The Truth Machine The Blockchain and the Future of Everything by Paul Vigna, Michael J. Casey

jpeg) THE BLOCKCHAIN AND THE FUTURE OF EVERYTHING MICHAEL J. CASEY AND PAUL VIGNA THE TRUTH MACHINE THE BLOCKCHAIN AND THE FUTURE OF EVERYTHING MICHAEL J. CASEY AND PAUL VIGNA ST. MARTIN'S PRESS NEW YORK Begin Reading Table of Contents About the Authors Copyright Page Thank you for buying this St. Martin’s Press ebook. To receive special offers, bonus content, and info on new releases and other great reads, sign up for our newsletters. Or visit us online at com/newslettersignup For email updates on Michael J. Casey, click here. For email updates on Paul Vigna, click here.

The author and publisher have provided this e-book to you for your personal use only. You may not make this e-book publicly available in any way. Copyright infringement is against the law. If you believe the copy of this e-book you are reading infringes on the author’s copyright, please notify the publisher at: com/piracy. For Liz, Jenny, Sarah, and Di —MC For my mom and dad —PV Preface In The Age of Cryptocurrency, we explored the digital currency bitcoin and its promise of a fairer global payments system, one that functions without banks and other financial intermediaries.

As that book was going to print, Bitcoin’s* wider application—how its core operating system can help resolve problems of trust between individuals and businesses when they trade assets, enter into contracts, assert claims to property, or share valuable or sensitive information—came to the fore. Within companies, governments, and the media, a groundswell of interest, including a fair bit of hype, turned toward what became known as “blockchain ” In resolving longstanding problems of trust and enabling a community to track its transactions without entrusting that record-keeping process to a central intermediary, the blockchain idea promised a way to bypass the various gatekeepers who control society’s exchanges of value.

It could, for instance, let a neighborhood of “prosumers”—households that both consume power and produce it with solar panels on their roofs—trade energy among themselves within a decentralized marketplace and without a profit-driven utility company setting the rates. Similarly, property owners, buyers, and mortgage lenders would not have to trust an unreliable government registry as the only record of deeds and liens when a more trustworthy one could be built on an immutable database managed by a decentralized network with less risk of corruption, human failure, or theft. These are just some of the many new applications that attracted people’s attention to this innovative idea.

The zeitgeist of public awareness had two big impacts on our lives. The first was that one of us—Michael Casey—got so excited about blockchain technology’s potential to change the world that he quit a twenty-three-year career in journalism to work on it full time. Less than six months after The Age of Cryptocurrency was published, Mike left The Wall Street Journal for MIT’s Media Lab. The lab’s frenetic director, Joichi Ito, who is commonly known as Joi, had recognized parallels between Bitcoin’s emergence and the software development he’d witnessed during the early days of the Internet.

Sensing a similar enthusiasm for a new, decentralizing architecture, Ito hatched a plan to bring powerful academic and financial resources to the vital task of developing this nascent technology. The result was MIT’s Digital Currency Initiative, a center where leading academics and students in the fields of cryptography, engineering, and finance could collaborate with Fortune 500 strategists, innovative startups, philanthropists, and government officials to design the digital architecture of a new “Internet of ” When Mike received an offer to join this initiative, he saw a once-in-a-lifetime opportunity to get in on the ground floor of an economic revolution.

The second impact is the book you are reading. In The Age of Cryptocurrency, we focused primarily on a single application of Bitcoin’s core technology, on its potential to upend currency and payments. Since the book’s publication, though, we have learned there’s a risk in writing about technology: it changes, while the words on the page do not. So much has changed in three years, in fact, that we were compelled to write another book. The Truth Machine expands the conversation we began in 2015 and takes it to a level higher. It explores how Bitcoin’s technology and its various offshoots point to a general redesign of social organizations, fostering many more alternative applications.

In the modern economy, to control information is to control the world. This is seen in the ever-growing influence of tech behemoths like Google and Facebook, constantly accumulating data that’s pertinent to who we are and how we interact with each other. In this twenty-first-century economy, power is defined by whoever has authority to collect, store, and share data. Currently, that authority is centralized. It is concentrated among a narrow number of giant tech companies. If you’re wondering why that’s problematic, just think of the influence that Facebook’s hidden algorithm, which prioritizes the company’s business model above all other objectives, has had on our politics.

In incentivizing the creation and sharing of often- dubious information to trigger dopamine releases among social networks of like-minded people, its algorithm played an instrumental role in the bombshell S. elections of 2016. The ideas behind the blockchain* have now unleashed a struggle to turn that structure of concentrated power on its head, to figure out how the capacity to control and manage information might shift to a decentralized system that no one controls. It lets us imagine a world that’s not dominated by Google, Facebook, or, for that matter, the NSA, one where we, the people, the core components of global society, get to say how our data is managed.

We felt it was important to get that message across. The Truth Machine is our attempt to convey it. Introduction A SOCIETY-BUILDING TOOL Sixty miles east of Amman, in a 5.6-square-mile block of dry, stony ground carved out of the Jordanian desert, lies the UN High Commission for Refugees’ Azraq camp. Teeming with 32,000 desperate Syrians living in pre-fabricated shelters—rows and rows of white, corrugated steel cabins arranged in a military-like grid—Azraq poses the logistical challenges of a small city. Yet UNHCR and the other aid agencies that give the refugees food, shelter, and a modicum of hope can’t count on the kinds of institutions and infrastructure that normal cities use to ensure order, security, and functionality for their residents.

All refugee camps are, by definition, short on what political scientists call “social capital,” the networks of long-established relationships and bonds of trust that allow communities to function, to engage in social interaction and exchange. But Azraq can seem especially devoid of it. There are police in Azraq, but they are Jordanian. They are not of the people, not of the community. And while the crime rates in Azraq are lower than those in nearby Zaatari camp, where 130,000 Syrians live in conditions that a UN review once described as “lawless,” this hot, dry, stony place is hardly welcoming.

When Azraq was set up in 2014 as an alternative to Zaatari’s chaos, refugees complained that it lacked life. Electricity was sparse, which meant they couldn’t charge their cellphones, cutting them off from family and friends. The lack of a functioning, trustful community also heightened the refugees’ fears of being abducted by the extremist organization Islamic State. Many initially refused to move to Azraq camp, and although the numbers have increased more recently, Azraq is still far below the 130,000 capacity for which it was built. It’s fitting then that this pop-up city, in real need of some functioning social capital, is now the scene of a radical experiment in new models of community governance, institution-building, and the management of resources.

At the heart of that effort is blockchain technology, the decentralized ledger-keeping system that underpins the digital currency bitcoin and promises a more reliable, immediate way to trace transactions. The World Food Program (WFP), a UN agency that feeds 80 million people worldwide, is putting 10,000 Azraq refugees through a pilot that uses this system to better coordinate food distribution. In doing so, the WFP is tackling a giant administrative challenge: how to ensure, in an environment where theft is rampant and few people carry personal identifying documents, that everyone gets their fair share of food.

Among those participating in this project was forty-three-year-old Najah Saleh Al-Mheimed, one of the more than 5 million Syrians forced to flee their homes as the brutal, ongoing civil war has all but destroyed their country. In early June 2015, with mounting food shortages and reports of girls being kidnapped by militias in nearby villages, Najah and her husband made the drastic decision to leave her hometown of Hasaka, where their families had lived for generations. “It was an ordeal that I pray to God no human will ever witness,” she said in an interview conducted on our behalf by WFP staffers working in the Azraq camp.

In leaving behind her home, her assets, her circle of neighbors and family, and her ties to what was once a more coherent Syrian nation, Najah was also losing something extremely powerful that the rest of us take for granted: a societal system of trust, identity, and record-keeping that ties our past to our present, anchors us as human beings, and lets us participate in society. The amalgamation of information that goes into proving that we can be trusted as a member of society has historically depended upon institutions that record and affirm our life events and credentials—bank accounts, birth certificates, changes of address, educational records, driver’s licenses,

—and keep track of our financial transactions. To lose all of that, as refugees often do when thrust into “statelessness,” is to be put in a highly vulnerable position, one that’s inherently easy for the worst of the world’s criminals and terrorist organizations to exploit. If you are unable to prove who you are, you are at the mercy of strangers. Among all the work that agencies such as the UNHCR and the WFP do, this core function—the creation of stand-in societal institutions—is just as important as the food they provide. In dusty tent cities filled with dislocated people around the world, these humanitarian agencies must undertake the challenging task of recreating systems of social trust.

They are reconstructing societies, building them all over again. And it turns out that blockchain technology provides a tool for doing just that. It’s in this realm, where human beings must depend on reliable institutions to keep track of their social interactions and provide proof that their claims are valid, that blockchain technology comes into its own. With this system we would no longer have to trust institutions to maintain transaction records and vouch for us, since blockchain-based programs comprise an intricate set of features that result in something that’s never existed before: a transaction record that is visible to all and can be verified at any moment, but that is not controlled by any one central authority.

This means two things: nobody can alter the data to suit their own ends, and everybody has greater control over their own data. You can see how this could be an empowering idea for millions of Syrians living a scorched-earth existence. Just as the blockchain-distributed ledger is used to assure bitcoin users that others aren’t “double-spending” their currency holdings—in other words, to prevent what would otherwise be rampant digital counterfeiting— the Azraq blockchain pilot ensures that people aren’t double-spending their food entitlements. That’s a pretty important requirement in refugee camps, where supplies are limited and where organized crime outfits have been known to steal and hoard food for profit.

And it means that refugees like Najah will always be able to prove that their accounts are legitimate. That would end the periodic and disturbing disruption to provisions that many have experienced under the cash-voucher system. In that system, any inconsistency tends to flag a concern to administrators, who often feel compelled to cut off the person’s access to food until it is resolved. Under this new pilot, all that’s needed to institute a payment with a food merchant is a scan of a refugee’s iris. In effect, the eye becomes a kind of digital wallet, obviating the need for cash, vouchers, debit cards, or smartphones, which reduces the danger of theft.

(You may have some privacy concerns related to that iris scan—we’ll get to that below.) For the WFP, making these transfers digital results in millions of dollars in saved fees as they cut out middlemen such as money transmitters and the bankers that formerly processed the overall payments system. So whenever a refugee spends some level of his or her digital “cash” to buy flour, that transaction automatically registers on a transparent ledger that can’t be tampered with. That ever-present, ever-updating, extremely reliable record-keeping model means WFP administrators can have full visibility of the flow of transactions at any time, even though the WFP has no centralized record of its own.

The organization can support a camp-wide payment system without having to take on the centralized role of a bank or payment processor. By contrast, the UNHCR’s identity program, which is integrated into the WFP’s blockchain solution, is maintained as a centralized database. That has raised some concerns among critics. Such systems are susceptible to hacking because, by accumulating large amounts of data in one big “honeypot,” they offer what’s known as a single attack vector. In this case, such risks could in theory put this particularly vulnerable group of human beings at risk—it’s not hard to imagine the worst if a database of biometric identifiers ever fell into the hands of an ethnic cleansing–minded institution like ISIS.

People in the blockchain space, who are often fierce advocates of privacy, are among the most vocal about these concerns, and some are trying to figure out how to use the same technology to decentralize control over self-identifying information so that people aren’t vulnerable to break- ins of these big data honeypots. But until such “self-sovereign” solutions are available, the WFP and the UNHCR have made a determination that the risks are for now outweighed by the benefits of a seamless, cashless system. According to WFP spokesman Alex Sloan, the pilot has already shown success: it has saved money and created a much more efficient way of dealing with inconsistencies in refugees’ accounts.

It’s so successful, in fact, that the agency is looking to extend the service to a larger population of 100,000 refugees. In the not too distant future, Sloan says, 20 million food program beneficiaries who receive disbursements in cash could be eligible for the blockchain program. With the world facing the biggest refugee crisis in history, a result of greed, of the brutal pursuit of self- serving power, and of failed Western policies to contain it, we owe it to these people to bring some security back into their lives—to provide them with a platform of trust upon which to rebuild.

Perhaps blockchain technology offers the best chance of delivering that. * * * The World Food Program’s Azraq experiment is just one example of how international agencies are exploring blockchain solutions to the problems of the world’s neediest. In early 2017, a group of blockchain enthusiasts at the UN’s New York headquarters launched a Web site calling on other UN employees to work with them. The group rapidly grew to eighty-five UN staffers worldwide, and they are now working on multiple pilots addressing blockchain for development, in partnership with governments such as Norway’s. At the World Bank, a new blockchain lab was created with fresh funding in June 2017 to explore how the technology could tackle poverty alleviation through incorruptible property registries and secure digital identities.

