Distributed Ledger Platforms may be Getting All the Hype but the architecture of Bitcoin is more sophisticated than many people realise
I was a guest of the Financial Services Club Scotland last week. I presented an update on the world of cryptocurrencies to an engaged and well-informed audience in the library of the Royal College of Physicians.
I reprised my current theme that the world of “blockchains” is really two distinct worlds – the world of Ripple-like ledgers and the world of Bitcoin-like systems – that happen to be united by a common architecture, the Replicated, Shared Ledger. This unifying concept is based on the idea that each participant has their own copy of the entire ledger – and they trust the “system” – whatever system that is – to ensure their copy is kept in sync with everybody else’s. The differences are about what the ledger records and how it is secured.
Bitcoin-like and Ripple-like systems
Broadly speaking, Ripple-like systems are focused on the representation of “off-system” assets and are secured by identifiable entities. Systems like Ripple, Hyperledger and Eris are broadly in this world, I think. The security model of these systems is based on knowing who the actors are: if somebody misbehaves, we can punish them because we know who they are!
Bitcoin-like systems are more focused on “on-system” assets and are secured by an anonymous pool of actors. Bitcoin and Ethereum are broadly in this space, I think. The security model here is based more on game-theoretic analyses of incentive structures: the goal is to make it overwhelmingly in the actors’ financial interests to do the “right” thing.
There is, of course, some ambiguity since all platforms have some notion of “smart contracts” – or otherwise recording real-world agreements, as well as asset ownership. But this makes intuitive sense. If your platform is concerned with real-world assets and agreements then you necessarily need some concept of identity (who are the issuers?). And if you’re reliant on the performance of real-world actors, why not also rely on them for the overall system security? Likewise, if the whole purpose of your platform is to create and manage a new asset that can be controlled/subverted by nobody, then giving identifiable entities the power to control your security would seem to defeat the point!
Different design goals, different implementations. And the value of such systems to banks, corporations or individuals is, ultimately, an empirical question. I imagine 2015 will be the year where we discover many of the answers.
Incrementalism versus “Disruption”
But I went further in my talk. I observed that these two worlds also differ in one other respect: the Bitcoin-like systems could be disruptive to existing institutions if they gained widespread adoption, whereas Ripple-like systems seem, to me, to be far more closely aligned to how things work today and are, perhaps, a source of incremental innovation.
If this observation is correct, then firms looking at this space probably need to assess the technologies through different lenses. The question for banks for Ripple-like systems is: “how could we use this to reduce cost or improve our operations” whereas the question for Bitcoin-like systems is: “how would we respond if this technology gained widespread adoption?”
And to answer the last question, one must be sure to really understand what the system under analysis really is!
Bitcoin as a currency might be to miss the point
For me, it is a mistake to think about Bitcoin solely as a currency. Because the Bitcoin currency system is a masterclass in mirage: underneath the hood, it’s a fascinating smart contract platform.
Or, as I said at the Financial Services Club, every time you make a Bitcoin payment, you’re actually asking over 6000 computers around the world to run a small computer program for you… and your only task is to make sure that the computer program returns “TRUE”. Within the Bitcoin community, this is well-known, of course. Indeed, the work done by Mike Hearn and others to document the platform’s capabilities has been around for years. But I find most people in the broader debate are unaware that the platform is pretty much built on this capability – it’s not an add-on.
Bitcoin is a smart contract platform
I wrote a piece last year offering an intuition for how Bitcoin works, in terms of land. My point was that the fundamental building block of the system is the “unspent transaction output”, or UTXO. The UTXO is what you get when somebody “pays” you some Bitcoin. The “output” of their transaction is the money they paid to you. And whilst it sits in your “wallet”, it is, obviously, unspent. Hence “unspent transaction output”.
So you can think of the current state of the Bitcoin system as being a huge pool of UTXOs: all the payments that have been received by Bitcoin users that they have not yet spent:
Every payment that has not itself been spent is modeled in the Bitcoin system as an “unspent transaction output”. In general, each UTXO can only be spent by the owner of the “address” to which it was sent (not always, and this is the point; see later). And each UTXO has an identifier (the transaction it appeared in and its position in the list of outputs of that transaction) and a value: how many Bitcoins are represented by that UTXO.
But what people often miss is that these UTXOs are actually tiny little computer programs that live on the ledger, control access to bitcoins and run in response to specific incoming events. Smart Contracts, if you will. And the only way you get to spend the money controlled by that contract is if you can provide some input data that allows every node on the system to execute the program and check that it returns “TRUE”
If you can make the program return “TRUE”, you get to say what happens to the funds. If you can’t, then you don’t.
