thing stopping this is a false idea that
nodes that do not mine bitcoin are required in the network. Miners are competitive organisations.
There is one simple reason people have problems with scaling blockchains. They were always designed to
be commercial in nature. They were designed to be competitive. And they were designed as a monetary
transfer unit. There is one and only one way for BitCoin, in fact any blockchain to function successfully, that
is as a single unit with a primary focus on cash.

Once this is accepted, the myriad of other uses all fall into place. Just as users do not run their own email
servers, their own Web servers or any other server farms, bitcoin uses corporate validation of data not as a
trusted third-party but it is a protocol specific system. It works because capitalism is a system of
competition. Bitcoin is purely competition driven. It does not matter whether you like this or not because
bitcoin is apolitical other than being purely capitalist.

The reason we can trust bitcoin and we can trust miners is the protocol governance mechanism. This works
as a monetary unit for the simple fact that there is no such unit as miners.

It is the same as saying the typical comment about suits. There is no one form of corporate executive. How
do we trust these corporate entities. Very simple, we trust them to be greedy. Moral sentiments are a layer
over and above corporate culture and this doesn’t come into the governance of bitcoin at all. It relies on
profit seeking. We know it works as we know that corporations will seek the greatest profit and they will do
whatever they can to get this. This is why bitcoin works. The most efficient organizations will seek an edge
over their competitors and in doing so will drive mining profitability to an eventual knife edge. At this point
there is no way for any corporate entity to gain any means of altering anything within bitcoin. To get to this
point we need to scale.

The cost of scaling bitcoin exceeds the cost of network and system architecture. There is no scaling limit.
There is no such thing as spam in bitcoin. Any party willing to pay for a transaction can have that transaction
stored. Miners competitively compete to grab as many transactions as they can as this is the way they gain
the profitability edge over other miners that is needed to stay competitive. In time, nearly every bit of a
miner’s profit will come from a transaction.

The truth of the blockchain when done correctly is that there is no scaling ceiling. The more use, the more
profit, the better it scales and the less expensive transactions become. Bitcoin is incentivised to become the
backbone system of the global Internet.

It can only do this as cash

Protocol governance
The nature of Bitcoin is such that once version 0.1 was released, the core design was set in stone for the rest
of its lifetime.

This is something people misunderstand. The nature of bitcoin’s competitive system is designed to make
stable money. This is the core of how bitcoin scales. There are aspects of bitcoin that need to be fixed, they
were in the first version but they did not include the protocol.

To be stable money bitcoin needs not to change. I say this again. Bitcoin needs to be set in stone to work
and to be valuable. Miners will alter and improve on the core software used for mining bitcoin. They won’t do
this as a group. They will do it to gain competitive advantages and they will do it without disclosing all of the
changes they make. This again is a good thing. More efficiency is always good. To be successful, to follow its
key mantra bitcoin needs to develop into a system that is fixed and not something that developers think
they can play with because they understand money very little.

It is important for any monetary system to exhibit stability. This is how and why people trust money. They
know that in 10 years or 20 years their money will remain the same. Right now, the developers in Core have
been altering the protocol drastically which is the antithesis of stability. It is for this reason that myself with
my company, nChain, have been working with others such as CoinGeek and yet unnamed miners to
stabilise the bitcoin Cash protocol.

It is for this reason that the BComm initiative was started and it is profitability that will drive miners to
stabilize and maintain the protocol creating the first form of digital stable money in human history, this is
bitcoin cash.

Slow confirmation times

The confirmation times within bitcoin are fast. People confuse confirmation and settlement. A transaction
that has not been settled within a block is secure enough. It does not need to be impermeable, it needs to
be good enough.

The result of this is a system that is thousands of times more secure at any scale than Visa or MasterCard
and can settle in under a second. As the network increases in size and scale the latency on detecting double
spends will decrease and the network becomes more secure. The interesting dichotomy with bitcoin is the
more use and the more scale, the more secure it becomes in the lower risk to merchants that is exhibited in
the system.

Confirmation time for a transaction within bitcoin can be completed faster than any currently deployed
electronic system. That is more than enough and as it scales it gets better.

Anonymity
Bitcoin is purposely pseudonymous. There is a fine line between privacy and anonymity and it is a line that
cannot be crossed. What few understand is that anonymity is not privacy. Anonymous transactions do not
help the average person, they help corrupt governments and criminals. Worse, anonymous systems will
never be legally enforceable. This undercuts their key use as monetary systems and as a method of
exchanging contract.

It has always been the sunshine principal that allows us to detect fraud and dishonest dealings. A system of
anonymous money allows those in organisations such as Enron to expand operations in a manner that
allows them never to be caught. Anonymous money allows governments to buy deals, votes, guns and
more with impunity. It is not anonymity that leads to free and open exchange but pseudonymous and
private communications.

Privacy is important but anonymity isn’t. Anyone who does not understand this should read Plato’s Ethics,
and in particular, the Ring of Gyes from Book II.
Anonymity leads to a system where justice is only in the interest of the strong .

Ease-of-use, the grandma test

The trouble here is that no one bothered to update the front-ends particular well until recently. There are a
number of good wallets that are starting to appear. Much of the problem has come from the myth of the
full node. Users should be running SPV. This is defined within the original white paper. There is no
requirement to validate every single transaction. This is the ease, simplicity and beauty of bitcoin. It is not
miners that you trust, but their competitive nature. The argument is that miners act in concert as one. They
do not. Miners are competitive businesses that are designed to end in datacentres [see image and quote
above].

The simple fact is that ease-of-use comes from developing applications on top of bitcoin and it is things like
the HandCash Wallet App, Keyport , POP and Centbee that deliver simplicity that matter.

Mining is wasteful
The value of bitcoin is not the electricity in the system, it is that value in exchange and people are willing to
pay for this using electricity in mining. There are no absolutes in the economic world and this holds true for
bitcoin.
The question to always ask is not whether something uses energy but rather does it deliver an outcome that
people want more efficiently. Bitcoin delivers the first form of stable money ever developed in human
history and it does this at a cost that is lower than the combined cost of monetary issue, electronic data
exchange and fiat money as they exist today. As an economic system bitcoin self adjusts in mining and fee
reward based on the overall utility of the system. Most importantly, as the system scales it becomes more
and more efficient.

At a global scale, the system can operate more effectively than the credit card system alone while delivering
far more.

Stability
The most important aspect of any monetary system is stability.

To this end, and to make bitcoin all that can be we endeavour to remove the block cap allowing any level of
scaling that people are willing to pay for. As an economic system based on market forces bitcoin can
become global cash.

Bitcoin will be locked as closely as it can be to the original protocol allowing merchants and developers to
build a complete ecosystem of global finance upon it.

Bitcoin cash is the global financial platform of the future

References
1. http://www.bitcoin.com/bitcoin.pdf
The cult of Decentralisation
By Craig Wright | 16 Aug 2018 | Bitcoin & Blockchain Tech
Bitcoin was first announced in 2008. After the software went live in early 2009 an announcement reinforcing
the statements of the white paper was issued on the P2P forum. This announcement heralded the first true
implementation of Peer to Peer currency.

The post on the Peer to Peer foundation stated the following:

The root problem with conventional currency is all the trust that’s required to make it work. The central
bank must be trusted not to debase the currency, but the history of fiat currencies is full of breaches of that
trust. Banks must be trusted to hold our money and transfer it electronically, but they lend it out in waves of
credit bubbles with barely a fraction in reserve. We have to trust them with our privacy, trust them not to let
identity thieves drain our accounts. Their massive overhead costs make micropayments impossible.

The desire was to create and implement a stable currency that could not be debased or manipulated.
Perversely, a myth of decentralisation has appeared that re-purposes that goal. Bitcoin was created as a
decentralised system to enable stable electronic money for the first time. The foundation of this story has
been twisted to say that Bitcoin is there to create a decentralised system. Again, the system is decentralised
in order to create the first stable electronic money, not as digital gold, not as a settlement system, but as
digital cash.