The Inter-American Development, in concert with MIT Media Lab’s Digital Currency Initiative, is looking at how poor Latin American farmers might be able to obtain credit on the basis of reliable, blockchain- proven records from commodity warehouses. Non-profit international organizations such as the World Economic Forum and the Rockefeller Foundation are also diving into this area. What do these decades-old international organizations see in an arcane digital technology built by the crypto-libertarians and Cypherpunks who gave us Bitcoin? It’s the prospect that this decentralized computing system could resolve the issue of social capital deficits that we discussed in the context of the Azraq refugee camp.

By creating a common record of a community’s transactions and activities that no single person or intermediating institution has the power to change, the UN’s blockchain provides a foundation for people to trust that they can securely interact and exchange value with each other. It’s a new, more powerful solution to the age-old problem of human mistrust, which means it could help societies build social capital. That’s an especially appealing idea for many underdeveloped countries as it would enable their economies to function more like those of developed countries—low-income homeowners could get mortgages, for example; street vendors could get insurance.

It could give billions of people their first opening into the economic opportunities that the rest of us take for granted. But it’s not just in developing countries, or in the realm of non-profit charity and development work, that blockchain technology shows potential. Far from it. In the developed world, too, and within the boardrooms of plenty of Fortune 500 for-profit companies, there is a scramble to unleash what many believe could be a major force for economic growth. That’s because the blockchain is seen as capable of supplanting our outdated, centralized model of trust management, which goes to the heart of how societies and economies function.

Until now, we have relied on institutions such as banks, government registries, and countless other intermediaries to sit in the middle of our economic exchanges with each other. These “trusted third parties” maintain records on our behalf so that the rest of us have enough trust in the system to interact, exchange items of value, and, hopefully, build vibrant, functioning societies. The problem is that these fee-charging institutions, which act as gatekeepers, dictating who can and cannot engage in commercial interactions, add cost and friction to our economic activities. They also have a habit of failing us—we can think of the crisis of 2008 as a case of banks breaching their duty to maintain honest records—or of exploiting their toll-collecting power to price gouge and demand exorbitant rents.

What’s more, there are plenty of situations in which it’s simply not economically viable for these costly, inefficient institutions to resolve whatever particular trust deficit is preventing people from doing business with each other. So, if we bypass those intermediaries, we will not only save money but also open up previously impossible business models. The Internet put us on this disintermediating path some time ago, well before the blockchain came along. But it’s worth noting that at the heart of each new Internet application that cuts out some incumbent middleman there has typically been a technology that helps humans deal with their perennial mistrust issues.

Who would have thought a decade ago that people would feel comfortable riding in the car of some stranger they’d just discovered on their phones? Well, Uber and Lyft got us over that trust barrier by incorporating a reputation scoring system for both drivers and passengers, one that was only made possible because of the expansion of social networks and communication. Their model showed that if we can resolve our trust issues with technology and give people confidence to transact, those people are willing and able to go into direct exchanges with complete strangers. These ideas are setting us on a path to a peer-to-peer economy.

What blockchain technology says is, “Why stop at ” Why do we even need this particular company, which takes 25 percent from each ride and has a reputation for abusing its “God’s View” knowledge of passengers’ rides? How about a totally decentralized solution, such as the Tel Aviv– based, blockchain-powered ride-sharing application Commuterz? In that case no one owns the platform, which like Bitcoin is just based on an open- source software protocol that anyone can download. There’s no Commuterz, Inc. taking 25 percent. Instead, users own and trade a native digital currency system that incentivizes them to share rides to reduce traffic congestion and lower the cost of transportation for all.

The broad idea is that by deferring the management of trust to a decentralized network guided by a common protocol instead of relying upon a trusted intermediary, and by introducing new, digital forms of money, tokens, and assets, we can change the very nature of social organization. We can encourage new approaches to collaboration and cooperation that weren’t possible before, transforming a wide array of industries and organizational settings. Indeed, the breadth of blockchain’s potential is captured in the breadth of the ideas under consideration. Here is sampling of possible use cases, and it is by no means an exhaustive list: • Inviolable property registries, which people can use to prove that they own their houses, cars, or other assets; • Real-time, direct, bank-to-bank settlement of securities exchanges, which could unlock trillions of dollars in an interbank market that currently passes such transactions through dozens of specialized institutions in a process that takes two to seven days; • Self-sovereign identities, which don’t depend on a government or a company to assert a person’s ID; • Decentralized computing, which supplants the corporate business of cloud computing and Web hosting with the hard drives and processing power of ordinary users’ computers;

• Decentralized Internet of Things transactions, where devices can securely talk and transact with each other without the friction of an intermediary, making possible big advances in transportation and decentralized energy grids; • Blockchain-based supply chains, in which suppliers use a common data platform to share information about their business processes to greatly improve accountability, efficiency, and financing with the common purpose of producing a particular good; • Decentralized media and content, which would empower musicians and artists—and, in theory, anyone who posts information of value to the Net—to take charge of their digital content, knowing they can track and manage the use of this “digital

” Blockchain technology could help achieve what some commentators are calling the promise of “Internet 3.0,” a re-architecting of the Net to assert the core objective of decentralization that inspired many of the early online pioneers who built the Internet 1.0. It turned out that simply giving networks of computers a way to share data directly wasn’t enough to prevent large corporate entities from taking control of the information economy. Silicon Valley’s anti-establishment coders hadn’t reckoned with the challenge of trust and how society traditionally turns to centralized institutions to deal with that. That failure was clear in the subsequent Internet 2.0 phase, which unlocked the power of social networks but also allowed first-mover companies to turn network effects into entrenched monopoly power.

These included social media giants like Facebook and Twitter and e-marketplace success stories of the “sharing economy” such as Uber and Airbnb. Blockchain technologies, as well as other ideas contained in this Internet 3.0 phase, aim to do away with these intermediaries altogether, letting people forge their own bonds of trust to build social networks and business arrangements on their own terms. The promise lies not just in disrupting the behemoths of the Internet, however. Lots of large, twentieth-century, for-profit companies believe this technology can help them unlock value and pursue new money-making ventures, too.

Some see big opportunities, others a major threat. Either way, many incumbent businesses now feel compelled to at least experiment with and explore the development of this technology to see where it goes. In finance, the very industry that Bitcoin was designed to make redundant, bankers are waking up to the possibility that blockchain-related technologies could replace the cumbersome processes by which securities and money are transferred, cleared, and settled between banks. Using a reliable, distributed ledger that a consortium of banks can update simultaneously in real time could reduce back-office costs and unshackle large amounts of new capital for investment.

That’s great news for investment banks such as Goldman Sachs, but not so great for custodial banks like State Street or clearinghouses like the Depository Trust & Clearing Corporation, whose business model is based on handling those back-office functions. Still, the institutions on both sides of that disruption story all feel compelled to engage in research and development in this field. R3 CEV, a New York–based technology developer, for one, raised $107 million from more than a hundred of the world’s biggest financial institutions and tech companies to develop a proprietary distributed ledger technology. Inspired by blockchains but eschewing that label, R3’s Corda platform is built to comply with banks’ business and regulatory models while streamlining trillions of dollars in daily interbank securities transfers.

The non-finance corporate world is also getting engaged. Hyperledger is a distributed ledger/blockchain-design consortium looking to develop standardized, open-source versions of the technology for businesses to use in areas such as supply-chain management. Coordinated by the Linux Foundation, it brings together the likes of IBM, Cisco, Intel, and Digital Asset Holdings, a digital ledger startup led by former P. Morgan powerhouse Blythe Masters. One mark of the business world’s enthusiasm is seen in the trajectory of media company CoinDesk’s Consensus conference, the marquee annual event for businesses interested in blockchain technology. It went from a turnout of 600 at the inaugural conference in 2015 to 1,500 attendees in 2016 to 2,800 in 2017 with a further 10,500 registered viewers of an online livecast.

The attendees in 2017 came from ninety-six countries, and a cross- section of more than ninety sponsors and exhibitors was broad enough to include consulting firm Deloitte, the research arm of Toyota, the Australian government’s trade office, and Cryptonomos, a startup marketplace for digital tokens. But lest you think this technology has been entirely consumed by corporate suits and international development staffers, the months during which we worked on this book also coincided with a get-rich-quick mania that dwarfed even the 2013 surge in Bitcoin’s price. This gold rush, spawned by a new blockchain-based crowdfunding tool for startups that’s known as the ICO—initial coin offering—had all the hallmarks of the dot- com bubble of the late 1990s.

Much like two decades earlier, the boom was characterized by both a risky, speculative furor and a sense that underneath the money madness lay a transformative new technology and new business paradigm. The startups behind this ICO trend are touting a host of new decentralized applications that could disrupt everything from online advertising to medical research. Integral to those services are special tokens that are pre-sold to the public as a way to both raise money and build a network of users—kind of like Kickstarter, but in which contributors have the potential to make quick money in secondary trading markets.

At the time of writing, the highest amount raised by one of these pre-sale ICOs was $257 million by Protocol Labs, which sold a token called Filecoin that’s designed to incentivize people to provide hard-drive space for a new decentralized Web. While it’s quite possible that many ICOs will fall afoul of securities regulations and that a bursting of this bubble will burn innocent investors, there’s something refreshingly democratic about this boom. Hordes of retail investors are entering into early stage investment rounds typically reserved for venture capitalists and other professionals. Not to be outdone, Bitcoin, the granddaddy of the cryptocurrency world, has continued to reveal strengths—and this has been reflected in its price.

Despite a bitter fight between developers and the “miners” that validate transactions on the Bitcoin network, a feud that led the currency to split into two separate coins with different software codes, bitcoin’s price surged to a record high of $11,323 in late November 2017, taking its market capitalization to almost $190 billion according to CoinDesk’s Bitcoin Price Index. That marks a price gain of more than 4,800 percent since The Age of Cryptocurrency was published in January 2015 and a return of almost 19 million percent since bitcoin was first tradable on a semi-liquid exchange in July 2010.

If you’d invested $6,000 in bitcoin, you’d be a millionaire right now. Such results give credence to crypto-asset analysts Chris Burniske and Jack Tatar’s description of bitcoin as “the most exciting alternative investment of the 21st ” * * * In essence, the blockchain is a digital ledger that’s shared across a decentralized network of independent computers, which update and maintain it in a way that allows anyone to prove the record is complete and uncorrupted. The blockchain achieves this with a special algorithm embedded into a common piece of software run by all the computers in the network.

The algorithm consistently steers the computers toward a shared consensus on what new data to add to the ledger, incorporating all manner of economic exchanges, claims of ownership, and other forms of valuable information. Each computer updates its own version of the ledger independently but does so by following the all-important consensus algorithm. Once new ledger entries are introduced, special cryptographic protections make it virtually impossible to go back and change them. The computers’ owners are either paid in a digital currency, which incentivizes them to work on protecting the system’s integrity, or they do their work as part of a commitment to a consortium agreement.

The result is something unique: a group of otherwise independent actors, each acting in pure self- interest, coming together to produce something for the good of all—an immutable record that everyone can trust and that’s not managed by a single, centralized intermediary. A bunch of computers managing data with fancy math tools might not seem like a big deal. But as we’ll explain in the next chapter, record- keeping systems, and specifically ledgers, are at the heart of how societies function. Without them we wouldn’t generate sufficient trust to enter into exchanges, to do business, to build organizations and form alliances.

So, the prospects of improving that core function and of not having to rely on a centralized entity to perform it have profound implications. This model should enable true peer-to-peer commerce, eliminating middlemen from all sorts of business operations. And because it has the capacity to inspire trust in our data records so that individuals and businesses can engage in the economy without fear of being duped, it could herald a new age of open data and transparency. Essentially, it should let people share more. And with the positive, multiplier effects that this kind of open sharing has on networks of economic activity, more engagement should in turn create more business opportunities.

Blockchains point the entire digital economy toward something people are calling the Internet of Value. Whereas the first version of the Internet allowed people to send information directly to each other, in the Internet of Value people can send anything of value to each other, be it currencies, assets, or valuable data that was previously too sensitive to transmit online. If the first phases of the Internet created huge opportunities for wealth creation and new business models by helping people jump the fences and get on the playing field, this next one promises to remove the fences altogether.

In theory, it means that everyone with access to a device and the Internet can participate directly in the global economy. Thus, the hope is that we will greatly expand the pool of open-source innovation from which all sorts of powerful ideas will emerge. Think of how disintermediation has already transformed the global economy in the earlier Internet era and you get a sense of how sweeping this next phase could be. Consider, for example, how the outsourcing of technical advice, Web design, and even accounting services disrupted jobs in Western countries and fostered economic growth in places like Bangalore, India.

Or think of how Craigslist, which allowed people to post ads for anything at zero cost on a site that had global reach, completely decimated the classified ads business and, ultimately, shuttered hundreds of local newspapers. If blockchain technology lives up to its promise to decentralize and disintermediate so much of our economy, these prior disruptions may seem minuscule by comparison. As we’ll discuss in the pages ahead, there’s still much work to do to get this technology ready for prime time. In fact, it may never be scalable to the size needed to make a difference.