So, when you want to spend your money, here’s what you do:
Your wallet software writes a little computer program for you and then sends it into the bitcoin network. It effectively says to the network: “Please run this little program I’ve just given you. Then please find a program (“smart contract”?) on the platform with this ID for me. When you’ve done that, feed the output from my program into program you just located”. So this is a two step process: you provide your own little program… and the output of that is fed to the UTXO program that you want to spend.
The way you spend money in Bitcoin is to ask the platform to run a small computer program that you provide and feed the output of that program to the “smart contract” that is storing the funds you want to spend. If you can make this second program run successfully, you get to spend the money. In Bitcoin terminology, the program you provide is “scriptSig” and the UTXO program is “scriptPubKey”. Your goal is to provide a “scriptSig” whose output can be fed into “scriptPubKey” to make it return “TRUE”
So what are these little programs? In the common case, they’re really simple. The “UTXO program” simply says: “provide me with a digital signature that proves you own the key associated with the following Bitcoin address (and please also prove that you know the public key that corresponds to the bitcoin address)”. That’s why it’s called the “scriptPubKey”.
And the program you provide is just a way to ensure the bitcoin system sends this proof into the scriptPubKey program in the right way. It’s a way of providing a digital signature. Hence it’s called the “scriptSig”
If you don’t know the private key then you can’t generate the right signature and so you can’t create the input necessary to get the smart contract (scriptPubKey) to run successfully and you don’t get to spend the funds. So this, seemingly complex model, is just a way to ensure that the only person who can spend money at address 1abcde… is the person who knows the private key… exactly as we would want.
Why is it this complex?
But notice how powerful this is… because the other thing you do is tell the system to replace the existing scriptPubKey program with one or more new programs. And this is how your payment is modelled in the system. You pay somebody by creating a new program (a new scriptPubKey) that only they will be able to execute successfully. In this way, you can pay different people or send change back to yourself. The program that only you can run is replaced with ones that only the payees can run. And, in this way, the value has been passed from you to them.
So the result is that the original program living on the ledger is replaced by one or more new programs. In the usual case, one or more of these new ones will be associated with somebody else’s bitcoin address so only they will be able to control it. You have, in effect, paid them that money since the funds are now under their control
Paying somebody in Bitcoin is the same as replacing the program you control with ones they control. In this diagram, the funds you controlled have now been split between two new recipients. Only they can spend those funds.
Smart Contracts?
So what does this have to do with smart contracts? The key is that the model I outlined above is quite generic. The programming language is (just about) powerful enough to implement some interesting business logic that goes beyond “Richard paying money to Bob”. For example, you can write a program that will only return “TRUE” if you provide proof that you know the private key to multiple bitcoin addresses. This is a way to model “a majority of Board Directors must jointly sign before these funds can be spent”, perhaps. The Bitcoin “contracts” wiki page goes into far more depth.
However, the reality is that the capabilities of the platform are actually quite constrained – and I think this explains a lot of the interest in other platforms, such as Ethereum. However, it should be noted that Gavin Andresen has argued that Bitcoin’s limitations need not be a constraint.
So what?
Some might argue that it’s not necessary to think about Bitcoin in this way. But I think that would be a mistake. Because, while lots of people are getting excited about the potential of smart contracts for business, we’ve had a sophisticated smart contract platform running quite successfully for over half a decade, in the form of the Bitcoin network.
Sure – it’s very limited (that’s why systems like Ethereum are getting built). But it might be a mistake to bet that it won’t evolve.
Ultimately, my point is this: even if there’s a low probability of success for a potentially disruptive system, it surely makes sense to understand everything possible about what that system can actually do…
[Disclosure – I provide advice to Hyperledger in a personal capacity.]
[Update – 2015-03-30 Typos and replaced first diagram… I accidentally included an older version that used random IDs for UTXOs that looked like bitcoin addresses, which was very confusing…]
Richard Gendal Brown 
“What it records” and “how is it secured”, are independent questions. All the systems are capable of representing off-system assets. The real difference is do we require that parties be known and trusted to form consensus. The distinction is important because really what you are asking about – as I believe you have previously mentioned – is what is the threat model?
Thinking about smart contracts more as a platform than as Bitcoin as a currency, I think the notion of them as /state machines with money/ makes them actually more likely a centralising force than a decentralising force. The consequences of this are likely to not be as empowering and positive as people seem to believe?
More on the blog: http://financialcryptography.com/mt/archives/001553.html
Reblogged this on Preston Byrne and commented:
“Some might argue that it’s not necessary to think about Bitcoin in this way. But I think that would be a mistake. Because, while lots of people are getting excited about the potential of smart contracts for business, we’ve had a sophisticated smart contract platform running quite successfully for over half a decade, in the form of the Bitcoin network…
“Ultimately, my point is this: even if there’s a low probability of success for a potentially disruptive system, it surely makes sense to understand everything possible about what that system can actually do…”
Now imagine Eris. A smart contract-capable, smart contract-controlled Bitcoin-type system. In your pocket. And you can run as many as you like.