The primary and central purpose of bitcoin is to deliver a stable monetary unit. By stability, we reference a
system similar to gold in scarcity yet that is easily transacted in. In particular, a system of low transaction
costs with no inherent value other than as money itself. The primary purpose of bitcoin is not
decentralisation, it is use as a monetary currency. This is, a low cost, high volume system of exchange.

http://p2pfoundation.ning.com/m/discussion?id=2003008%3ATopic%3A9402

The system delivered by Bitcoin is designed to be change resistant when it achieves scale. Stability is an
important aspect of money. Money is in effect a form of measurement instrument. In a manner similar to
how we measure distance, money is of greatest value when it is universally adopted and can be used as a
common system for measurement. We do not have many versions of a metre and nor should we have
many versions of currency. Just as the metre does not change in nature neither should money. This is the
reason for decentralisation in bitcoin. Not decentralisation for decentralisation sake, rather a monetary
system that achieves stability by being difficult to change. This is an aspect of bitcoin that comes with scale.

Those who have been attacking bitcoin target the centralisation of miners and pools. This comes to the
fallacy of black-and-white thinking. It is a false choice or false dichotomy. In this, it is falsely argued that only
one option or another can exist.

In the case of bitcoin, centralisation is argued to be an all or nothing scenario. The truth is far more subtle.
A false dichotomy is a dichotomy that is not jointly exhaustive (there are
other alternatives), or that is not mutually exclusive (the alternatives
overlap), or that is possibly neither. Note that the example given above
is not mutually exclusive, since the test and the program could both
be wrong.
Centralised

Decentralised

There are other options.

The argument is one that begs the question of why bitcoin exists. Bitcoin exists to be an electronic currency
system designed to allow micro-transactions whilst simultaneously offering negligible or low transaction
fees, even for high value and international treansactions. It is not digital gold nor would such a system work.
Many misunderstand the underlying reasons that fiat currencies are used exhaustively, even whilst these
are debased.
At the extreme, decentralised systems are fragmented. They are not strong and they are easy to subvert. As
with most things, the answer is a balance. Bitcoin is not a system designed to deliver equality, for the only
way to true equality is for all to be equally destitute.

Kyotaki and Wright (1989) formalised a model of money. In the system, money arises as a solution to a
search problem. Matching parties in mutual exchange lowers transactional friction in a Coasean manner.
Primarily, they explain the predominance of fiat currency. The two properties that make fiat systems widely
used derived directly from the dual properties of:

1. Lower storage costs than all other goods and commodities, and

2. Non-consumability.

Together, these two properties account for the lower transaction costs and increased trade opportunities. At
scale, and only at scale, bitcoin offers the ability to deliver lower transaction costs with high reliability for
both micro transactions as well as bank settlements. Importantly, it also does this without offering any other
consumer function directly distinct from the system itself. In bitcoin, the value of the system is derived from
the system itself no other commodity-based input. This mirrors fiat systems whilst creating stability and
limiting the ability for individual parties to debase the currency.

Bitcoin solves this problem through competition. Entities acting as commercial validators or miners
compete to prove the integrity of transactions through the creation of blocks. As long as no one individual
holds control of more than 50% of the network, the system can maintain stability and not be arbitrarily
altered. The requirement is three or more parties acting in competition. In any implementation with three
competing miners any of which hold no more than 50% of the network hash power at any time, the system
is decentralised.

The reality is more entities are better. Given a minimum of three competing parties and the nature of
capitalist systems where profit can lead to some organisations failing and going bankrupt, it is
recommended at all times that more than three or four organisations act in competition to ensure that no
single failures leads to a scenario where one party can destabilise the network.

In any system with five or more mining entities where none of the parties hold individual control of more
than 50% of the network, bitcoin is decentralised. As the system scales the cost of running up and attacking
these commercial entities increases significantly. Even with a small number of miners, bitcoin remains
decentralised as a distributed monetary system delivering the primary core deliverable, monetary stability.
More importantly, as bitcoin scales, the cost to attack the network increases significantly. As a global system,
no government could ever attack bitcoin.
It is also important to note that if any individual miner goes into bankruptcy, the profit for all other
remaining miners increases. This leads to a scenario where competition and profit dynamically maintain the
balance of the system. As one miner loses a competitive advantage, another takes the place of the former.
The equilibrium is structured in a manner that allows sufficient decentralisation to maintain stability whilst
delivering low-cost near instantaneous low-cost transactions.

What many developers and pundits fail to understand is that the only way a monetary system can act as a
medium of exchange is to have no other value or at least a use value that is far lower than any other
product being transacted. An aspect of gold that you consider is not only that it is scarce and stable but that
it has practically no other use in history. One of the earliest reasons for the implementation of gold as a
settlement system was its lack of durability and use in creating goods. The use of gold as jewellery came
later as it had monetary value. We see this in many cultures without wide access to a good monetary base
(such as India) where gold based jewellery is used as a means of carrying one’s wealth while simultaneously
acting as a Veblen good to signal position in a hierarchy.

The flawed thinking that crypto-currency must have alternative value is addressed through the search
efficiency of a currency unit (Arrow-Hahn, 1971). In this and the KW model, it was demonstrated that fiat
money is not unequivocally welfare enhancing. The production of additional fiat money was demonstrated
to lower consumption. The result is a demonstrable optimum amount of fiat money in circulation.

This can be modelled as a prisoner’s dilemma. Due to the non-consumability and favourable storage cost
fiat money has the capability to crowd out commodity monies in the traditional sense. Any efficient money,
fiat or crypto-currency that fails to maintain stability is inexorably driven towards a single Nash equilibrium
that drives out the use of the less efficient currency whilst also reducing overall welfare. It is for this reason
that bitcoin is set as a stabilised monetary system. It delivers a non-consumable system while
simultaneously creating lower transactional friction than any fiat currency can deliver at scale.

The aim of bitcoin is not to deliver a decentralised system. A decentralised system is used to ensure the
primary goal of bitcoin, a stable monetary unit.

References
Nobuhiro Kiyotaki and Randall Wright, (1993) “A Search-Theoretic Approach to Monetary Economics” The
American Economic Review Vol. 83, №1 (Mar., 1993), pp. 63–7

Arrow, Kenneth J.; Hahn, F.H. “ General Competitive Analysis ” Published by Holden-Day Inc, San Francisco
(1971)

Published by Holden-Day Inc, San Francisco (1971)

Limited change to bring stability
By Craig Wright | 19 Aug 2018 | Bitcoin & Blockchain Tech
Something people fail to understand about bitcoin is it is intentionally limited in what it can do and how it
can be changed. This is purposeful. Bitcoin is designed to be stable money and for that reason it is not
designed to have new opcodes added outside the need for a few security based replacements or to be
altered. The very limited number of reserved words within bitcoin are incredibly necessary. If these are
wasted, the future of bitcoin as a protocol is extremely limited. Some of these have already been wasted to
implement time-based functions that could have been and have been enabled using nLockTime more
efficiently.

These keywords within bitcoin are:

· OP_RESERVED, OP_RESERVED1 & OP_RESERVED2

· OP_NOP1-OP_NOP10

OP_NOP2 and OP_NOP3 have already been wastefully squandered to provide the following opcodes:

· OP_CHECKLOCKTIMEVERIFY

· OP_CHECKSEQUENCEVERIFY

Neither of these opcodes were necessary within the bitcoin system but were added solely to enable the
theft of network effect in an attempted migration to a separate system using lightning. There is no business
case that cannot be completed with CLTV that could not have used nLockTime based Bitcoin transactions.
The same or better result can be delivered using nLockTime as CLTV. So, there is no purpose for CLTV.

Contrary to the false Core narrative, new opcodes are not designed to be added using a soft fork. Soft forks
are not a part of bitcoin and destroy the competitive nature of the system.