Nonetheless, people across every industry are coming to recognize its potential power. They’re starting to realize that resolving trust barriers could allow all of us to do more with what we have: to deploy our assets, our ideas, our creativity into whatever productive endeavor takes our fancy. If I can trust another person’s claims—about their educational credentials, for example, or their assets, or their professional reputation—because they’ve been objectively verified by a decentralized system, then I can go into direct business with them. I can give them a job. I can collaborate on a joint venture.

I can share sensitive business information with them. All without having to rely on middlemen like lawyers, escrow agents, and others who add costs and inefficiencies to our exchanges. These kinds of agreements are the stuff of economic growth. They fuel innovation and prosperity. Any technology that reduces friction and makes such collaborations happen should benefit everybody, in other words. Still, there’s nothing to say this will assuredly play out in a way that’s best for the world. We’ve seen how the Internet was co-opted by corporations and how that centralization has caused problems—from creating big siloes of personal data for shady hackers to steal to incentivizing disinformation campaigns that distort our democracy.

So, it’s crucial that we not let the people with the greatest capacity to influence this technology shape it to suit only their narrow interests. As with the early days of the Internet, there is much work to be done to make this technology sufficiently safe, scalable, and attendant to everyone’s privacy concerns. Blockchains are a social technology, a new blueprint for how to govern communities, whether we’re talking about frightened refugees in a desolate Jordanian outpost or an interbank market in which the world’s biggest financial institutions exchange trillions of dollars daily. By definition, getting blockchain technology right requires input from all sectors of society.

You can treat that as a clarion call to take an interest, to get involved. One THE GOD PROTOCOL It might surprise you to read this, but the most subversive, controversial, anti-authoritarian idea in the world of finance, an idea so powerful every government on the planet is trying to figure out whether to co-opt it or outlaw it, the dream of the most fervent libertarian, dark-Web denizens, is a ledger. Like, an accounting book. The genesis of that subversive idea was, of course, Bitcoin, which, when boiled down to its most basic concept, is founded on the upkeep of a digitized ledger, a record of exchanges and transactions.

What makes this ledger so radical, so controversial, is the way in which this record of transactions, known as a blockchain, is created and maintained. Bitcoin, released in 2009 by a person or persons using the pseudonym Satoshi Nakamoto, was designed to be an end-around to the banks and governments that have for centuries been the guardians of our financial systems. Its blockchain promised a new way around processes that had become at best controlled by middlemen who insisted on taking their cut of every transaction, and at worst the cause of some man-made economic disasters.

You probably bought this book expecting to read crazy, wild ideas about our digitized future … and here we are, giving you ledgers. But ledgers have been integral in underpinning the development of civilization for millennia. The trinity of writing, money, and ledgers made it possible for human beings to do business beyond kinship groups and thus form larger settlements. And while the contributions of money and writing are well appreciated, ledgers tend to be known only by those who studied the dry science of accounting. The advent of the first ledger technology can be traced back to roughly 3000 BCE, in ancient Mesopotamia (modern-day Iraq).

Of the tens of thousands of clay tablets the Mesopotamians left behind, most are, well, ledgers: records of taxes, payments, private wealth, worker pay. The famous Code of Hammurabi—the Babylonians’ system of law—was written on one of these ledgers, but most of the kings had their own rules set out as well. The rise of these ledgers matched the rise of the first large-scale civilizations. Why have ledgers been so important throughout history? Exchanges of goods and services have defined the expansion of societies, but this was possible only if people could keep track of the exchanges.

It wasn’t so difficult for everyone in a small village to remember that someone had killed a pig and to trust—a word we’ll encounter throughout this book— that all who ate of it would find some way to later repay the hunter, perhaps with a new arrowhead or some other thing of value. It was another to manage these cross-societal obligations across a larger group of strangers— especially when moving outside of kinship boundaries made it harder to trust each other. Ledgers are record-keeping devices that help deal with those problems of complexity and trust.

They help us keep track of all the multiple exchanges upon which society is built. Without them, the giant, teeming cities of twenty-first-century society would not exist. That said, ledgers are not truth itself—not in an absolute sense—for when it comes to matters of value, an element of judgment and estimation is always present in the recording process. Rather, they are tools for getting closer to the truth, to an approximation of it that’s acceptable to all. Problems arise when communities view them with absolute faith, especially when the ledger is under control of self-interested actors who can manipulate them.

This is what happened in 2008 when insufficient scrutiny of Lehman Brothers’ and others’ actions left society exposed and contributed to the financial crisis. Money itself is intrinsically linked to the idea of a ledger. Physical currency like gold coins and paper money are, similarly, record-keeping devices; they too aid with societal memory. It’s just that rather than existing within a written account of transactions, a currency’s record-keeping function is abstracted into the token—the gold coin, the dollar bill. That token is communally recognized as conveying some right to goods or services that the bearer has earned from tasks performed in the past.

Once human beings started to engage in exchanges of money across distances, tokens’ capacity to play this record-keeping function broke down. There was no way for the payer to physically deliver the tokens to the payee without having to trust a courier who might well steal it. The solution came with the advent of a new form of ledger-keeping known as double-entry bookkeeping, an approach that was pioneered, as we’ll discuss lower down, by a clique of Renaissance bankers. In adopting this bookkeeping, they thrust banking into the payments business and, for centuries, helped to greatly expand the capacity for human exchange.

It’s not an overstatement to say that this idea of banking built the modern world. But it also amplified a problem that had always dogged ledgers: can society trust the record- keeper? Bitcoin tackled this problem by reimagining the ledger itself. It confronted the problem that bankers themselves are not necessarily to be trusted and might rip you off with hidden fees and opaque charges. Bitcoin did this by, for the first time, entrusting responsibility for confirming and maintaining the ledger of transactions to a community of users who checked each other’s work and agreed on a common record to represent their shared approximation of the truth.

A decentralized network of computers, one that no single entity controlled, would thus supplant the banks and other centralized ledger-keepers that Nakamoto identified as “trusted third ” The ledger they collectively produced would become known as the blockchain. With Bitcoin’s network of independent computers verifying everything collectively, transactions could now be instituted peer to peer, that is, from person to person. That’s a big change from our convoluted credit and debit card payments system, for example, which routes transactions through a long sequence of intermediaries—at least two banks, one or two payment processors, a card network manager (such as Visa or Mastercard), and a variety of other institutions, depending on where the transaction takes place.

Each entity in that system maintains its own separate ledger, which it later must reconcile with every other entity’s independent records, a process that takes time, incurs costs, and carries risks. Whereas you might think that money is being instantly transferred when you swipe your card at a clothing store, in reality the whole process takes several days for the funds to make all those hops and finally settle in the storeowner’s account, a delay that creates risks and costs. With Bitcoin, the idea is that your transaction should take only ten to sixty minutes to fully clear (notwithstanding some current capacity bottlenecks that Bitcoin developers are working to resolve).

You don’t have to rely on all those separate, trusted third parties to process it on your behalf. The key architectural feature of Bitcoin and other cryptocurrency systems that lets these peer-to-peer transactions happen is the distributed nature of the blockchain ledger. That decentralized structure is made possible because of a unique software program that uses strong cryptography and a groundbreaking incentive system to guide the ledger- keepers’ computers to reach consensus. It does so in a way that makes it virtually impossible for anyone to change the historical record once it has been accepted.

The result is something remarkable: a record-keeping method that brings us to a commonly accepted version of the truth that’s more reliable than any truth we’ve ever seen. We’re calling the blockchain a Truth Machine, and its applications go far beyond just money. To see how the blockchain’s “God’s-eye” view could be valuable, let’s turn the lens away from Bitcoin for now and onto the traditional banking system. It’s there that we can see the problems blockchains are supposed to solve. The Trust Bubble On January 29, 2008, the Wall Street firm Lehman Brothers reported its financial statement for the fiscal year of 2007.

It had been a good year for Lehman, despite some rumblings in the stock market and a downturn in the housing market, which had been red-hot for years and a major source of revenue for investment and commercial banks. The firm, founded 167 years earlier in Alabama and one of the bedrock institutions of Wall Street, posted record revenue for 2007, $59 billion, and record earnings, $4.2 billion. The amount was more than twice what the company had brought in and earned just four years earlier. Lehman’s “books” had never looked better. Nine months later, Lehman Brothers was out of business.

Lehman Brothers is often Exhibit A in the breakdown of trust in the twenty-first century. A lion of Wall Street, the firm was revealed to be little more than a debt-ravaged shell kept alive only by shady accounting—in other words, the bank was manipulating its ledgers. Sometimes, that manipulation involved moving debt off the books come reporting season. Other times, it involved assigning arbitrarily high values to “hard-to-value” assets—when the great selloff came, the shocking reality hit home: the assets had no value. The crash of 2008 revealed most of what we know about Wall Street’s confidence game at that time.

It entailed a vast manipulation of ledgers. The recorded value of the assets those ledgers were supposed to track— including those havoc-causing credit default swaps—turned out to be largely vapor. The shock of Lehman wasn’t so much that it happened, but that even most experts trusted the ledgers so completely until it was too late. Governments and central banks around the world spent trillions to clean up the mess, but all they really did was restore the old order, because they misdiagnosed the problem. The accepted wisdom was that this was a crisis of liquidity, in which the market broke down due to a lack of short-term funding.

If you’ve ever been short a couple of hundred to cover your monthly bills, you understand what this looks like. The reality is, banks were sitting on trillions of purportedly valuable assets they could not even remotely value in the real world. They’d simply assigned poorly substantiated values and put them on their books. We all believed them because we trusted them. We trusted what the ledgers told us. The real problem was never really about liquidity, or a breakdown of the market. It was a failure of trust. When that trust was broken, the impact on society— including on our divided political culture—was devastating.

The authorities swore in the wake of the crisis that they had a handle on the problem—they passed legislation to bring the banking sector to heel and rein in Wall Street’s worst speculative habits. But to many in the public, it seemed they’d done little more than save the banks and corporations. Anger festered and turned into the Tea Party and Occupy Wall Street. Through all of the years since, the general public’s trust has never been restored. Look no further than the election of a reality-show TV star to the S. presidency. It may have felt good to cast that protest vote for Donald Trump and stick it to the elites, but it seems pretty clear—to us at least—that all Trump was

offering was the same old warmed-over economic ideas with a dash of hot sauce. We are no better off now than we were in 2008. By various measures, the S. economy has recovered—at the time of writing, unemployment was near record lows and the Dow Jones Industrial Average was at record highs. But those gains are not evenly distributed; wage growth at the top is six times what it is for those in the middle, and even more compared to those at the bottom. That’s a dynamic that’s been building for decades, but it was made worse by the financial crisis, as well as the policies imposed since then to prop up the financial markets in which the rich hold their assets.

It’s one reason people both within and outside the United States believe they’ve been shortchanged by the institutions that had throughout the twentieth century delivered progress and prosperity. This is clear in Pew Research’s ongoing longitudinal study of trust in government in the United States, which puts trust near historic lows (about 20 percent in May 2017). A separate survey by Gallop showed that only 12 percent of S. citizens trusted Congress in 2017, down from 40 percent in 1979; that about 27 percent trusted what they heard from newspapers, compared with 51 percent thirty-eight years earlier; and that 21 percent trusted big business, down from 32 percent.

At the time of writing, even traditional Republicans are wondering (1) how on earth Donald Trump was ever elected president, and (2) why so many people seem to fall prey to blatant disinformation and conspiracy theories. Trump’s manifestly a liar, someone who lies even when evidence disproving the lie is readily available. But here’s the bigger problem: in a world where trust has eroded sharply, where our government doesn’t work, and where companies that once guaranteed jobs for life are now either outsourcing them or hiring robots, Trump’s lies can seem minor in comparison to the more systemic breach of trust voters are feeling.

Once- trusted news organizations are now thrust into competition with dubious online purveyors of disinformation, with both being accused of peddling “fake ” The public’s store of trust in institutions is being depleted, and without resolving that breakdown, our democracy will continue to deteriorate at the hands of politicians and media that tell them what they want to hear. Trust—particularly trust in our institutions—is a vital social resource, the true lubricant of all human interaction. When it works, we take it for granted—we wait our place in line, follow road rules, and assume everyone else will do the same.

The trust behind these interactions is not present in our conscious minds. But when trust is lacking, things really, really break down. Today, it’s seen most starkly in places like Venezuela, where people have lost faith in the stewardship of their government and its money, leading to hyperinflation, goods shortages, starvation, violence, rioting, and massive social upheaval. But it’s evident in more subtle ways across the Western world. As government officials and central bankers seek to boost investment and create jobs, printing more money or bestowing more favor on connected players as they go, citizens everywhere are calling foul on the whole enterprise.