I totally agree and I think you’re raising a crucial point here. The thing is that Eris, Hyperledger etc are a completely different thing when we think of their repercussions than decentralized anonymous systems. There is really nothing revolutionary about the first class, even if they end up changing a lot of processes.
So the deceptive thing is that when people speak of projects that go ‘beyond Bitcoin,’ they’re often much less revolutionary. It’s hard to think of a more radical idea than a global, stateless, decentralized cryptocurrency that allows anonymity. I think, it’s also important to realize how that affects the riskiness of startups in the space. Startups that take some elements of the technology to provide business solutions, aren’t much riskier that regular tech startups.
On the other hand, if one is building a startup that relies on the success of Bitcoin, one is taking on a huge amount of risks. Besides the usual risks (team/execution/market), there is the risk that Bitcoin fails and there is a huge timing risk. If you build on Bitcoin, it’s not enough that eventually this succeeds, it needs to do so fast otherwise you’ll have burnt through the cash long beforehand.
@Brian – thanks… good point. Looking at it from the perspective of a startup is very helpful
@Preston Byrne, shilling for Eris again. Everytime someone mentions the word smart contract or how bitcoin has potential, you can bet Byrne is there shilling. https://twitter.com/prestonjbyrne/status/577189022377861120
Richard, Thanks for your article. In the following context, how would you define “paid”?
“You have, in effect, paid them that money since the funds are now under their control”
Can you refine your definition of “control” a bit for the readers in light of such broad topics as “internet kill switch”, bitcoin mining concentration, drug dealers being dangled off an 18th floor balcony in Philly, grand jury info stymying in the Silk Road case, and the possibility that somewhere somehow Preston’s attempt at a blanket dismissal of “the double-spending of cat pictures” just might be an encroachment upon J. Paul Getty’s image database http://www.bloomberg.com/news/articles/2015-03-31/tips-from-billionaire-gordon-getty.
I know how to define classic “shilling” although “marmoting” does seem to be a rising meme in the ethnically ambiguous nature of all things cuddly mascot. Here’s my shill: http://www.tradewithdave.com
@Dave – fair points… thanks.
By “control” in this context, I’m implying that, previously, only *I* could make the program associated with a particular transaction output run successfully and that, after I’ve “paid” somebody, only *they* can make the new program, that controls the successor to that transaction output, run successfully. And those who can make the program run successfully get to specify one or more *new* programs to replace it in turn – and can specify who those programs will answer to. To the extent that people find it valuable to have such control over a subset of the Bitcoin supply, they will regard obtaining control of a transaction-output as the receipt of value.
I don’t claim this is a *clean* or *obvious* model…! And I’m neither a philosopher nor laywer so any deeper exploration of “pay” and “control” is probably beyond me.
As for your other questions, I long ago concluded that I had no particular expertise on marmots and so have declined to participate in any debate concerning them…
Single women want sex in your city: https://chogoon.com/srt/kmdk9?VNkM0ruoben
Popular tags: gillette razor dating chart, dating and mate selection, free muslim matrimonial dating site, free dating site 2015, dating practice games, dating someone you met at a bar, comment faire un job dating, bulgarian matchmaking, dating services kitchener, anonymous dating app australia, bc hydro hook up phone number, are hookup skateboards good, what is the best online dating site for free, matchmaking agencies dublin, real dating sites in pakistan, x factor dating bristol, tinder dating how does it work, aquarius man dating virgo woman, how to let guys know you want to hook up, appleton wi dating site, profile info for dating site, best free thailand dating sites, fat girl dating tumblr, convict dating site, full free dating websites, can the carbon dating technique be used to determine the age of a diamond explain why or why not, is dating online a good idea, dating online essay, lamborghini hook up, plus size dating app, dating database download, free online dating south america, asian guy dating tips, 100 free arabic dating sites, arabian online dating, who is dating who in wwe, 14 brutal truths about dating a pisces, just give up on dating, speed dating sociology, hookup sites orlando, match making software in gujarati free download, eharmony local dating philippines, who is shaquille o neal dating now, dating site pay for first date, free teenage dating sites uk, townsville online dating, chatting and dating online, dating someone who doesn’t have herpes, male dating scammers photos, what is the most successful dating site in australia, prometheus and bob dating, challenges of dating online, free online dating service australia, safer online dating, tips for dating safely, yoga dating service, dating site chatting tips, did wolverine and storm hook up, dating really religious girl, india westbrooks dating history, dating service france, skinny girl dating fat guy, 100 free dating sites for ladies, is zoosk a real dating website, how to find out if someone has a dating profile, the most popular free dating sites in europe, how