In this blog post I will describe the reasoning behind these (spare) opcodes and why it is important that they
are not wasted on foolish experiments. Bitcoin was designed with a limited number of these codes in
advance to ensure a long-term monetary migration on a stable system.

OP_NOP(x) and OP_RESERVED(x)

The extended no_opcodes are needed to replace the hash variables within bitcoin. OP_SHA1 is already at the
end of life and is known to be compromised as SHA1 has been demonstrated to have known collisions.

OP_RIPEMD160 is not expected to last more than a decade due to weaknesses in the RipeMD160 algorithm
strength. OP_HASH160 is a joint process where the input to this function is hashed twice: first with SHA-256
and then with RIPEMD-160. When RipeMD160 needs to be replaced, the requirement is that two of the
OP_NOP(x) opcodes be redeployed and the OP_VER (and related) op codes are updated to mark the script
change at a certain height and for the transitional period.

SHA256 remains strong for the present, but all hash functions will have a lifespan. There are three (3)
opcodes in Bitcoin that are directly based on SHA256, these are:
· OP_SHA256 The input is hashed using SHA-256.

· OP_HASH160 The input is hashed twice: first with SHA-256 and then with RIPEMD-160.

· OP_HASH256 The input is hashed two times with SHA-256.

Further, there are a number of indirect opcodes that use SHA256 that would need to be replaced if any
weakness in the hash functions used by Bitcoin was discovered, these are:

· OP_CHECKSIG

· OP_CHECKSIGVERIFY

There are seven listed functions here and additionally, when, note not if but when problems happen as a
result of the currently deployed ECDSA-256 bit curve, ECDSA-512 or some other public private key algorithm
will need to be integrated requiring the replacement of:

• OP_CHECKSIG

• OP_CHECKSIGVERIFY

• OP_CHECKMULTISIG

• OP_CHECKMULTISIGVERIFY

All up, the current version of the bitcoin protocol has implemented 10 OP_NOP(x) opcodes, 2
OP_RESERVE(x) opcodes and OP_RESERVED for other miscellaneous problems.

That is, we have a complete total of 12 opcodes changes that need to be maintained for the future bitcoin.
There are 10 functions within bitcoin that will need to be changed in the future that are defined. As we have
two wasted spare opcodes, we actually have no room for error in future updates. As an absolute minimum
there needs to be two hash functions in the public private key algorithm.

The minimum for updating the hash functions will be four (4) opcodes. The absolute minimum on updating
the digital signature is also four (4) opcodes.

The consequences if we want bitcoin to remain and be a viable system that will last more than 20 years, we
are down to two spare opcodes already. Of the total of 10 that are needed for hash and digital signature
algorithms only eight remain.

Bitcoin was set in stone as of version 0.1.0

This is a part of what this means. The design of bitcoin is not to create an idealised socialist utopia, it is to
create stable global money. To do this, it is required that we have a system that does not change without
reason. We have already seen this being subverted by developers. The idea at present is to experiment first
play by adding bells and whistles and hope for the best. This may be the way that many applications work
within Silicon Valley, but it is not how money works and this is one of the key problems right now.
In bitcoin cash, we had the foolish attempt to mindlessly add additional opcodes and the reason was that
this would bring traffic. It is exactly the opposite of what is needed. Financial organisations and even the
idea of a listed ETF derived from stability. Right now, this is the one thing bitcoin fails to exhibit as people
constantly try to change it.

Bitcoin cash is bitcoin and we’re going to work to return it to the version 0.1.0 implementation and lock that
protocol. The reasons for reserved opcodes should be clear. They are necessary to create a script system that
is stable and can be used as a financial system. To do this, we need to be able to create contracts that can
last not one, or five, or even 10 years. There are financial instruments that last over 100 years. If bitcoin is
money, it must be able to handle these and that requires stability.

With the existing script code fully re-enabled, there is nothing that could be conceivably desired that cannot
be done within bitcoin. The lack of vision of one developer does not require that the entire system and
protocol is changed.

Right now, everything that developers are doing to alter bitcoin is an experiment that drives adoption away.

Bitcoin needs to be a stable system to be money. We have invested in hash power and intend to use that
for the sole goal of scaling and stabilising bitcoin.

Bitcoin is explicitly designed not to allow people to start arbitrarily altering the structure of script.

The primary deliverable in bitcoin is a stable system. When you are told that we need to develop to
integrate to grow, the reality is that this is about scaling the existing bitcoin protocol and developing on top
of that protocol. Bitcoin is an economic system it is not designed to be altered frequently.

Traditionally, banks used marble edifices to signal their stability. This was designed to say that they would
be there unchanging unflinching and available for the foreseeable future. It’s time that we started bringing
this to bitcoin and making bitcoin cash.

Stability
Unfortunately, there are many things in Bitcoin (including the OP_Codes added above like CLTV and CSV)
that have been added and must now remain. P2SH is one of these horrible kludges. These cannot ever be
removed. This is not the same as making a bad script and losing a little of your own funds. Any additions to
the protocol we have just noted are permanent. Bitcoin cannot ever be altered to reverse these changes.

The atomic structure of Gold is defined.

If you add or remove a proton, it is no longer gold. Some changes (P2SH) are analogous in Bitcoin to adding
a neutron to gold, it can be done, but the resulting system is less stable.

It is time to start moving away from the idea that Bitcoin is broken and to start scaling it and allowing it to
become what it was designed to be — Stable money.
Black Mirror
By Craig Wright | 01 Sep 2018 | Bitcoin & Blockchain Tech
There is an episode of Black Mirror called Nosedive that explains some of the reason for the creation of
bitcoin as a proof of work system. As bitcoin has been growing up, the value has not been high enough to
attract real corporate miners. The first of these has appeared. CoinGeek has become the first real corporate
miner in bitcoin. (By “corporate miner”, I am referring to a significant private business that mines on its own,
rather than individual miners or pools of smaller miners). Their investment into the infrastructure, not as a
means of gambling and speculation between coins but with the goal of delivering global money signals the
start of a new era and one that bitcoin was always destined to reach.

Other entities (such as SBI) will follow the leadership of CoinGeek. The importance of this cannot be
understated. Bitcoin is a system has always been designed to end in data centres and corporate
competition. The reason for this is to achieve stability. It is to achieve the creation of the first money that is
set in stone and invariant. It is this stability that is needed for the long-term creation of contracts and which
delivers the ability for bitcoin to achieve stable global money.

Bitcoin was designed to become corporate

In the Nosedive episode of Black Mirror, the primary character seeks acceptance in a world based on social
credit. Before the value of bitcoin increased long enough to become sufficient to attract corporate miners,
the first stage of its development demonstrated analogously what I had termed proof of social media
(PoSM).

The social aspects of politics is what makes Fiat unstable

We saw the beginnings of this with the pseudo-attack based on an old psychological deception. The use of
techniques such as the UASF have no technical merit but have acted through proof of social media. The
reason that this worked in the past with bitcoin comes from the distributed nature of the system. Before the
overall reward increased to become large enough to attract a corporate miner, the state of the system was
created through a distributed pool system. These pools are groups of many small miners with some
estimates of over 150,000 miners having an association with the various pools.

The small miners are easily swayed through social media. They do not have the resources to adequately
investigate many of the false claims made by developers and others who use social media platforms such as
Reddit and Twitter to promote fear uncertainty and doubt (FUD) throughout the industry. This is one of the
most critical reasons why the rise of corporate miners is so essential.

The mechanism used in attacking bitcoin in its early phases is similar to the oligarchical attack that is
associated with proof of stake (PoS).

The transaction cost associated with investigating false claims is outside the reach of many small mining
organisations. It is not outside the reach of the large groups and as these large groups start to compete we
will see a more professionalised and stable version of money start to appear. Rather than switching
between many coins, the large professional miner will start competing on long-term investment cycles.