It brought the United States Donald Trump and the United Kingdom Brexit. But it also created economic dysfunction. If people don’t trust our economic systems, they don’t take risks; they don’t spend. The loser is economic growth and development. This trust problem is intrinsically connected with ledgers and record- keeping. To comprehend that, we’ll explore the little-known story of a Franciscan friar with a love of math who developed a system that fueled Europe’s explosion out of the Dark Ages more directly than the Medici bankers who financed that growth. From there, we can draw a line all the way forward to Lehman Brothers and show how a better accounting system, such as blockchain, could be the answer to society’s deep funk.

Truth, Trust, and “the Books” How is it possible that a business could earn $4.2 billion one year and be out of business the next? The reason is not just because Lehman Brothers was manipulating its ledgers but because it was taking advantage of the trust invested in it by shareholders, regulators, and the public at large. On the accounting side, Lehman resorted to myriad tricks to bolster its books, those all-important financial documents that investors and other stakeholders depend upon to ascertain the risk of dealing with an institution. Lehman’s accountants would move billions of dollars’ worth of debts off the bank’s balance sheet at the end of a quarter and stash them in a temporary accounting facility called a repo transaction, a device that’s supposed to be used to raise short-term capital, not hide debt.

When it came time to report, the company didn’t appear to be overly indebted. Once the report was in, the company brought the debt back on the books. Really, it was as if the company was maintaining two sets of books—one it showed the public, one it kept private. Most people accepted what was reported in the public-facing books, Lehman’s version of “the ” Just how severely skewed Lehman’s books were would become clear in September 2008. But the problem really started with the public’s trust, in the blind faith given to the company’s numbers.

And that problem—quite literally one of faith— goes way, way back. Double-entry accounting was popularized in Europe toward the end of the fifteenth century, and most scholars believe it set the table for the flowering of the Renaissance and the emergence of modern capitalism. What is far less well understood is the why. Why was something as dull as bookkeeping so integral to a complete cultural revolution in Europe? Over nearly seven centuries, “the books” have become something that, in our collective minds, we equate with truth itself—even if only subconsciously. When we doubt a candidate’s claims of wealth, we want to go to his bank records—his personal balance sheet.

When a company wants to tap the public markets for capital, they have to open their books to prospective investors. To remain in the market, they need accountants to verify those books regularly. Well-maintained and clear accounting is sacrosanct. The ascendance of bookkeeping to a level equal to truth itself happened over many centuries, and began with the outright hostility European Christendom had to lending before double-entry booking came along. The ancients were pretty comfortable with debt. The Babylonians set the tone in the famous Code of Hammurabi, which offered rules for handling loans, debts, and repayments.

The Judeo-Christian tradition, though, had a real ax to grind against the business of lending. “Thou shalt not lend upon usury to thy brother,” Deuteronomy 23:19–20 declares. “In thee have they taken gifts to shed blood; thou hast taken usury and increase, and thou hast greedily gained of thy neighbors by extortion, and hast forgotten me, saith the Lord God,” Ezekiel 22:12 states. As Christianity flourished, this deep anti-usury culture continued for more than a thousand years, a stance that coincided with the Dark Ages, when Europe, having lost the glories of ancient Greece and Rome, also lost nearly all comprehension of math.

The only people who really needed the science of numbers were monks trying to figure out the correct dates for Easter. It was only during the twelfth century and the Crusades, when Europeans began trading with the East, that they encountered the mathematics that had developed in the Arab world and Asia. In the thirteenth century, an Italian merchant named Fibonacci made trips to Egypt, Syria, Greece, and Sicily, where he collected numerous mathematical papers. His Liber Abaci, a book filled with integers and fractions, square roots and algebra, showed how this new math had commercial applications, such as currency transfers and profit calculations.

Before Fibonacci, European merchants simply couldn’t calculate the things we take for granted today; he taught them how to measure proportions, how to divide, say, a bale of hay and charge accurate prices. He taught them how to divide profits in an enterprise. Fibonacci’s math gave them precision in business matters that people did not previously have. Fibonacci’s new numbering system became a hit with the merchant class and for centuries was the preeminent source for mathematical knowledge in Europe. But something equally important also happened around this time: Europeans learned of double-entry bookkeeping, picking it up from the Arabians, who’d been using it since the seventh century.

Merchants in Florence and other Italian cities began applying these new accounting measures to their daily businesses. Where Fibonacci gave them new measurement methods for business, double-entry accounting gave them a way to record it all. Then came a seminal moment: in 1494, two years after Christopher Columbus first set foot in the Americas, a Franciscan friar named Luca Pacioli wrote the first comprehensive manual for using this accounting system. Pacioli’s Summa de arthmetica, geometria, proportioni et proportionalita, written in Italian rather than Latin so as to be more accessible to the public, would become the first popular work on math and accounting.

Its section on accounting was so well received that the publisher eventually published it as its own volume. Pacioli offered access to the precision of mathematics. “Without double entry, businessmen would not sleep easily at night,” Pacioli wrote, mixing in the practical with the technical—Pacioli’s Summa would become a kind of self-help book for the merchant class. That a member of the clergy took an interest in double-entry bookkeeping was important, because Pacioli’s method helped the merchants overcome the church’s disdain for usury. The merchants had to prove to the church that their businesses were not, in fact, sinful, that they provided a benefit to mankind.

During the Middle Ages, writes author James Aho, “the very thought that a person might be profit-hungry and yet Christian was an ” Double-entry accounting, completely unintentionally, provided a way around this. How? The answer lies in the Book of Revelations, Christianity’s tale of a final reckoning, where it is said: And I saw the dead, small and great, stand before God; and the books were opened; and another book was opened, which is the book of life; and the dead were judged out of those things which were written in the books, according to their works.

Interpretation: The dead stand before God and open their book. Then God opens his book. The second book. You might call this, oh, double bookkeeping. “Whosoever was not found written in the book of life was cast into the lake of ” Through a simple method of accounting, the merchant class was able to perform a trick that had eluded them for a millennium: making it acceptable to engage in the business of making loans. Double-entry bookkeeping, Aho writes, “was itself complicit in the invention of a new ‘field of visibility’: the Christian ” This deliberate connection between biblical records and accounting records is evident in Pacioli’s writings.

His very first instruction in describing his double-entry method directed: “Businessmen should begin their business records with the date AD, marking every transaction so that they always remember to be ethical and, at work, always act mindful of His Holy ” Once usury was liberated from the Christian distrust of commerce, people began to take it up. The Medici of Florence came first, turning themselves into vital middlemen in the matching of money flows around Europe. The Medici’s breakthrough was made possible because of their consistent use of double-entry ledgers. If a merchant in Rome wanted to sell something to a customer in Venice, these new ledgers solved the problem of trust between people who lived at great distances from each other.

By debiting the payer’s bank account and crediting that of the payee—with double-entry practices—the bankers were able to, in effect, move money without having to ship physical coins. In so doing, they transformed the whole enterprise of payments, setting the stage for the Renaissance and for modern capitalism itself. Just as important, they also established the 500- year practice of bankers creating an essential role for themselves as society’s centralized trust bearers. The value of double-entry bookkeeping, therefore, wasn’t merely in dry efficiency. The ledger came to be viewed as a kind of moral compass, whose use conferred moral rectitude on all involved with it.

The merchant was pious, the banker had sanctity—three popes in the sixteenth and seventeenth centuries came from the Medici family—and the trader discharged his business with veneration. Businessmen, previously mistrusted, became moral, upstanding pillars of the community. Aho writes: “Methodist Church founder John Wesley, Daniel DeFoe, Samuel Pepys, Baptist evangelicals, the deist Benjamin Franklin, the Shakers, Harmony Society, and more recently, the Iona Community in Britain, all insist that the keeping of meticulous financial accounts is part and parcel of a more general program of honesty, orderliness, and ” Thanks to mathematical concepts imported from the Middle East during the Crusades, accounting became the moral grounding for the rise of modern capitalism, and the bean counters of capitalism became the priests of a new religion.

Most (though certainly not all) people today have a hard time seeing the Bible as literal truth; but they had no trouble seeing Lehman Brothers’ books as literal truth—until the gaping inconsistencies were exposed. The great irony of 2008 was that our belief in a system of accounting, a belief woven so deeply inside our collective psyche that we’re not even aware of it, made us vulnerable to fraud. Even when done honestly, accounting is sometimes little more than an educated guess. Modern accounting, especially at the big, international banks, has become so convoluted that it is virtually useless.

In a comprehensive dissection in 2014, the Bloomberg columnist Matt Levine explained how a bank’s balance sheet is almost impossibly opaque. The “value” of a large portion of the assets on that balance sheet, he noted, is simply based on guesses made by the bank about the collectability of the loans they make, or of the bonds they hold, and the prices that they might fetch on the market, all measured against the offsetting and equally fuzzy valuation of their liabilities and obligations. If a guess is off by even 1 percent, it can turn a quarterly profit into a loss.

Guessing whether a bank is actually profitable is like a pop quiz. “I submit to you that there is no answer to the quiz,” he wrote. “It is not possible for a human to know whether Bank of America made money or lost money last ” A bank’s balance sheet, he said, is essentially a series of “reasonable guesses about ” Make the wrong guesses, as Lehman and other troubled banks did, and you end up out of business. Our goal here is not to trash double-entry bookkeeping or the banks. Were we to, you know, add up all the debits and credits, double-entry bookkeeping has done more good than harm.

The goal really is to show the deep historical and cultural roots behind why we trusted this kind of accounting. The question now, in the wake of our fall, is whether a particular technology that allows a different kind of bookkeeping will help us renew our trust in our economic system. Can a blockchain, which is continuously open to public inspection and guaranteed not by a single bank but by a series of mathematically secured entries into a ledger that’s shared and maintained by many different computers, help us rebuild our lost social capital? The God Protocol On October 31, 2008, while the world was drowning in the financial crisis, a little-noticed “white paper” was released by somebody using the pen name “Satoshi Nakamoto,” and describing something called “Bitcoin,” an electronic version of cash that didn’t need state backing.

At the heart of Nakamoto’s electronic cash was a public ledger that could be viewed by anybody but was virtually impossible to alter. This ledger was essentially a digitized, objective rendering of the truth, and in the years to follow it would come to be called the blockchain. Nakamoto combined several elements to come up with his Bitcoin. But like Fibonacci and Pacioli centuries before, he wasn’t the only one working on the idea of leveraging the technology of the day to create better systems. In 2005, a computer expert named Ian Grigg, working at a company called

Systemics, introduced a trial system he called “triple-entry ” Grigg worked in the field of cryptography, a science that dates way back to ancient times, when coded language to share “ciphers,” or secrets, first arose. Ever since Alan Turing’s calculating machine cracked the German military’s Enigma code, cryptography has underpinned much of what we’ve done in the computing age. Without it we wouldn’t be able to share private information across the Internet—such as our transactions within a bank’s Web site—without revealing it to unwanted prying eyes. As our computing capacity has exponentially grown, so too has the capacity of cryptography to impact our lives.

For his part, Grigg believed it would lead to a programmable record-keeping system that would make fraud virtually impossible. In a nutshell, the concept took the existing, double-entry bookkeeping system and added a third book: the independent, open ledger that’s secured by cryptographic methods so that no one can change it. Grigg saw it as a way to combat fraud. The way Grigg described it, users would maintain their own, double- entry accounts, but added to these digitized books would be another function, essentially a time stamp, a cryptographically secured, signed receipt of every transaction.

(The concept of a “signature” in cryptography means something far more scientific than a handwritten scrawl; it entails combining two associated numbers, or “keys”—one publicly known, the other private—to mathematically prove that the entity making the signature is uniquely authorized to do so.) Grigg envisioned his triple-entry accounting as a software program that would run within, say, a large company or organization. But the third ledger, containing the sequence of all those signed receipts, could be verified publicly, and in real time. Any deviation from its time-stamped records would be an indication of a fraud.

Picture a fraud like Bernie Madoff’s, in which Madoff was simply making up transactions and recording them in completely fictitious books, and you can see the value in a system that can verify accounts in real time. Before Grigg, in the 1990s, another visionary had also seen the potential power of a digital ledger. Nick Szabo was an early Cypherpunk* and developed some of the concepts that underlie Bitcoin, which is one reason why some suspect he is Satoshi Nakamoto. His protocol has at its heart a spreadsheet that runs on a “virtual machine”—such as a network of interlinked computers—accessible to multiple parties.