to stop dating narcissists, georgia dating sites, dating in kuala lumpur, bee dating site, the dating doctor coleman, dating in east texas, christian speed dating johannesburg, hookup sites in nigeria, dating catalog, what is the dating age law, dating bridge of allan, what to say on dating website profile, i have been dating for 5 years, widow dating a divorced man, female dating in coimbatore, marriage without dating eng sub ep 14, customer service phone number for plenty of fish dating site, allentown dating, use hook up in a sentence, cyrano dating agency eng sub ep 5, cardiff dating sites, thornton dating, coffee and bagel dating app, free dating service for seniors, totally free to contact dating sites, dating cafe silvester, italian free dating site, get married now dating site, bbc three dating shows, questions to ask a girl on internet dating, social networking and dating sites, dating site in usa free, ct and diem dating again, zoo dating site, chennai dating girl mobile number, dating buzz western cape, just good friends dating site, free dating sites in usa and canada without payment, houston matchmaking, dating sites in india that work, modern definition of hook up, best iphone dating app 2015, free dunedin dating sites, speed dating bordeaux o7, what dating a married man does to you, online dating apps south africa, manchester online dating free, bachelorette britt nilsson dating, gothic dating websites, tips for online dating profile, activity 8.3 absolute dating of rocks and fossils answers, destiny matchmaking for prison of elders, when does a girl start dating, tell me about yourself dating site, internet dating studies, mga programa ni dating pangulong joseph estrada, mzansi sugar mama hook up, oxford university online dating study, kerr canning jar dating, matchmaking poland, dating guild gad guitars, manhunt gay dating sites, japan expo speed dating, one direction interview this isn’t a dating show mate, asian girl white guy dating site, how accurate is pregnancy dating scan, online dating cuenca ecuador, millionaires dating club uk, online dating ecards, exchange numbers online dating, speed dating edmonton ab, online dating form letter, parvati vaze and gaurav bajaj dating, dating online uk, first 3 weeks of dating, roblox online dating troll, special needs dating sites uk, bgc dating online, dating holland free, free dating sites brisbane in ipswich, dating agency cyrano indir koreantГјrk, online dating facts, speed dating sydney nsw, dad dating after divorce, is the guardian dating website free, dating a guy while pregnant, the most popular dating site in usa, dating site christian mingle, yaoi dating simulation games online free, found my boyfriends dating profile, rich dating sites in nigeria, my sister is dating a loser, dating site costa rica, long term dating apps, dating artifacts and fossils, free dating websites yahoo, i kissed dating goodbye by joshua harris epub, lala sloatman dating, top us free dating sites, hookup cellular az, best way to respond to online dating messages, matchmaking through blood group, left handed dating site, el juego dating justin bieber, simply matchmaking seattle, christian singles free dating sites, rogersville dating, dating relationship devotionals, beste dating sider i norge, gratis dating sites danmark, how to tell a guy you want to hook up with him, rv hookup yellowstone national park, ndola dating site, free dating sites at chennai, free dating sites in thailand, kenya dating sites online, dating quickly, when you stop dating someone, sugar mama dating service, dr laura dating 101, are shawn spencer and juliet dating in real life, el salvador dating culture, absolutely free dating site in usa, facts about dating a virgo, online hookup sites like craigslist, nz dating sites free, 32 year old woman dating a 21 year old man, online dating marriage sites, independent newspaper dating website, perth wa dating, best dating site in asia, best online dating opening messages, free kundali match making software download, norway gay dating sites, is online dating good for me, dating coca cola thermometers, dating agencies in cork, local christian dating sites, definition of dating conventions, indiana state laws on dating, gay bath house hookup, online dating is it for me, dating with self harm scars, goo hye sun dating, speed dating atlanta african american, youth dating series, create your own free dating site, discours speed dating, i’m dating an asian guy, hook up sites in germany, leo dating libra man, love dating romance, ray j dating floyd mayweather ex, el paso texas dating sites, speed dating jeune, fast impressions dating melbourne, what asian dating sites are legit, dating wagner ware skillet, online gay dating in bangalore, what is the law of superposition how are cross-cutting relationships used in relative dating, dating pinterest, online dating varanasi, asian dating free, hook up clearance reviews, gay dating bolton uk, philadelphia dating, best australian dating site free, dallas dating ideas, ugly schmucks dating, duncanville dating, st john’s dating service, dating sites in durban, dating website building, separated but still dating, online dating sites ireland reviews, dating in newfoundland, how to be dating material, dating happy, tall women dating, special dating, dream meaning of dating a celebrity, meet me online dating site, cute dating shirts, seven stages of dating high school story, free asian dating site vancouver, free dating in holland, dating dilemma rachel gardner
best cvv shop online – fresh cvv for sale, cvv list