It was for this reason that the US founding fathers created a representative democracy within the USA. They
foresaw how a demagogue could sway the popular opinion and allowed Democratic systems to be
subverted for short-term interests. This has already occurred within the US and the push to become more
and more demagogic has led to a system that is less democratic.

The proof of social media attack is about using false information to sway miners into short-term interests
designed to allow experimentation even when people know problems. We saw this with the introduction of
CLTV and CSV. Both of these opcodes were determined by core developers to be dangerous and
detrimental to bitcoin, yet those same developers renamed the proposal and implemented these opcodes
in order to subvert bitcoin when they sought to introduce lightning:

We can’t safely do OP_BLOCKNUMBER. In the event of a block chain reorg after a segmentation,
transactions need to be able to get into the chain in a later block. The OP_BLOCKNUMBER transaction and
all its dependants would become invalid. This would not be fair to later owners of the coins who weren’t
involved in the time limited transaction.

OP_BlockNumber is merely a form of OP_CLTV and was rejected by Satoshi with all Core developers
admitting that it would introduce vulnerabilities into bitcoin. After people had forgotten about the
vulnerabilities, these opcodes were introduced.

The Times
There is a mistaken understanding of the article referenced within the Genesis block. The reference for this
article relates not banks, but demagoguery. The problem of government in a democratic system is the ease
with which we have allowed politicians to enact changes to our monetary system based on political
concerns and fashion. In many ways, this is analogous to the bitcoin-based social media attack we have
seen in the early days. Fiat is subject to alteration on the whims of bureaucrats and politicians. This leads to
instability in a system of rolling failures. As politicians and bureaucrats seek to shore up their positions using
short-term alterations of money, all of which lead to long-term failures, we are left with the system that
grows far slower than it would if governments kept out of the economy.

It is not the banks, but the manipulation of money for politics that is the issue

In the article from The Times, we see how government sources planned “to keep the banks on the boil”
using injections of taxpayer’s cash.

Diogenes the Cynic demonstrated the fallacy associated with relying solely on social consensus and the
belief of the crowd. According to one story, Diogenes visited the oracle at Delphi who instructed him to
“deface the currency”. To achieve this, he sought a life based on challenging existing customs and values.
For the last few years, I have stridden a similar path in public. I have created a public persona designed to
challenge in a way that gets some to question and others to attack based on the mere perception of social
disagreement.

I have achieved this and as a result shall change yet again.

My nature in teaching has always been Socratic. I do not answer questions directly but rather seek other
people to question and query and test themselves in a manner that leads to understanding and more in-
depth knowledge. This alienates many, but it is not the many that matter but the few who can continue
along the path that leads to knowledge.

Diogenes the Cynic saw the folly in social convention

Money, when handed to government and bureaucrats under the control of fiat dictates become subject to
the popular vote and suffers to fashion. It becomes the simple measure of political power to debase money
to sacrifice long-term gains and growth to achieve short-term political outcomes.

The article listed in The Times as referenced in the Genesis block was never about the destruction of
banking or government. It was referencing the political and social manipulation of money. At scale, Bitcoin
is designed to be a system that cannot be easily debased. That is why it can be trusted. Money can be
trusted when after greater than 20 years it remains the same. It is set in stone as once the game has started
the rules cannot change. Bitcoin is designed to be stable money. It is a system that foresaw the dangers of
social consensus and the attacks that will come to society through social media; the problems of social
currency displayed in the episode Nosedive.

Modem
Following the path is taken by Diogenes, I have demonstrated the folly as best I can in social media, that of
perceived anonymity where people do not have skin in the game. If applied to money, it is a dangerous
system that leads to decay.

In a recent post, I made what some seem to be an error. It was intentional and designed to capture those
with a social agenda seeking to prove my errors. There were several such pronouncements from me in the
recent past.

A modem is a modulator/demodulator. This term is falsely attached to DSL devices and other systems that
are not, in fact, a modem. Conventional marketing has used the term incorrectly, which is an aspect of the
social flaw.

The misconception that many have is the nature of a modem. When I worked for the ISP, OzEmail in the
early 90s I headed up the corporate services engineering division. Those clients who were not large enough
to have 2Mb leased lines would commonly use a bonded modem service. This is not something that most
home users would ever consider, in this, corporate users would connect multiple phone lines into a single
virtual line.

A device containing 10 modem (for the correct plural of the term modem in this use is modem not
modems) would make a single connection allowing a higher speed connection than would be possible on a
single phone line. Multiple analogue modem attached to multiple dial-up links over POTS would be bonded
to form a single channel link. The aggregate throughput achieved using bonded connections comes close
to the aggregate bandwidth of the bonded links. It is a play on words as many now use the term modems
though not technically correct for these are a single modulation-demodulation system contained within a
bonded connection that this was the intention of my post. To gain social favour to show and demonstrate
the error of jumping to conclusions without fully considering the entire situation.

Asimov
In his series, Foundation, Asimov talked of future history. We already see many within the bitcoin
community and others within alt coins crying for the creation of off chain solutions. All of these lose the
benefits that come with the pseudonymous system that holds global data and network patterns for an
eternity.

Nietzsche talked of the difference between slave and master philosophies. Unfortunately, the nature of such
systems has been taken to a horrible misrepresentation by those interested in socialist control. Nietzsche
did not seek a system of the strong dominating the weak. He proposed the system where the tough act as
stewards or governors, as business leaders offering guidance through their action and work.

It is little-known outside a few that know me well that I was heavily involved with the Uniting Church in
Australia. I was a pastor for some time and was heavily involved with uniting financial services where I acted
for several years as a trustee to the banking operations of the church organisation.

Presbyterian churches are founded as most Protestant organisations on a work ethic. One of the main
reasons that many listen to the false idolatry of proof of social media is the deceptive cry, ‘Do less’. People
who have not finished university raised on (social media) platforms that make them believe achievement
doesn’t require work and effort.

The reason for this false and deceptive claim is a call for power. They seek others work less so that they can
achieve more and deliver more using the efforts of others without delivering just returns. Bitcoin is not proof
of stake and forms a system of enduring work. This is something many such as Bitmain seek to alter. In
proof of stake, once you have achieved, you do not need to keep trying, to struggle to be better. Bitcoin is a
Red Queen game. This allows new entrants and ensures that all parties focus on the development of
solutions designed scale and grow bitcoin. Perversely, proof of stake does the opposite; it allows those who
have power and money to maintain control without doing any more.

It is a stable capitalist system, sound money that can deliver the requirements outlined in detail in Adam
Smith’s Theory of Moral Sentiments (1759) to achieve an equitable capitalist system designed to deliver
growth and enable more people than ever before to escape poverty.

It was necessary for bitcoin to pass through this stage of its growth. As it matures, there will be other battles
following this one. This is but the first. In this initial struggle, we see it seek to throw the shackles of social
control from off its shoulders and as with Atlas to shrug .

It is only with effort that we grow and develop

We will see the next two years solidify the first stage of bitcoin. Following this, six and ten years will mark
radical changes within the market. In each of these, we will see the stronger growth and development of
corporatisation within bitcoin. Global competing groups will emerge each seeking to gain further control of
a smaller and smaller reward that increments only through transactional growth. The result, larger and
larger block sizes and hypercompetitive systems.

Bitcoin is stable global cash. It is through international competition, not of small home users and hobby
nodes but from large corporate entities that we will gain this stability and solidity of the world’s first stable
money.
Banking on Bitcoin
By Craig Wright | 02 Sep 2018 | Bitcoin & Blockchain Tech

Banking on Bitcoin
There is this myth around banking and bitcoin. Any quick search will show thousands of sites and
people promoting the idea of “ be your own bank ”. This seems to become one of the catchphrases
associated with bitcoin, however it is utterly false . Holding bitcoin as cash is not banking. In Japan
due to the low interest rates offered, many people still hide their money under their bed. Just holding
your money in bitcoin is just holding your money under your bed. This is not what banks do.