Szabo envisioned an intricate system of both private and public data that would protect private identities but provide enough public information about transactions to build up a verifiable transaction history. Szabo’s system—he called it the “God Protocol”—is now more than two decades old. Yet it is remarkably similar to the blockchain platforms and protocols that we’ll learn about in the chapters to come. Szabo, Grigg, and others pioneered an approach with the potential to create a record of history that cannot be changed—a record that someone like Madoff, or Lehman’s bankers, could not have meddled with.

Their approach might just help restore trust in the systems we use to transact with each other. Big Math, Openness, and a New Tool for Agreeing on Facts If communities are to engage in exchange and forge functioning societies, they must find a way to arrive at a commonly accepted foundation of truth. And in the digital age of the twenty-first century, when many communities are formed online, where they transcend borders and legal jurisdictions, the old institutions we’ve used to establish those norms of truth won’t function nearly as well. Advocates of blockchain solutions say this truth-discovery process is best left to a distributed approach, one over which no single entity has control.

That way the approach is not vulnerable to corruption, attack, error, or disaster. Also, the results should be collated using the hard-to-crack math of cryptography, which prevents them from ever being overwritten in the future. Here’s how cryptography can achieve what it does: it uses data- protecting codes drawn from a set of possible numbers so large that it’s far, far beyond human imagination. The sheer quantity of possibilities makes it impossibly time-consuming to discover the hidden code through “brute force” guesswork—in other words, by testing and discarding each possible number. Consider that Bitcoin is now the most powerful computing network in the world, one whose combined “hashing” rate as of August 2017 enabled all its computers to collectively pore through 7 million trillion different number guesses per second.

Well, it would still take that network around 4,500 trillion trillion trillion years to work through all the possible numbers that could be generated by the SHA-256 hashing algorithm that protects Bitcoin’s data. Let the record show that period of time is 36,264 trillion trillion times longer than the current best-estimate age of the universe. Bitcoin’s cryptography is pretty * Yet this system of honest accounting still needs something more than cryptography to work. It needs to open up its sequenced record of traceable, interlinked transactions to public scrutiny. This means that (1) the ledger should be public, and (2) the algorithm that runs it should adhere to open- source principles, with its source code on view for all to see and test.

At the same time, however, the system must allow sufficient privacy capabilities and protections for individuals and their data, as people won’t use it if their personal identities and proprietary business secrets are open for the world to see. Bitcoin deals with this by displaying only the one-off alphanumeric “addresses” that are randomly assigned to users when they receive bitcoin and which tell you nothing about the identity of the people who control them. But it’s not an entirely anonymous system—it’s better described as ” In Bitcoin it’s possible, by following transaction flows from one address to another, to trace the fund exchanges to an address where users can be identified—such as when they cash out into dollars at a regulated bitcoin exchange that keeps records of its customers’ names, addresses, and other details.

For certain cryptographers who take privacy very seriously, that’s not good enough. So a few are developing alternative cryptocurrencies—examples include Zcash, Monero, and Dash—that add even more privacy protection than Bitcoin. These other cryptocurrencies keep enough information on the ledger so that validating computers can be assured that the accounts have not been corrupted or manipulated, but do a more complete job of obscuring identities. Whether the solution requires these extreme privacy measures or not, the broad model of a new ledger system that we laid out above—distributed, cryptographically secure, public yet private—may be just what’s needed to restore people’s confidence in society’s record-keeping systems.

And to encourage people to re-engage in economic exchange and risk-taking. For society to function, we need a “consensus on facts,” says Tomicah Tillemen, a director at the New America Foundation in Washington and chairman of the Global Blockchain Business Council. “We need to establish a common reality that everyone can bind to. And the way we’ve done that in developed countries is we have institutions that are in charge of establishing those basic facts. Those institutions are under fire right … Blockchain has the potential to push back against that erosion and it has the potential to create a new dynamic in which everyone can come to agree on a core set of facts but also ensure the privacy of facts that should not be in the public

” Bitcoin showed how this idea works in one especially important context: money. By giving currency users a means of agreeing on the “facts” of their transactions, it allowed complete strangers to use an independent currency to pay each other securely over the Internet and still have a high level of confidence that counterfeiting was impossible, even in the absence of a centralized ledger-keeper like the Federal Reserve. The more powerful revelation, however, was that a group of people could reach a consensus on facts without a central entity arbitrating the process. If we think about this as the Israeli historian Yuval Noah Harari would, in terms of how the power of human social organization comes from our ability to craft meaningful stories that we all believe in—notions of religion, nationality, common currency—we can see how important this is.

The history of human civilization is not founded on absolute truths per se— after all, even scientific understandings are subject to revision—but on an even more powerful notion of the truth: a consensus, a common understanding on what we take to be the truth, a society-wide agreement that allows us to overcome suspicions, forge trust, and enter into cooperative endeavors. The best way to think about blockchain technology, then, is not as a replacement of trust—as a “trustless” solution, as some cryptocurrency fanatics damagingly describe it—but as a tool upon which society can create the common stories it needs to sow even greater trust, to build social capital, and to forge a better world.

This empowering idea helps explain the growing enthusiasm— sometimes excessive or misplaced—for blockchains as a solution to, well, just about anything. As people across a diverse range of fields start exploring its potential to disintermediate their industries and create new ways to unlock value, they are seeing in blockchain technology the potential for more than just a cash machine. If it can foster consensus in the way it has been shown to with Bitcoin, it’s best understood as a Truth Machine. Two “GOVERNING” THE DIGITAL ECONOMY One evening in September 2011, an entrepreneur named Peter Sims received a text message from a friend, Julia Allison, wondering if he happened to be in an Uber SUV near 33rd Street and Fifth Avenue in New York.

It happened that this was exactly where he was, and Sims assumed the friend must have seen him from another car. In fact, Allison wasn’t even in the same state. She was at a party in Chicago, celebrating the launch of Uber in the Windy City. She’d watched as the Uber team performed one of its favorite party tricks: showing people what it called its “God’s view,” a live map revealing the locations of its cars and their passengers, by name. Uber was not only tracking its cars’ movements, it was tracking people’s movements. When Allison explained how she knew so much about his whereabouts, Sims flipped out and wrote a biting blog post about the experience.

Uber has become notorious for sexual harassment among its staff and has taken drastic action to try to resolve the problem, which was a significant factor in the forced resignation of its co-founder, CEO Travis Kalanick. But this privacy issue is just as important. Not only does the company control sensitive information about the journeys people take, but senior company officials, at least in the early days of the company, showed a willingness to abuse that power. In November 2014, Uber launched an investigation into the actions of its New York general manager, Josh Mohrer, after BuzzFeed journalist Johana Bhuiyan reported that he had used the God’s view feature to monitor her movements.

The outcry over this and other privacy concerns led to a settlement with New York Attorney General Eric Schneiderman in which Uber agreed to encrypt riders’ names and geolocation data. It’s certainly not hard to see that Uber and its main competitor, Lyft, have quickly enmeshed themselves in our daily lives. When the name of your company becomes a verb—Xerox, Google, Uber—you know you’ve arrived. But for all the branding associated with democratizing transportation, and with allowing drivers and passengers to come together and “ride-share,” Uber is really a centralization play. It’s not about disintermediation at all.

This for-profit company is the gatekeeper for every deal that gets struck between every driver and every passenger, and for that it takes 25 percent each time. And it is far from the only for-profit company that makes money the new-fashioned way: by controlling data. How Uber, and also Facebook, Google, and all the other twenty-first-century tech titans, treat that data has become a critical issue. The Internet, in case you weren’t aware, is owned. There are a handful of dominant companies that essentially control everything: Google, Amazon, Facebook, Apple (GAFA, some call them). We trust them to intermediate our e-mail and social media exchanges with each other, to manage our Internet searches, to store our data, etc.

To varying degrees they do what seems to be a good job, but there is a huge cost in terms of the power we hand to these organizations. We, the general public, their unpaid product developers, literally create value for these companies, creating content and handing over our valuable data. We get services in return, yes, but the imbalance in the relationship is highly problematic. That’s most evident in our system of democracy. As became widely known after America’s 2016 elections, Facebook and Google control what news you see. Consider how Facebook’s secret algorithm chooses the news to suit your ideological bent, creating echo chambers of like-minded angry or delighted readers who are ripe to consume and share dubious information that confirms their pre-existing political biases.

It’s why during the 2016 S. presidential campaign, a group of teens in Macedonia could produce fake news articles, which made claims like that the pope had endorsed Donald Trump, which generated more likes, shares, and advertising dollars than real news items produced by fully funded and researched news outlets. And it’s not just that, for example, Facebook and Google have become such large social hubs. It’s that these digital leviathans have unprecedented control over much of the most important socially influential data that flies across the Web. The “freemium” model, in which we view these companies’ services as “free content,” is a myth.

While we might not be paying S. dollars to Google, Facebook, and, we are handing over a much more valuable currency: our personal data. Control over that currency has turned these players, quite simply, into monopolies, the new incumbent powers of the digital age. Others have said this, of course. We revisit it to illustrate how this concentration of control over Internet information exposes the core problem of the centralized architecture of the Web and the unresolved trust issue that gives rise to it. A Hacker’s Dream In the wake of the 2016 legal battle between Apple and the FBI over the latter’s demand that the smartphone maker give the law enforcement agency access to customers’ encrypted data, consumers would seem to be between a rock and a hard place.

If we want to live in the digital economy, it seems, either we let private companies control the data with all the capacity for abuse that entails or we let governments control those private companies and expose ourselves to the kind of intrusions that Edward Snowden revealed at the NSA. But the choice need not be so stark. We hope to demonstrate that the solution may lie in a third way, one that involves reimagining the very structure of how online data is organized. The ideas behind Bitcoin and blockchain technology give us a new starting point from which to address this problem.

That’s because the question of who controls our data should stem first from a more fundamental question about who or what institutions we must trust in order to engage in commerce, obtain services, or participate in modern society. We see compelling arguments for a complete restructuring of the world’s data security paradigm. And it starts with thinking about how Internet users can start to directly trust each other, so as to avoid having to pour so much information into the centralized hubs that currently sit in the middle of their online relationships. Solving data security may first require a deliberate

move from what we call the centralized trust model to one of decentralized trust. In an age when technology is supposed to be lowering the cost of entry, the outdated centralized trust-management system has proven expensive and restrictive (think about the 2 billion people in the world who are unbanked). It has also failed—spectacularly. Even though the world spent an estimated $75 billion on cybersecurity in 2015, according to estimates by Gartner, total annual losses from online fraud theft were running at $400 billion that year, said Inga Beale, CEO of British insurance market Lloyd’s of London.

If you’re alarmed by that figure—and you ought to be—try this one on for size: $2.1 trillion. That’s the estimated fraud loss Juniper Research came up with after extrapolating from current trends into the even more digitally interconnected world projected for 2019. To put that figure in perspective, at current economic growth rates, it would represent more than 2.5 percent of total world GDP. To be clear, these numbers don’t only represent the total amount stolen by hackers; they also include the cost of legal actions, security upgrades, and so forth—the business losses that are generated by countless attacks every year.

Even so, the data suggest that black-hat hackers are among the most financially successful innovators of the Internet era. This colossal failure to protect global commerce is directly attributable to a mismatch between the centralized way in which we process and store information and the decentralizing tendencies of a global “sharing” economy that’s pushing for more peer-to-peer and device-to-device commerce. As more people connect over peer-to-peer social networks and use online services, and as more so-called Internet of Things (IoT) devices such as smart thermostats and refrigerators and even cars join the network, ever more access points are created.

Hackers use these points to find their way into the Internet’s ever-growing centralized data-stores and steal or otherwise mess with their contents. The risks contained in these contradictory trends were brought home with the October 2016 attack on Dyn, a registered DNS (domain name system) provider. The attack started when a hacker figured out that users of mini computing systems such as game consoles and laptops weren’t routinely downloading security patches as they did with home computers. Once compromised, those devices could then be used as launchpads to direct attacks on other parts of the Internet.

When the hacker published a how-to list of instructions, some rogue actors inevitably gave their approach a whirl. Taking control of multiple devices, these malefactors launched a massive distributed denial of service (DDOS) attack against Dyn, a strategy that involved sending a relentless barrage of domain name queries to the firm’s hosting service, so many that it paralyzed the Web sites of its clients, including Twitter, Spotify, Reddit, and many other heavy-traffic sites. This was a direct outcome of the paradox we’ve been talking about. Domain name registrations are managed by increasingly large, centralized, third- party providers while lightweight IoT devices are getting into the hands of an ill-prepared general public.

That combination is a hacker’s dream. And what a pool of data we are gathering for those hackers to play with. In 2014, IBM estimated that human beings were creating 2.5 exabytes, otherwise expressed as 2.5 quintillion bytes of data, every day, most of them now stored permanently thanks to a cloud computing era in which storage has become so cheap that it no longer makes sense to destroy data. Let’s lay that number out numerically, with all seventeen zeroes: 2,500,000,000,000,000,000. (Another way of expressing it: the equivalent of 2.5 trillion PDF versions of The Age of Cryptocurrency.)