Banks allocate and distribute capital. They offer loans and allow people access to funds they would not
be able to gain based on the promise of the future repayment. Bailout people who cannot afford a
home to buy one and pay it off over time. They allow people who come from poor families to seek
education and pay this off later. Bitcoin does not offer this.

It is possible to have banking based on Bitcoin but it does not involve holding your money at home.

If you have a home loan, try and think what it would be like without access to banks. Imagine, as
people used to do having to share a small room as you save, maybe forever.

Safety
For most people, the home is not the safest place. This myth that holding your own keys makes you
secure is a fallacy.

There is a monetary cost to maintain a safety deposit box. Any large amount saved within a set of
bitcoin keys is at risk and needs to be protected. This works well if you are wealthy and can afford it,
but it is not the same for the average person. Most users are not well-versed in information security.
Having worked within information security since the early 90’s when most people hadn’t even heard of
the discipline I can tell you very well that the biggest security problem is users not understanding
security. Handing off security to users is a recipe for failure.

To be safe, you cannot trust a hardware wallet. All devices have a level of insecurity and risk. You need
to be able to have multiple layers of security and for any large amount of bitcoin this includes backups,
secure off-line service and multiple keys. For any large amount of bitcoin being stored there is a cost of
storage associated with maintaining security.

To teach people that bitcoin is secure by default is negligent.

In the future, I expect people touting this idea to be sued under tortious negligence laws for
promotion of false information leading to loss. Those who have trusted in the security of bitcoin and
then have machines hacked, lose information or have key stolen even through physical act should look
to some of these people promoting the lie that owning a set of keys makes you ultimately secure to
recover their funds.

The third world

One wonderful advantage that bitcoin provides is with simple applications such as Centbee and
Handcash low-end users can access bitcoin quickly. In environments where banking is not available
bitcoin partially provides leverage to get into the market. It doesn’t provide all that banking does, but
that does not stop us from building applications on top of bitcoin that allow for localised services.

More, bitcoin provides a means for these people without access to save their money to have some way
of doing it. It allows them to have multiple wallets and only carry the minimal amount on their phone.
They can have one phone at home with a special backup key and locked encryption and carry another
with a minimal amount that they need for the day.

This is the type of thing that should be taught. Yet this is not taught at all.

The so-called experts teach you about the false idea of being your own bank and tell you nothing
about how you need to secure nodes.

They do not teach store-owners that the central head office can have a different wallet that is paid to
with no private keys on site. They do not teach people being paid for work that they can have multiple
keys and multiple wallets storing these so that you carry one with a small amount and get paid to
another.

It is time to start teaching people the truth. Bitcoin does not replace banking. It is cash.

Bitcoin core (BTC) should not even be called bitcoin anymore. It is not cash.
The crypto-ring of Gyges
By Craig Wright | 02 Sep 2018 | Bitcoin & Blockchain Tech
Plato covered the problems of true anonymity in The Republic. In this story, he detailed a fictional character
called Gyges of Lydia who found a magic ring that enabled him to escape all review with the ability to go
completely invisible at will.

No man is moral without view

H. G. Wells revisited the story in “The Invisible Man” with a modern twist on the retelling.

In the Republic, Plato recalls Glaucon’s remembrance of the story of Gyges.

Glaucon posits:

Suppose now that there were two such magic rings, and the just put on one of them and the unjust the
other; no man can be imagined to be of such an iron nature that he would stand fast in justice. No man
would keep his hands off what was not his own when he could safely take what he liked out of the market,
or go into houses and lie with any one at his pleasure, or kill or release from prison whom he would, and in
all respects be like a god among men.

Then the actions of the just would be as the actions of the unjust; they would both come at last to the same
point. And this we may truly affirm to be a great proof that a man is just, not willingly or because he thinks
that justice is any good to him individually, but of necessity, for wherever any one thinks that he can safely
be unjust, there he is unjust.

For all men believe in their hearts that injustice is far more profitable to the individual than justice, and he
who argues as I have been supposing, will say that they are right. If you could imagine any one obtaining
this power of becoming invisible, and never doing any wrong or touching what was another’s, he would be
thought by the lookers-on to be a most wretched idiot, although they would praise him to one another’s
faces, and keep up appearances with one another from a fear that they too might suffer injustice.

— Plato, Republic, 360b–d ( Jowett trans.)

This is the reason why bitcoin is pseudonymous. Anonymity does not help people become more private for
privacy is not the absence of control.

Bitcoin is money, first and foremost, it is peer to peer electronic cash.

Privacy allows people to hide their transactions yet at the same time to offer proof when it is needed. This is
a big difference with so-called privacy coins that seek anonymity. Fungibility is not about an unknown but
rather a proof of valid ownership.

When you make a purchase at the store, you do not seek to have complete anonymity but rather a level of
privacy that allows you to make a purchase without being traced. Bitcoin can provide this. At the same time,
the ability to provide proof of payment is necessary. An exchange requires that you can show how you
made a purchase. If there is a problem and you need to go to court, you need to provide evidence of the
purchase.

All contractual exchange requires offer and acceptance with consideration. This requires proof of the
exchange is available and that cannot be done using a completely anonymous coin. It is in the customers
interest to be able to demonstrate that they made a payment to a merchant. Otherwise, that user can make
an overpayment and the merchant can simply say they received nothing. No proof remains and trade
becomes less likely.

All governments have source of wealth laws. With bitcoin you can prove the source of your income and yet
remain private to the greater world. With anonymous coins you can easily be stopped and filtered. The
myth of censorship resistance requires the ability to prove where a transaction originated from. We see this
in physical cash with serial numbers and receipts. On trading merchants provide a receipt of the exchange.

The truth of anonymity is that it is not privacy.

Anonymity only helps corrupt governments and criminals. It is these people in these groups who seek to
hide in the shadows. It is not privacy they seek, but the ability to defraud others and hide what they are
doing. Bitcoin allows a user of money to prove that they had a valid right to that money. They can show
receipt and ownership. Yet at the same time they can remain private.

The issue with bitcoin and privacy stems not from bitcoin itself, but as a result of poor implementations.
BIP32 for instance is a hierarchical system that allows the determination of every branch of keys. The
problem with bitcoin is not that it is pseudonymous but that the implementations in wallets are poorly
configured. Yet, rather than improve on these people have attacked the concept of pseudonymous
transactions saying that privacy must come through complete anonymity.

This is false.

With mere privacy and not anonymity governments become accountable. It is only when the source of
money cannot be traced that black operations can exist. It is only when money can be hidden easily without
a source that corrupt politicians can act against the interest of their voters and take money from corrupt
corporations and criminals.

It is a corrupt government who needs anonymity most — people need privacy — aka pseudonymity

It is a myth to think that bitcoin needs to be anonymous. It requires privacy and that comes from the
implementation of a wallet, not a change to the protocol.

Those who push for anonymous solutions are not pushing for cash but rather seek a means to allow corrupt
governments and corrupt officials to hide money that they do not have a right to.

If you believe that corruption needs to be stopped, that Democratic governments only work when people
cannot be paid off with slush funds and under the table payments from criminals and corrupt
organisations, then you will never believe that bitcoin needs to be anonymous.

Bitcoin is cash (BCH).

Death and taxes, it is time to kill off mythical beasts
By Craig Wright | 04 Sep 2018 | Bitcoin & Blockchain Tech
I have a hard lesson for many people within the bitcoin and crypto currency community and that is that tax
does not go away because you use crypto currency.

The reality is that bitcoin is extremely easy to tax. The simplest way is what occurs now. The two simplest
taxes associated with a modern economy are a consumption tax and income tax. Modern income tax is
paid directly to the government. As an employee, it is your responsibility to claim tax back. A consumption
tax such as Australia’s GST or European VAT can be collected on sale and exchange.

Death and taxes remain in a bitcoin world

In the period between 2006 and 2008 I was working for a chartered accounting firm, BDO, in Australia. One
of the areas I managed was computer aided audit (CAATs). The software I wrote was designed to automate
the analysis of corporate logs, accounts and tax returns. This is an essential process within organisations.
Without good records no company can operate and without good records fraud cannot be detected.

Any good Corporation works within the laws of their country. This includes paying tax and reporting. The
first myth we need to expose is that Bitcoin in any way stops or minimises the collection of tax by
government. In many ways, it simplifies corporate compliance and tax reporting allowing governments to
collect faster and with less interference. This is the important point, not avoiding tax but minimising the
interference that tax officials impose on individuals and companies allowing them to get on with business in
a fair and open playing field.

VAT or a consumption tax

The simplest form of taxation for a government in a completely digital economy is that of a consumption
tax. The value added tax or VAT and it’s equivalent a goods and services tax or GST is placed upon the sale of
goods and services at the time they’re sold.

Using accounting standards and records that are linked to a system such as bitcoin we can provide a level
of pseudonymous interaction maintaining the overall privacy of a corporate record in a way that minimises
fraud while simultaneously allowing an organisation to submit the correct amount of tax. At present, value-
added taxes are overly complex. There is a requirement to differentiate between input and output credits in
such a way that even large organisations find to be difficult.

Bitcoin and smart contracts simplifies compliance

The truth is, each layer of processing could be individually accounted with automated payments based on
existing tax laws lodged in software that report instantly and not only report but transact instantaneously
with government. Bitcoin does this. Not that it needs any changes, not that there are alterations. Bitcoin as
it existed in January 2009 allowed this to occur. In fact, there is no way to stop this.

At the consumer facing level, goods and services can be classified under a legislative framework and taxed
directly and automatically with any required alterations in the amount being taxed included with the
simple cryptographic code. For instance, if a government decides to tax food at a different rate (such as
bakery vs tinned goods), the transaction as a smart contract exchange between a consumer and a
merchant can be recorded and completed with the correct amount of tax instantly transferred to
government.

So, the truth of the matter is that bitcoin does not stop tax and rather makes it easier and faster for
government to collect tax. This is critical. At present, the burden of reporting taxation and responding to
audit and reporting is excessive. Lowering the cost of compliance is a major benefit of bitcoin.

The government can maintain a hierarchical set of wallets determined in advance allowing a registered
taxpayer to instantly transmit any value-added tax directly to the government from a point-of-sale
application or other accounting package.

For the consumer, an invoice can be attached to the transaction allowing instantaneous reporting and
simplified refunds. In this system there is no need to maintain messy paper records for many years. There is
simply an automated open and fair system where all parties are treated equally.

Even better, a consumption tax favours those who invest over those who consume.
The idle wealthy who do little more than spend what they have inherited are forced to either invest or to
pay down what they have in taxes. Those who build and re-invests also pay less. Those who save benefit and
those who consume more, pay more.

Income tax
Income tax does not go away because of bitcoin. Pay-as-you-go taxation is standard within most Western
countries. The employer as a corporation, or a partnership, has a choice. They pay the tax for their
employees or find that they do not obtain a deduction. It is not in the employer’s interest to pay an
employee under the table.

At present, bitcoin wallets are setup in a manner that does not offer much privacy. A lot of the blame for this
comes for the people creating poor systems with very little privacy who’ve done very little to move bitcoin
into the mainstream. The reality is that it is extremely simple to create a private system that allows
employees to maintain privacy and not have their income tracked even by other people within the
organisation and yet get paid directly in bitcoin.

Bitcoin is P2P Electronic Cash — from the start

As organisations return after-tax amount to an employee, it is the employee who was required to claim
money back. The government has already received the tax. Bitcoin can simplify record-keeping making it
easier and more automated in a manner that allows for faster returns. In a bitcoin world tax happens but at
the same time the employee has less compliance obligation and a faster return on their money.

Corporate tax
All companies maintain records for tax purposes but even without taxation maintain records for their own
purposes. No good company can operate at any scale without records. Financial records are the heart and
soul of most organizations. The result is that it is nearly impossible in a system such as bitcoin to hide tax.

As one organisation pays another and makes, and lodges claims the government will receive a complete
and up-to-date record of all of these transactions nearly instantaneously.
Efficiency aids growth

The result is a system that is simple to audit and does not require a lot of interaction. It is a system with low
compliance costs. Bitcoin does not remove government, that is something people in a democratic society
vote on. If you want lower taxes, vote for lower taxes. If that does not work for you move to a different
country.

Anti-Government is anti-reality
There is nothing within bitcoin that even remotely threatens banks, corporations or government. Bitcoin is
sound money that is not easy to debase. Bitcoin does nothing to circumvent the law. It takes no power away
from government. What it does do is important. It provides a level of translucence. This allows what Judge
Learned Hand called the sunshine principal to apply. That is, others can audit and review anything in
aggregate whilst still maintaining complete privacy over lower level details in an accounting system.

If you wish to alter a democratic government you have the right to protest, you have the right to stand for
office, you have the right to complain and you have the right to leave that country giving up your citizenship
and going to another.

This is the reality of the world we live in and like it or not bitcoin does nothing to change this. Bitcoin
provides something more important. It provides a means of tracking and tracing that allows us to have not
only sound money but a system that can be built upon it that is corruption resistant.

To end, fairness
It’s very simple, if you do not like tax, and not many of us do, move. You have the right to change country.
You have the right to vote in a democracy to lower tax.

The idea that privacy coins as they called will ever take traction is asinine. Government can control access to
payments and exchange and require that any transaction involving a media they do not like become
immediately void. Bitcoin walks a very fine line that allows it to operate as money. That is its strength and
that is why bitcoin is cash.

I favour small government, and, in many ways, Bitcoin helps. It helps as a translucent database allows easier
compliance, less interference and can reward those individuals and companies who save and invest.

Those who play by the rules, they are called by some sheep, yet it is these people and those organisations
who are the backbone of trade and exchange. It is not whether you like the rules of the game, it is that you
play fairly by them. Evading tax is not noble, it is simply cheating and fraud. You can justify this all you like,
but, it means those who cannot, who will not and who are honest are punished for your transgression.
The paradox of the Übermensch
By Craig Wright | 05 Sep 2018 | Bitcoin & Blockchain Tech
It is simple to be disappointed with the common person. I have written recently about the bandwagon
fallacy. When I wrote about this the other day, I pointed out a variation of it that we now see, proof of social
media. We can call this the Reddit effect, but it has infected much of society and not only crypto currency.

Truth is not a function of popular belief. Seeking social validation does not help you reach truth.

Proof of Social Media is proof of not thinking

This post today I seek to go through many commonly presented fallacies. I do this not in attempt to offer
any proof or disproof, but in my normal Socratic style I seek to have people start to think. This is a concept
that is strong in “Thus spoke Zarathustra” (1896), where Nietzsche presented us with the maligned concept
of the Übermensch. This has been commonly mistranslated into beyond man, Superman or over man. The
truth of what Nietzsche sought was more the worldly businessman of the format of a Carnegie. The
unwavering focused businessman developing and building come what may without care of social pressure.

The Übermensch related to a new form of aristocrat, not one who inherited a position but one who had to
earn it in a meritocracy. For Nietzsche one such as Cesare Borgia could fulfil this role as in a more modern
sense so could a Steve Jobs.

It is this mindless disgust for the unthought through social behaviour of the herds that I seek to expose. Two
years ago, I wrote a blog piece that remains cogent and has hardly been read correctly. In my past, I taught
the ability to use robot.txt files in a manner that would create varying information within sources such as
the wayback machine. The wayback machine is not a terribly good archive site for forensic purposes. One
skilled in the art can select files that appear and disappear over time. Two files can be simultaneously loaded
and based on a subsequent robot.txt file one can choose which one will appear at any time.

I selected to delete many of my old blog files, in time I will recover some of these but not yet.