According to the IBM team, this number meant that human beings had created 90 percent of all data accumulated throughout history in just two years—most of it stored on the servers of cloud service providers like the ones IBM runs. The only way to protect this data and slow down the force of attacks against it, we will argue, is to take it away from centralized servers and create a more distributed storage structure. Control of data needs to be put back into the hands of those to whom it belongs, the customers and end users of the Internet’s services.

If hackers want our data they’ll have to come after each and every one of us, a far more expensive exercise than simply finding a weak entry point into a giant silo database that holds all of our data in one convenient place. To achieve this goal, we need to embrace the decentralized trust model. Before we delve more deeply into this solution, let’s reflect further on why it matters for humanity. It’s about much more than dollars and cents. There is an intrinsic link between the challenge of protecting privacy, a necessary element of a functioning society, and data security.

When that protection breaks down, as it does repeatedly, lives can be destroyed: people’s money and assets are stolen, their identities and reputations are hijacked, they face extortion and blackmail, and they find that the intimate moments they’ve shared with others are thrust into the public domain. Online identity theft has been linked to depression and even suicide. And if this isn’t bad enough, experts are convinced we’ll soon experience cyber- murders, as Internet-enabled cars and other potentially lethal devices become targets of hacker hitmen. Murders may have already been committed; speculation that the mysterious disappearance of Malaysian Airlines flight MH370 was the result of a hacking attack on the plane’s onboard computer is no longer the stuff of conspiracy theorists.

We must get ahead of this problem. Individuals aren’t the only losers in this model. Companies and institutions lose out as well. The list of recent big cyber-attack targets includes some of the biggest names in the S&P P. Morgan, Home Depot, Target, Sony, Wendy’s. All paid a high cost in legal fees, restitution to their users, and investment in upgraded security systems. And it’s not just corporate America. Governments, too, have been hit. Recall that security clearance data on 18 million people was compromised when the S. Office of Personnel Management was hacked in 2015.

And, of course, the alleged Russian hacks of the Democratic National Committee in 2016 have unleashed an all-out political crisis during the Trump administration’s first year. These constant attacks are expensive, ongoing headaches for the IT departments at companies and other institutions. Every new trick deployed by a rogue hacker prompts a new patch to a security system, which attackers inevitably figure out how to compromise. That prompts even more expensive investment in cybersecurity systems that will themselves, inevitably, get breached or require further upgrades. The companies keep spending more dollars to build ever-higher firewalls, only to learn their adversaries are constantly getting ahold of taller ladders.

Clearly, we need a new architecture for security. And the ideas contained within blockchain technology might help us get there. Within the distributed structure of a blockchain environment, participants do not depend on centralized institutions to maintain cybersecurity infrastructure such as firewalls to protect large groups of users. Instead, security is a shared responsibility. Individuals, not trusted intermediaries, are responsible for maintaining their own, most sensitive information, while any information that is shared is subject to a process of communal consensus to assure its veracity. The potential power of this concept starts with the example of Bitcoin.

Even though that particular blockchain may not provide the ultimate solution in this use case, it’s worth recalling that without any of the classic, centrally deployed cybersecurity tools such as firewalls, and with a tempting “bounty” of more than $160 billion in market cap value at the time we went to print, Bitcoin’s core ledger has thus far proven to be unhackable. Based on the ledger’s own standards for integrity, Bitcoin’s nine-year experience of survival provides pretty solid proof of the resiliency of its core mechanism for providing decentralized trust between users. It suggests that one of the most important non-currency applications of Bitcoin’s blockchain could be security itself.

Security by Design One reason why Bitcoin has survived is because it leaves hackers nothing to hack. The public ledger contains no identifying information about the system’s users. Even more important, no one owns or controls that ledger. There is no single master version; with every batch of confirmed transactions, the so-called blocks of the blockchain, a new, updated version of the entire ledger is created and relayed to every node. As such, there is no central vector of attack. If one node on the network is compromised and someone tries to undo or rewrite transactions in that node’s local version of the ledger, the nodes controlling the hundreds of other accepted versions will simply refuse to include data from the compromised node in the updates.

The contradiction between the many clean versions and the one that’s been altered will automatically label the compromised block as false. As we’ll discuss further in the book, there are varying degrees of security in different blockchain designs, including those known as “private” or “permissioned” blockchains, which rely on central authorities to approve participants. In contrast, Bitcoin is based on a decentralized model that eschews approvals and instead banks on the participants caring enough about their money in the system to protect it. Still, across all examples, the basic, shared, and replicated nature of all blockchain ledgers, in which the

common record of truth resides in multiple locations, underpins this core idea of distributed security, that the risk of failure is backstopped by multiple ” This is not how big companies tend to think about security, however. In March 2016, at a symposium organized by the financial securities settlement and clearing agency Depository Trust & Clearing, or DTCC, the audience, filled with bankers and representatives of companies that support them, was asked to vote on what IT sector they would invest in tomorrow if they had $10 million to deploy. From a menu of options, the votes came back, with the majority in favor of investing in “cybersecurity” services, and “blockchain” opportunities second.

On stage at the time, Adam Ludwin, the CEO of blockchain/distributed ledger services company Chain, took advantage of the result to call out Wall Street firms for failing to see how this technology offers a different paradigm. Ludwin, whose clients include household names like Visa and Nasdaq, said he could understand why people saw a continued market for cybersecurity services, since his audience was full of people paid to worry about data breaches constantly. But their answers suggested they didn’t understand that the blockchain offered a solution. Unlike other system-design software, for which cybersecurity is an add-on, this technology “incorporates security by design,” he said.

For the private “permissioned” blockchains that Wall Street is typically exploring—distributed ledger models in which all the validating computers must be pre-authorized to join the network—Ludwin’s “by design” notion refers solely to the fact that the data is distributed among many nodes rather than held solely by one. The advantage is that this structure creates multiple redundancies, or backups, that can keep the network running if one node is compromised. A more radical solution is to embrace open, “permissionless” blockchains like Bitcoin and Ethereum, where there’s no central authority keeping track of who’s using the network.

And in that case, the entire security paradigm—the question of what constitutes “security”—changes. It’s not about building a firewall up around a centralized pool of valuable data controlled by a trusted third party; rather the focus is on pushing control over information out to the edges of the network, to the people themselves, and on limiting the amount of identifying information that’s communicated publicly. Importantly, it’s also about making it prohibitively expensive for someone to try to steal valuable information. It’s perhaps counterintuitive to think that a system in which people don’t reveal their identities could be safe from attackers.

But the fact is that the incentive and costs that these software programs impose on actors in the system have proven remarkably secure. Bitcoin’s core ledger has never been successfully attacked. Now, it will undoubtedly be a major challenge to get the institutions that until now have been entrusted with securing our data systems to let go and defer security to some decentralized network in which there is no identifiable authority to sue if something goes wrong. But doing so might just be the most important step they can take to improve data security. It will require them to think about security not as a function of superior encryption and other external protections, but in terms of economics, of making attacks so expensive that they’re not worth the effort.

Let’s compare our current “shared-secret model” for protecting information with the new “device identity model” that Bitcoin’s blockchain could facilitate. Currently, a service provider and a customer agree on a secret password and perhaps certain mnemonics—“Your pet’s ”—to manage access. But that still leaves all the vital data, potentially worth billions of dollars, sitting in a hackable repository on the company’s servers. With a permissionless blockchain, control over the data stays with the customer, which means that the point of vulnerability lies with their device. So instead of Visa’s servers containing the vital identifying information that’s needed for hundreds of millions of cardholders to access its payments network, the right to access a network is managed solely by you, on your phone, your computer.

A hacker could go after each device, try to steal the private key that’s used to initiate transactions on the decentralized network, and, if they’re lucky, get away with a few thousand dollars in bitcoin. But it’s far less lucrative and far more time-consuming than going after the rich target of a central server. The weak link—there is always one, it is a truism of cybersecurity— would now be the device itself. The onus in a blockchain system is on the customer to protect that device. Admittedly, that opens up new challenges in terms of education around the management of private keys and encryption strategies.

Optimizing the cryptocurrency future will require people to take charge of their own security. But even with this new challenge in terms of device protection, we should see a dramatic reduction in the number of attacks. The crucial point here is that the potential payoff for the hacker is so much smaller for each attack. Rather than accessing millions of accounts at once, he or she has to pick off each device one by one for comparatively tiny amounts. It’s an incentives-weighted concept of security. It is security by design, not by patch. It seems clear to us that the digital economy would benefit greatly from embracing the distributed trust architecture allowed by blockchains— whether it’s simply the data backups that a distributed system offers, or the more radical idea of an open system that’s protected by a high cost-to- payout ratio.

Once we put our heads in that place, liberating new models for managing data emerge, models that restore control to the individuals who produce the data and then give the data itself significantly more protection. One industry that would no doubt rejoice at such a solution would be the health care industry. Right now, highly sensitive health records are spread across separate siloed databases managed by insurance firms, hospitals, and laboratories, each sitting on their own pools of vulnerable data. These institutions are bound by strict non-disclosure rules laid out in well- intentioned but highly restrictive patient privacy legislation such as the Health Insurance Portability and Accountability Act, which imposes high penalties for failing to protect patient data, and they would love to be free of this liability.

Attacks have been mounting in the industry. A 2016 cyber-attack on insurer Anthem Health exposed 78 million customers’ records. The so- called WannaCry ransom attacks, in which health records of patients in different hospitals around the world were encrypted by hackers who demanded bitcoin payments to unlock them, largely targeted hospitals and other places where the data is a life-or-death consideration. The biggest losers are patients. This structure creates time-wasting, costly inefficiencies in their care—there are countless horror stories of critically ill patients unable to release vital records from their primary-care physicians to emergency staff so they can take the right measures.

And because data isn’t being freely shared, research into potentially lifesaving treatments is held back. Almost everything about how the S. health care system manages medical records is broken. That’s why initiatives like MedRec, an open-source program based on the Ethereum blockchain that was created by MIT Media Lab students Ariel Eckblaw, Asaph Azaria, and Thiago Yieira, are filled with such potential. The idea, one that’s also being pursued in different forms by startups such as Gem of Los Angeles and Blockchain Health of San Francisco, is that the patient has control over who sees their records.

Data would still reside with each provider, but patients would use their private cryptographic key—the same device used to authorize bitcoin payments—to release whatever specific aspects of their data are required by providers, to whom they authorize access. Decentralized Economy with Centralized Trust How do we get to a world of decentralized trust, so that it costs me close to nothing to safely and confidently engage in transactions with others online? Answers to that question lie in reflecting on how we went from the utopian concept of a level-playing-field Internet that led New York Times columnist Thomas Friedman to declare that the “world is flat” to one in which a handful of gargantuan gatekeepers have asserted almost total control.

Let’s start with the pre-Internet offline economy, the one we inherited from the twentieth century, when the centralized trust model was the only one we could imagine. Under that system, which prevails to this day, we charge banks, public utilities, certificate authorities, government agencies, and countless other centralized entities and institutions with the task of recording everyone’s transactions and exchanges of value. We trust them to monitor our activities—our check writing, our electricity consumption, our monthly payments for everything from newspaper delivery to telephone services—and to reliably and honestly update that information in ledgers that they, and only they, control.

With that exclusive knowledge, those entities gain unique powers in determining our capacity to engage in commerce. They decide whether we can access an overdraft, draw power from the public utility grid, or make a phone call. And they invoice us for that privilege. This system was inherently incompatible with the nobody’s-in-charge, distributed framework of the Internet. The Net was designed to let anyone publish and send information, at near-zero cost, to anyone else anywhere. That opened up vast new economic opportunities, but it also posed unique challenges for trust management. The person you’re dealing with might now have a picture of a dog as their avatar and use the moniker

” How do you know they can be trusted to deliver on whatever contractual agreement you’re entering into? Star ratings, at services like Yelp and eBay, have tried to step into the breach, but these are easily gamed by fake identities and fake reviews, much as Facebook “likes” can be. When it comes to high-value transactions, they cannot be trusted. Well, when Internet companies discovered they couldn’t resolve those challenges, they were forced to invite centralized entities to intermediate on our behalf. It was perhaps a necessary solution, but a flawed one that is now exposing a host of other security and privacy concerns.

The distributed system made it easier for crooks to misrepresent their identities. They could also duplicate, forge, or counterfeit valuable information. So, when entrepreneurs pioneered e-commerce in the mid- nineties, they struggled to design an online payments model that wouldn’t expose customers to fraud. Unable to assure customers and merchants that their bank account and credit card data were safe, they at first focused on privacy-protecting forms of electronic cash, the concept that Satoshi Nakamoto would tackle with Bitcoin. If cash were digital, they reasoned, people could make online payments without revealing personal identifying information, just as they did with banknotes.