A file that I did decide to leave and not manipulate the timestamps of was a post I authored two years ago
that very few still seem to have read in any detail skimming only to the predefined response the
bandwagon demands.

JEAN-PAUL SARTRE, SIGNING AND SIGNIFICANCE

One day people will read the article and decide to comprehend its intent. A critical difference to the
perceived significance of the article and to the difference that many assign is the intent. The most critical
part is that which is overlooked by most in the youth. It is not the first look nor even the second but the
deeper meaning. In 1964, Sartre rejected the Nobel prize for literature.

“If I sign myself Jean-Paul Sartre it is not the same thing as if I sign myself Jean-Paul Sartre, Nobel
Prizewinner” — Jean-Paul Sartre, 1964

He did not take this lightly and saw his position altered irrevocably through a path he did not seek yet
which others sought to thrust upon him.

Very few question the reason behind the choice of Sartre for this piece nor the significance. The moment of
the comments in the words lost to the “herd” clamouring to be accepted remains now as it was when I
authored a manifesto very different to the philosophy of Sartre days after the death of my best friend, David
Kleiman .

To be is to create

The irony in the creation of an idolatry for a creator seeks to askew veneration is lost on those who cannot
read between not only the lines but the text itself.

It is funny experts can be misled by their own idolatry. In many ways, love and hate are two sides of the
same coin. In my post on Sartre there is no point in which I make a promise to answer or to be. This shall not
change for bitcoin is pseudonymous and proof is more than signing.

It has already been said that should I sign that others would simply believe that I’d stolen keys or defrauded
others into gaining wrongfully the possession of those required keys. In this we see the problem. That you
seem to of read so little, and fewer seem to wish to comprehend. I know how, not viscerally better deep
technical level to sign using a digital signature formats such as ECDSA. I know how the mathematics of
such a system is designed. And in the piece on Sartre I demonstrated conclusively our knowledge of the
most convoluted way of finding to verify a signature without resorting to something as simple as dropping
it into a bitcoin wallet.

But verification and proof was never the key.

Security is always a risk function and not an absolute.

Now as then people foolishly assume what they already want to know. It was Frederic Bastiat, the French
economist and philosophe who instructed us to look beyond the first layer into something deeper. Many
already a lost cause. But in this I retain hope. Some will strive and struggle and compete and others will
think for themselves.

If you think I will give you the answer that you wish, I disappoint your vaguarity and inability to provide more
than the indefinite nebulousness of an unclear and undefined desire. You cannot call for a leader to lead you
into a leaderless society.

The hypocrisy and the contradiction of the paradox leads one into a state of denial cannot overcome.

In “ The seen and the unseen ”, Bastiat presented us with the concept of delving for meaning in the hidden
or later appearing consequences of any intervention in the economy, I will take this further and say that the
unseen consequences flow many systems. To understand is not to look eternally, but, to equate a depth
that is warranted for the outcome you require.
Pseudonomy allows choice and free action

“A Negative Railway” (Bastiat, 1845) shows us the extent policy contained within the current debates over
the bitcoin protocol. Just as with the absurdity of listing to every vested interest between all parties seeking
stops on the Bordeaux to Bayonne railway, seeking all changes from all users of money would lead to an
equally absurd outcome.

He Who Has a Right to Work Has a Right to Profit .

Meritocracy
Rule by philosopher-king gives way to timocracy (rule by property owners), which gives way to oligarchy,
followed by democracy and then tyranny. As democracy is preceded by rule of the rich, Plato believed that
under a democratic regime, there would be considerable resentment against the wealthy; the first step of
the democratic demagogue, he claimed, would be to attack these wealthy elites.

Bitcoin is pseudonymous. It is time for me to explain some of that to the herd.

First and foremost, bitcoin is based on proof of work.

In Plato’s Republic, Rule by philosopher-king gives way to timocracy . This is a rule by property owners. It is
in effect a form of aristocracy. It came from the system of wealth being seen and known. What Plato did not
see was the form of money that could be neither anonymous nor open. That is, a money that is translucent.
A money that is polarising and visible only when seen in certain ways. With such a money the aristocrat
need not have others know. In this, even family can be abstained out of knowledge from the extent of one’s
wealth.

In a proof of work system, unlike that of proof of stake, we create not an aristocracy, but maybe if it works
the first true meritocracy. Not a system as Plato saw in the Republic that gives way to oligarchy as we will
see with proof of stake, but one which embraces the most fundamental capitalist ideas. Not those of the
common businessman seeking mere wealth or short-term gain but those who want to create for creation
sake.
The ultimate philosopher king is one who is not known as being a king

The flaw of a meritocracy and the flaw coming from the wealthy who have achieved is envy and greed. Plato
saw the collapse of democracy through the resentment of the wealthy. We see this already in our society
where people attack those who achieve, on false claims of inequality. The demagogue, the social media
manipulator attacks the wealthy in this system. In the Republic, it was in the forum and through lawsuits. In
the modern world it starts and Reddit and twitter.

What is Bitcoin…

Bitcoin is a system for the pseudonymous exchange of wealth. It does not redistribute and it does not
create any socialist idea of equality. It is a form of money that allows one to prove when they choose to
prove and no more. It is important to note that in a pseudonymous system honesty is maintained only
through the exchange of information between individual parties and not public attestation.

The first rule of bitcoin that many need to start to understand is that you do not need to do anything
publicly and in fact entire concept of proof of social media, proof by demagoguery is one of the key aspects
of common societal collapse that bitcoin was designed to circumvent.

In contract law, there are three aspects of an exchange. Offer, acceptance, and consideration. When one
does not seek anything from another there is neither offer nor acceptance. I’m sorry to finally explain this to
you but I do not want your adoration and the only thing I will do is ensure none ever take up the mantle I do
not want. The funniest thing in all this has been that many expect something without consideration. If you
deal with me, you will know that this can never be the case. Moreover, I have no need of money — rather I
have all I will and shall ever need. So, it is likely you have little to offer.

References
1. “That Which is Seen, and That Which is Not Seen” Bastiat, F.
2. Bastiat, F. (1845) T.38 ES1 17 “Un chemin de fer négatif” (A Negative Railway) (c. 1845) in CW3, pp. 81–83.
A diatribe on Bitcoin, Trust and the economy of security
(redux)
By Craig Wright | 07 Sep 2018 | Alternative Coins & Systems
It was April 27th, 2013 when I first published an earlier version of this, and it is timely to start bringing this to
life again.

The most marketable goods are what become the media of exchange.

The statement above has held true for all time. When exploring the history of money and barter it was not
cows and chickens that were exchanged. The farmer with an excess of chickens would exchange first for
grain, butter or some other divisible good. Grain could be divided into small parcels. These parcels could be
used to trade for other objects. It is impractical to think that anything larger than a small village engaged in
social barter long-term. Even a small group, no larger than a few families starts to collate obligations. What
would’ve actually occurred is the use of improvised currency.

This started with divisible goods. Those common items that could be easily exchanged.

Are you earning a salt wage?

In Rome, salt was commonly used and forms the basis of our word today for earning. That is, salary.

Salt was ideal as a form of early currency. It was divisible into small amounts, did not degrade quickly and
started as something people could trust. It was easy to taste salt and it was simple for the average person to
determine the quality.

As the value of trade increased salt became insufficient as a medium of exchange. It was used for many
small purchases and remained a staple up until today, but, the volume of salt has increased against labour
leaving the amount of salt required to become excessive.

The quantity of salt was too large in the end for most trade. It was also too easy to lose. A rainstorm could
literally liquidate your holdings. Slowly over time other sources of wealth came to replace early currencies
such as salt. Gold is perhaps the best known of these. It is easily divisible and does not degrade over time. It
has a use in jewellery and has been highly valued through the entirety of written history.

Supply and demand however has increased the value of gold. Gold has uses in electronics and jewellery
even today but its true use is as a form of wealth measurement. This value has increased to many times its
consumption value as it is in demand as a form of saving. Although gold is mined it is also consumed. The
demand for gold is increasing for many reasons but one is fairly simple, you cannot print gold.

This is of course a powerful aspect of gold. The hidden tax of inflation cannot be hidden. The government
cannot decide to increase the monetary supply and devalue a nation’s wealth. Yes, the arguments abound
that the central banks control currency or not the government but remember in the US it was Pres. Obama
who took an additional $1 trillion for his own spending experiments. The result of this was a severe drop in
the US currency value. The US dollar which was worth far more than the Australian dollar was on par in 2012.
The reality of this is that the US government took the wealth of the entire country and taxed it away. The
international purchasing power of a US citizen has been drastically reduced. The result is every US citizen
has less money. Their houses are worth less, their investments are worth less, they are less wealthy.

Wealth is not money, it is what can be gained

The reality, government has taxed them outside of Congress or anything they decided to vote for. The reality
is a theft on a massive scale but one that has been hidden, overlooked and somehow blamed on commerce
and business. Commerce and business of course being the engine that funds and powers the country but
which is also denigrated.

So the question is what the hell does this have to do with bitcoins and trust?

If you asked this I will say is a good question. It is a fundamental aspect of what bitcoins are achieving. The
key to currency is trust. That’s it, nothing special no more. The US dollar is not a promise of anything of
value. Since the US dollar has been taken off the gold standard the US dollar is a promise of the US dollar.
What this means is that if you go up to the treasury and hand them one US dollar they will hand you back a
US dollar. This may be the same US dollar or it may be a different one. That is the extent of state-based
promises in regard to currency. Basically, there is nothing to trust.
Well, it happened before…

We’ve seen this again and again. States change leadership. Even when leaders are selected they do not do
what they are selected to do. In Australia we have a choice of two parties. One a Labour Party who will lead
us into a deficit that they have created. The other the conservative coalition who will promise to spend us
into a deficit. We have a choice. A choice of who waste our money better. But is that really a choice at all.
When given a choice of Mickey Mouse or Donald Duck as our leader I don’t see that we have a choice at all.

Bitcoins are like gold in many ways that I am not going to detail on this post. What matters is that
government cannot degrade the currency. They cannot print more. They cannot steal the wealth of the
nation for the half cocked ideas they tout without a clue of the effects.

Australia has an opportunity to be the breadbasket of Asia. Commercially speaking supporting the
commercialisation of agriculture make sense. This is not the idea of handouts to farmers, it is the idea of
allowing large-scale industry farming. Automated systems based on technology with highly educated
people managing farms. This is an idea based on cutting subsidies and spending less. It is one where we
don’t continue to pay car workers who are economically inefficient and who drain money from the entire
society to produce inferior quality products. It is one where the most competitive forces win.

Right now, we have the same scenario in Bitcoin with regards to mining. Some want to scale and allow the
world to have access to sound money. Others, want to be subsidised so they do not need to work and strive
as hard.

Bitcoins can be trusted for the simple fact that government cannot print more. It is not a central authority
that creates trust. It never has been. Money did not develop because of the benevolent government. Money
was created by merchants and commercial entities as a means of engaging in trade. It was not a
benevolent government who created money but rather a despotic government who monopolised and
continues to monopolised the means and supply of money following a hostile takeover. Yes a hostile
takeover. Quite simply put money existed well before government. Trust in the currency existed without
government. We have been fed a lie designed to make us believe that we need a benevolent central body
telling us what to do. We do not nor did we ever.

For this reason and for the reason that bitcoins cannot be created at will, we can trust virtual currency more
than that issued by governments.

This brings us back to the initial statement of this post. The most marketable goods will always become the
primary media of exchange. Right now Bitcoin is (and remains in) in the early phases of adoption. A limited
number of markets are available but they are growing. It is a currency that is infinitely divisible allowing for
small trades across borders. This is important. More so than many people realise.

We are entering an era of intellectual property.

There will be no traditional manufacturing in years to come. This is a big and even bold statement but it is
one based on fact. Automated systems are becoming cheaper, faster and better. In just a few years they will
exceed the best capabilities of the most skilled artisans and they will do this at a cost less than the lowest
unskilled wage. 3-D printing remains at the stage computers were in the 1970’s and 1980’s. Robotics remain
at a similar level. What people seem to forget is that all of these technologies gain in capability every year
exponentially. The skills of individuals, even artisans increase slowly if ever. The best development a human
can do is linear. Over time any exponential system exceeds a linear one. In my lifetime manufacturing and
automated systems will produce more at a better quality in the lower price than any human could ever
hope to achieve.

What people can offer is simply intellectual. We design and we create, it is our strength.

It is not the idea, but the implementation

The result will be a world of little but intellectual property. Technologies such as 3-D printing as well as
others I cannot even imagine and services will be the foundation of society. Manufacturing will not be. Even
agriculture will be a technology. The romanticised ideal of the farm family has had its day. The agricultural
corporation running automated devices will exceed the output in production of even the best farmer.

This is a world that needs a means of transacting engaging across borders. Intellectual property can be
distributed instantaneously across the Internet to any place as it is needed. Your production device at home,
the future intellectual child of today’s 3-D printing technology, will create a new cup as you need it. It will
replace your shoes, your swimsuit, your computer tablets, the thing that passes for your phone with its
visual display across your retina. All of these will be printable at home. To do this will require base materials
and intellectual property.

Just like we purchase intellectual property for movies and videos online now we will purchase and receive
instantly goods and manufacturing rights in the future.

This will be from any place on earth. We will purchase from Africa, Asia, Europe, the US and anywhere else
instantaneously. Your Nike shoes will not require sweatshop workers in China. They won’t require workers at
all. The result will be the download of an intellectual property right enabling you to print these things at
home. And they will be better quality than you have now. They will be bespoke set to your exact
measurement in a way that not even the rich know now.

The question to ask here is whether any existing currency can handle this world of the future. One that will
be here in my lifetime and I’m not young. The simple answer is that US currency, the failing Euro, or about
anything else you can select as a state currency will not be trusted internationally if at all inside their own
borders. The trust in the US dollar has eroded as the country is slowly become more and more
interventionist.

What bitcoins offer is a way to instantly distribute payments anywhere in the world quickly and cheaply.
They offer a means of distributing intellectual property and selling the rights instantly anywhere in the
world.
For those who argue about the need for trust based on the government I would add it is about time that
you look at the world we are in and where it is headed. Innovation will change this earth in a way that none
of us can comprehend but it is a way that will become based on intellectual property and intangible ideas.
All wealth will become intangible at its primary source and foundation. Bits will become the foundation of
all society as they already are starting to do, not just movies or music that hard physical goods will derive
from ones and zeros.

One day, all goods will be digital

Right now we can still transact using US dollars and other local currencies but in the future this will become
less and less viable. This is the beauty of Bitcoin in this is the uppercut that has remained unseen until now
when it is too late. The advances in intellectual property and its inevitable march to consume
manufacturing as we know it will require an international currency that can be universally trusted. This is
one without any government intervention. There is only one way to do this and no government can
centralise it.

Bitcoin is not the only solution but it is the leading one. It is Bitcoin that allows Peer to Peer Electronic cash
and it is BCH that remains true to this purpose.

Hold fast to your beliefs if you wish and I will place my bet is you did yours. For this is what it is. You may bet
on currency controlled by state player and I will bet on something that is decentralised and which cannot
be devalued at a whim. A currency that can be trusted by all.

Bet your way and there is a simple way of testing what will occur. It is time. I’ve placed my bet and it is
against all of those who believe that trust requires a central authority. My bet relies on the individual as a
collective whole. That we all have value in that society does not need to be ruled centrally through monetary
control. In the next couple decades we will see who is right and if I’m wrong my words will be here as a
marker and a lesson.

If I’m ri