In pursuit of that goal, the aforementioned “Cypherpunks”—a loose association of programmers with a fiercely libertarian bent who were obsessed with using cryptography to protect privacy online—and other Internet adventurers toyed with private cryptocurrency concepts, while banks and governments stealthily experimented with sovereign currency-based e-cash. (In The Age of Cryptocurrency, we reported on one little-known e-cash pilot that the S. Treasury Department explored in conjunction with Citibank.) These early digital currencies were bedeviled by the “double-spend” problem mentioned above—rogue users could always find ways to duplicate their currency holdings. Overcoming this was vital because, whereas we might happily make a copy of a Word document and send it to someone, digital counterfeiting of this kind would destroy any monetary system’s inherent value.

Technologists tried to make a system to verify that people weren’t double-spending, but it proved much harder than you might think. In the end, prior to the existence of Bitcoin, the e-commerce industry settled on a workaround: Firms such as Verisign pioneered a model for issuing SSL (Secure Sockets Layer) certificates to verify the trustworthiness of Web site encryption systems. Meanwhile, card-issuing banks beefed up their anti-fraud monitoring efforts. A version of the “trusted third party” was added to our complicated system of global value exchange. It was another jury-rigged solution that meant that the banking system, the centralized ledger-keeping solution with which society had solved the double-spend problem for five hundred years, would be awkwardly bolted onto the ostensibly decentralized Internet as its core trust infrastructure.

With customers now sufficiently confident they wouldn’t be defrauded, an explosion in online shopping ensued. But the gatekeeping moneymen now added costs and inefficiencies to the system. The result was high per- transaction costs that made it too expensive, for example, to sustain micropayments—extremely low payments, maybe as little as pennies, that otherwise promised to open up a whole new world of online business models. That nixed a dream of early Internet visionaries, who saw that idea feeding into a global marketplace where software, storage, media content, and processing power would be bought and sold in fractional amounts to maximize efficiency.

The compromise also meant that credit cards, once an elite-only instrument, became an integral, even necessary component of e- commerce infrastructure, making banks even more relevant to our payments system. Under this model, the banks charged merchants an interchange fee of around 3 percent to cover their anti-fraud costs, adding a hidden tax to the digital economy that we all pay in the form of higher prices. Meanwhile, other aspects of Internet governance had to be entrusted to centralized entities as well. These include the domain name system (DNS) managers and hosting service providers, companies whose servers occupy URLs—those specially assigned areas of the World Wide Web around which we navigate our Internet surfing—and host the files that make up the clients’ Web sites that point to those Internet addresses.

Anyone who has set up a Web site has dealt with such outfits. All of them charge fees. The more files and pages that need hosting, the more they charge. All these solutions worked for those who could afford them. But, inevitably, the added transaction costs translated into barriers to entry that helped the largest incumbents ward off competitors, limiting innovation and denying billions of financially excluded people the opportunity to fully exploit the Internet’s many possibilities for advancement. It’s how we’ve ended up with Internet monopolies. Those with first-mover advantages have not only enjoyed the benefits of network effects; they’ve been indirectly protected by the hefty transaction costs that competitors face in trying to grow to the same scale.

In a very tangible way, then, the high cost of trust management has fed the economic conditions that allow the likes of Amazon, Netflix, Google, and Facebook to keep squashing competitors. Just as important, it has also meant that these monolithic players have become all-powerful stewards of our ever-growing pools of vital, sensitive data. The Internet’s Missing Piece This was not the dream conveyed in the Cypherpunk manifesto of Tim May and his fellow band of libertarian advocates for cryptography, privacy, and an online world of individual empowerment. Those geeky rebels of the 1990s Bay Area wanted an Internet that was free of both government and corporatist control, a decentralized online economy where self-expression was devoid of censorship, where anyone could transact with anyone else under whatever identity they chose.

Ideas like Ted Nelson’s ill-fated Xanadu project, which never achieved anywhere near its lofty vision of a global network of independent, self-publishing, interlinked, fully autonomous computers, envisaged a network in which far more processing power and data was placed under the control of individual owners’ computers. They were ideas that were far ahead of their time, conceived at a moment when resource, economics, and political realities simply weren’t compatible with them. But then, in 2008, with the Cypherpunk community seemingly having lost its mojo, along came Bitcoin—an idea for cryptomoney that was straight out of their playbook, even though few by then expected it would work.

Now, the question of identifying who controlled the data didn’t matter. Its integrity could be assured by a decentralized network that constantly updated itself through a process of unbreakable consensus. Once Bitcoin’s implications were apparent, the revelation came as a bolt of lightning to many who’d been involved in building the Internet’s early architecture. These people included Marc Andreessen, the venture capitalist and co-creator of the first commercial Web browser, Netscape, who told authors Don and Alex Tapscott that people like him suddenly recognized it as “the distributed trust network that the Internet always needed and never

” As Andreessen and others in Silicon Valley’s moneyed classes started to throw money at developers working on Bitcoin and its clones, the sheer breadth of what Bitcoin’s underlying blockchain technology might achieve became apparent. For many of the new technologies that innovators are rolling out today, designers are thinking about how blockchain concepts will be part of the general enabling framework: • Internet of Things solutions will require a decentralized system for machine-to-machine transactions; • Virtual reality content creation, by which future imaginary worlds will be collaboratively produced by writers and coders, could use a blockchain system for divvying up royalties via smart contracts; • Artificial intelligence and Big Data systems will need a way to assure that the data they are receiving from multiple, unknown sources has not been corrupted; • “Industry 4.0” systems for smart manufacturing, 3D printing, and flexible, collaborative supply chains need a decentralized system for tracking each supplier’s work processes and inputs.

In short, the blockchains may provide the architecture framework that makes possible the so-called Fourth Industrial Revolution that brings “bits and atoms” together and thrives off massive amounts of processed, global information. It makes the aspirational goal of an Internet of “open data” possible. With this, we might free up the world’s data so that smart people everywhere can work with it. Open access to data should better enable humankind to collectively figure out solutions to our many problems and make better products more efficiently. It is an extremely empowering concept. Code Is Not Law As we’ve said elsewhere, there’s no guarantee that this sweeping vision of a new enabling platform for the global digital economy will come to fruition.

In addition to various technological and internal governance challenges, which we’ll address in coming chapters, there are numerous external barriers to adoption. There are also some thorny questions to resolve before blockchain technology or any other decentralized trust system can comprehensively underpin the world’s transactions and information exchanges. The challenges include those posed by regulators, who are struggling to keep up with the category-defying changes that cryptocurrency poses. It took two years for the New York Department of Financial Services to come up with its benchmark-setting BitLicense regulation for money transmission with digital currencies like bitcoin.

By the time it was enacted in 2015, the crypto world had moved on to smart contracts and Ethereum; now it’s all about utility tokens, initial coin offerings, and decentralized autonomous organizations—none of which were foreseen by the regulation’s authors. One risk is that regulators, confused by all these outside-the-box concepts, will overreact to some bad news—potentially triggered by large-scale investor losses if and when the ICO bubble bursts and exposes a host of scams. The fear is that a new set of draconian catchall measures would suck the life out of innovation in this space or drive it offshore or underground.

To be sure, institutions like the Washington-based Coin Center and the Digital Chamber of Commerce are doing their best to keep officials aware of the importance of keeping their respective jurisdictions competitive in what is now a global race to lead the world in financial technology. But we live in unpredictable political times in which, to say the least, policymaking is not being guided by rational, forward-thinking principles. The sheer lack of clarity on the intention of regulators and legislators is itself a limit to the technology’s progress. We are going to need regulations—a framework for understanding how the new organization and governance models of blockchain logic can be interpreted by traditional legal systems, whether based on old or new laws.

How do we legally define ownership of a digital asset when rights to it come down to control over a private, anonymized key? Where do jurisdictional responsibilities lie when a blockchain ledger is shared around the world or when there’s no way to know which computers within a global network will execute the randomly assigned instructions contained within a smart contract? Advocates for these new ideas might argue that new laws aren’t needed, but they can’t make the claim that they deserve some kind of exemption from regulation altogether. The online world is not a world unto itself; it exists as a subset of the broad framework of laws and norms that we’ve built up over the centuries.

Some libertarian-minded crypto enthusiasts who want to live entirely by the rules of a blockchain and free themselves from dependence on government are fond of citing the phrase “code is law,” used by Harvard professor Lawrence Lessig. Some have over-interpreted this message. Lessig never meant that software code could be a substitute for real-world law, that all disputes would be resolved by these automatic machines, only that code shares some of the qualities of law in the way it proscribes the behavior of computing components. To see code as a substitute for the law is to reduce the latter to something far smaller than what it is.

If the law were merely a set of instructions and rules, then yes, perhaps we could just have computers, working together in algorithmic concert, arbitrating and executing all of our digital exchanges with each other. But the law goes much, much deeper and much, much broader than that. The philosophical question of “what is ” can prompt a host of different answers, but the more you dig into the concept the harder it is to separate law from what Carl Jung called our “collective unconscious,” a set of ideas about how to treat each other that we’ve inherited from prior generations and iteratively altered over millennia.

It’s simply not something we can reduce to computer code. No episode brought this lesson home more forcefully than the debacle of The DAO attack of June 2016. The DAO stands for The Decentralized Autonomous Organization. In using this name, the founders of The DAO appropriated an acronym that had until then been used as a generic description of a variety of new, and potentially valuable, systems of automated corporate management and attached it to an extreme expression of techno-anarchic ideals. The DAO was an investment fund established by it, a smart contracts development group founded by Ethereum’s former chief commercial officer, Stephan Tual, and two others.

This entity, The DAO, was to be entirely managed by software code—no CEO, no board of directors, no managers of any kind. This kind of thing had been talked about in theory, but these guys were the first ones to give it a shot. The basic idea was that the platform would allow the funds’ investors to vote on how to allocate its money—that is, to select from a variety of proposed projects. The idea was that a more democratic, and supposedly superior, investment logic would emerge than that of traditional funds, where fund managers’ interests don’t always align with those of their principals.

It was pie in the sky to the moon, and then some. Investors were invited to buy DAO tokens with ether, Ethereum’s native currency, giving them a stake in The DAO fund. Decisions on investments would depend on token holders’ votes on submitted business proposals. After that, the contributions, dividends, and distributions would all be handled according to the Ethereum-based smart contract that ran The DAO. The concept sparked an inordinate amount of excitement among decentralization utopians within the crypto community, who saw it as a way to prove that effective economic decisions could be made without relying on third-party institutions, whether private or government.

Lawyers expressed concerns about the lack of redress in the event of losses, and respected cryptographers such as Zcash founder Zooko Wilcox- O’Hearn and Cornell professor Emin Gün Sirer gave grave warnings about flaws in the code that would allow a clever hacker to siphon off funds. Despite this, investors poured $150 million of ether into DAO tokens in just twenty-seven days. It was, at the time and at that valuation, said to be the biggest crowdfunding exercise in history. As it turns out, the whole concept was doomed by defects unnoticed by founders and investors blinded by hubris and idealistic faith.

In the pitch documents explaining the terms of the deal, it said, “The DAO’s smart contract code governs the Creation of DAO tokens and supersede[s] any public statements about The DAO’s Creation made by third parties or individuals associated with The DAO, past, present and ” This was a bold—and, as it would turn out, poorly conceived—statement. It pushed Lessig’s “code is law” concept to an extreme interpretation, a literal interpretation. They wanted to eliminate humans, and their fuzzy, subjective notions of what is right and wrong, from the equation. The flaw in this logic was soon made apparent.

In the early hours of Friday, June 17, 2016, monitors of The DAO’s ether account realized that it was being relentlessly drained of funds. A massive attack was under way by an unidentifiable participant who’d figured out that if he or she wrote a program to interact with the smart contract, it could constantly ask for and receive funds, sent to a copycat DAO that they controlled. The attacker built a virtual version of an out-of-control ATM, one that could not be turned off by the now autopilot-managed DAO system. Before they locked the attacker out, he or she siphoned off almost $55 million worth of ether.

The panicked organizers now found themselves in legal no-man’s-land since they had declared that nothing supersedes the code. Whatever the software does was supposed to be okay, and in this case the software, according to the rules of its own code, was redistributing investors’ funds to one savvy user. “I’m not even sure that this qualifies as a hack,” wrote Gün Sirer, the Cornell professor, on his blog post later that day. “To label something as a hack or a bug or unwanted behavior, we need to have a specification of the wanted behavior. We had no such specification for The

… The ‘code was its own documentation,’ as people say. It was its own fine print. The hacker read the fine print better than most, better than the developers … Had the attacker lost money by mistake, I am sure the devs would have had no difficulty appropriating his funds and saying ‘this is what happens in the brave new world of programmatic money ’ When he instead emptied out coins from The DAO, the only consistent response is to call it a job well ” By The DAO founders’ own terms, the attacker had done nothing wrong, in other words.

He or she had simply exploited one of its features. In the real world, the spirit of the law always supersedes its letter—the intent is more important than the code. In this case, the intent of the attacker was made clear in the mood of the token holders: they were angry; they believed they’d been wronged. They wanted their money back. But whom were they going to sue? There was no designated owner of this enterprise. They were all equal members of a decentralized system with no one in charge. As many lawyers argued, however, the law will always find a way to get around that problem.

The law will seek out and find someone to hold responsible. And in this case those most likely to be fingered were the it team and various Ethereum founders and developers who’d encouraged and promoted The DAO. Even if they could avoid legal consequences, their reputations, and that of the system they supported, were on the line. Sure enough, one year later, the law did take an interest. Conducting an investigation into the affair, the S. Securities and Exchange Commission ruled that the tokens that had been issued constituted unregistered securities and so would have been in breach of

S. laws. To it’s inevitable relief, the SEC decided not to pursue charges, but the press release explaining its decision was a shot across the bow. Not only did it make clear that the growing number of crypto-token issuers needed to be wary of regulatory action, but it was also a reminder of how far-reaching are the jurisdictional powers of regulatory institutions that carry the weight of S. law behind them. A related matter is the question of how to incorporate relationships of human trust into a blockchain. Bitcoin purists believe that users need not trust anyone with whom they enter into a transfer of bitcoin currency.

The record of their transactions is generated according to a distributed software program that no one controls, and when currency is transferred to other users, that exchange is verified by a decentralized system that requires no “trusted third party’s” adjudication and has no need to identify the users. But in reality, Bitcoin users can’t get away from having to trust someone or something. For one, the payment is only one part of the transaction; there’s nothing in the software that ensures that the merchant delivers the goods or services offered in return. Bitcoin users also must trust that data being input into the record is reliable.

How do you know the smartphone or PC you are using to give instructions to the Bitcoin network hasn’t been compromised? How do you know that when you are typing “6f7Hl92ej” on your keyboard, those characters are the ones being conveyed to the Bitcoin network? We have little choice but to trust that Apple, Samsung, and other manufacturers are using strict supply-chain monitoring systems to ensure that attackers haven’t put malware into the chips. This is not to sound paranoid, because the fact is that, even in the face of constant cyberbreaches, we all choose to trust our computers.

But it is to say that it’s inaccurate, and a little naïve, to think that blockchain systems operate within what some in the cryptographic community describe as a state of ” Once we go beyond bitcoin currency and start to transfer other rights and assets over a blockchain, the insertion of more trusted parties arises. The authenticity of a land title document that’s represented in a blockchain will, for example, depend on the attestation of some authority figure such as a government registrar. This dependence on a trusted middleman, some cryptocurrency purists would argue, overly compromises a blockchain’s security function, rendering it unreliable.

For that reason, some of them say, a blockchain is inappropriate for many non-currency applications. We, however, view it as a trade-off and believe there’s still plenty of value in recording ownership rights and transfers to digitally represented real-world assets in blockchains. We must, however, be aware of that trust component and establish acceptable standards for how data from such sources is gathered and entered into a blockchain-based system. Blockchain technology doesn’t remove the need for trust. In fact, if anything it’s an enabler of more trustful relations. What it does do is widen the perimeter of trust.

While the software removes centralized trust from the internal ledger-keeping process inside the blockchain, we must trust other people in the “off-chain” environment. We have to trust that a merchant will fulfill a promise to deliver goods on time, that a provider of some source of key information like a stock market price-feed is accurate, or that the smartphones or computers we use to input information haven’t been compromised at the manufacturing stage. As we go about designing new governance systems based on this technology, we need to think hard about best practices as they exist at that outer rim—the “last mile” of verification, as some call it.

Blockchain technology should be an impetus to develop standards and rules about how the fulfillment of contractual obligations is to be judged in ways that can be read and understood in this new digital context. Finally, there’s a potentially contentious issue around the market framework—the questions of which computers control the blockchain and how much power to dictate prices, access, and market dominance that allows. Permissioned blockchains—those which require some authorizing entity to approve the computers that validate the blockchain—are by definition more prone to gatekeeping controls, and therefore to the emergence of monopoly or oligopoly powers, than the permissionless ideal that Bitcoin represents.

(We say “ideal” because, as we’ll discuss in the next chapter, there are also concerns that aspects of Bitcoin’s software program have encouraged an unwelcome concentration of ownership—flaws that developers are working to overcome.) Permissioned systems integrate a trusted third party—the very kind of intermediary that Satoshi Nakamoto aimed to avoid—to authorize which computers can participate in the validation process. This option makes sense for various industries that are looking to adopt blockchain technology but whose current industry structures just don’t allow a permissionless system. Until the law changes, banks would face insurmountable legal and regulatory opposition, for example, to using a system like Bitcoin that relies on an algorithm randomly assigning responsibility at different stages of the bookkeeping process to different, unidentifiable computers around the world.

But that doesn’t mean that other companies don’t have a clear interest in reviewing how these permissioned networks are set up. Would a distributed ledger system that’s controlled by a consortium of the world’s biggest banking institutions be incentivized to act in the interests of the general public it serves? One can imagine the dangers of a “too-big-to-fail blockchain”: massive institutions could once again hold us hostage to bailouts because of failures in the combined accounting system. Perhaps that could be prevented with strict regulation; perhaps there needs to be public oversight of such systems.

Either way, it’s incumbent upon us to ensure that the control over the blockchains of the future is sufficiently representative of broad-based interests and needs so that they don’t just become vehicles for collusion and oligopolistic power by the old guard of finance. The open-source development of permissioned ledger models that’s being done by R3 CEV, a consortium dominated by major banks, and by the Hyperledger group, in which tech firms like IBM, Intel, and Cisco play hefty roles, is important. It’s forcing the incumbents within them to see the spotlight that this new technology shines on the inefficiencies of their old, centralized work processes.

And some of the ideas being developed there will no doubt be of great value to the wider ecosystem of blockchain development. But we believe the “permissionless” ideal first laid down by Bitcoin and since followed by countless alternative “altcoins” and blockchains is a vital one for the world to focus on. As we stated in The Age of Cryptocurrency, Bitcoin was merely the first crack at using a distributed computing and decentralized ledger-keeping system to resolve the age-old problem of trust and achieve this open, low- cost architecture for intermediary-free global transactions. It may or may not be the platform that wins out.

Perhaps something else will come along and fulfill for the age of cryptocurrency what the Transmission Control Protocol/Internet Protocol, or TCP/IP, pair of protocols did for the age of the Internet. Something will emerge as a standard, base-layer protocol that dictates how all computers everywhere exchange value with each other. Will it be Bitcoin, Ethereum, or something else entirely, perhaps a protocol that allows computers with digital assets on any one of these competing blockchains to trade directly with each other without going through a third party? Such is the threat and opportunity that open-source development offers: anyone can copy and then improve upon your idea.

The good news is that boundless energy and innovation will go into figuring out how to iterate upon the ideas that currently exist and will build a potentially better system. That innovation might find its way back into Bitcoin, helping to cement its first-mover advantage. Or it might diffuse the value creation power across a wider array of platforms until something more popular comes along. In the next chapter we will ask such questions as we survey the frenetic pace of invention in the blockchain space. Three THE PLUMBING AND THE POLITICS Building a decentralized economic system for a network of independent, anonymous computer owners in which everyone will work in the interests of the group poses a daunting technical challenge.

It’s also a major political challenge. Herding cats comes to mind. It turns out that building a network outside the traditional political system requires a lot of political decisions. Success for a decentralized cryptocurrency or blockchain network comes down to designing the right rule set—the software protocol—by which participants interact with each other. Satoshi Nakamoto’s Bitcoin breakthrough gave us the first working example of how to achieve this even when large amounts of money, business secrets, and other matters of value are at stake. But as the community of Bitcoin’s users and computer owners has grown and changed, and as newcomers have demanded new functions and more powerful applications, there’s been constant pressure to upgrade and change the protocol to facilitate those needs.

The problem is that in a truly decentralized, open-source system where no one is in charge, it’s extremely difficult to get all those people with their far-flung disparate interests to agree on what changes to make. There are probably several thousand extremely bright programmers and entrepreneurs trying to make this software take off. In some ways, they’re like the Founding Fathers in the United States: they’ve come across something new and intriguing that could change the world, if they could only configure it properly. “All men are created equal” did not just explode, sui generis, on the colonial landscape in July 1776.

It was the synthesis of a classical-liberal school of thought that had been developing for decades— and still is, for that matter. The techno-philosophers of the blockchain movement are grappling with myriad iterations of an idea. They just have to find the best ones. The Cypherpunks’ Holy Grail The starting point for understanding how blockchains work, as well as the technical and political debates they engender, is the first working blockchain: the Bitcoin blockchain. Bitcoin put the objective of pure, permissionless decentralization front and center. In guiding a community of autonomous users to reach agreement on transaction histories, it showed that software controlled by no individual or corporation could now supplant the “trusted third-party” role that institutional intermediaries such as banks have traditionally played in confirming our financial records.

If society is to define a sensible path for adopting, or not, this highly disruptive technology, we must first understand what Bitcoin is and why it matters. So, we’re going to peer under its hood. Before we do that, however, let’s start with this generic definition of a blockchain: a distributed, append-only ledger of provably signed, sequentially linked, and cryptographically secured transactions that’s replicated across a network of computer nodes, with ongoing updates determined by a software-driven consensus. What does that mouthful actually mean? Well, let’s break down its key words: 1. “distributed”: the ledger does not reside in one place but in many, with each bookkeeping node independently responsible for updating it in coordination with the others.

Once one bookkeeper (in this case, a computer) updates the ledger, along with some proof that its work was sound, all others simultaneously upgrade their own versions with that same update. What emerges is a constantly updated, commonly agreed record of truth with no centralized master copy. 2. “append-only”: information can only be added, not removed. This is important because it means no one can go back and doctor the record. What’s been agreed upon as the truth is the truth. There is no room for debate. 3. “provably signed”: blockchains use the public key infrastructure encryption methodology for sharing and controlling information.

With PKI, as it’s known, users control two separate but mathematically linked strings of numbers and letters, or ” One is a secret “private key” that only they know, and the other is a public key, visible to all, that’s associated with some form of valuable information. In Bitcoin, that information refers to an amount of bitcoin currency. When the user “signs” their public key with their private key, that action mathematically proves to outsiders that the user has control of the underlying information and can then assign, or send it, to another person’s public key.

In Bitcoin’s case, that’s the process by which a person sends currency from their “address” (their public key) to another. (Though it’s not a perfect analogy, you can think of your private key as a secret password or PIN to manage your money and your address as an account.) 4. “sequentially linked and cryptographically secured”: some other tools from the science of cryptography are used to represent entries into the ledger in a way that links them, with a series of unbreakable mathematical locks, into a fully verifiable sequence. This forms a never-ending, chronological series of blocks, or batches of transaction data, whose integrity is protected by cryptography.

This structure provides an unfathomably high probability of confidence that nothing in the ledger has been altered from its agreed-upon state. 5. “replicated”: the ledger is copied across participating nodes (as per the distributed pattern described in 1 above). 6. “software-driven consensus”: a program that all the computers run independently sets certain requirements and incentives for them to behave in a way that systematically guides them to reach agreement on which transactions should or shouldn’t be included in each updated version of the replicated ledger. “Consensus” is a key word in blockchain design, as it describes the process by which each participant’s independently managed copy of the ledger is harmonized with everyone else’s in keeping with a commonly agreed version of the truth.

It typically boils down to how to get a majority to agree on updates. Not so complicated, right? Well, if you’re still struggling to understand, never fear, we’ll dig deeper. A key point to note here is that our generic blockchain definition doesn’t capture the magnitude of Nakamoto’s breakthrough. There are other elements to Bitcoin that, for all intents and purposes, achieved the Cypherpunks’ Holy Grail: a fully decentralized cryptocurrency that no single person, entity, or consortium of members anywhere could control. The Bay Area–based Cypherpunk community, which fought hard to achieve decentralization for two decades before Bitcoin arrived, knew that any digital system of money would need a common ledger to keep track of everyone’s debits and credits.

This was to ensure people weren’t “double- spending”—in effect, counterfeiting—their currency balances. But for the system to be fully decentralized, it had to allow anyone to participate in managing that ledger. It had to be “permissionless,” with a consensus system that no one party could influence. That way, no authorizing entity could block, retract, or decide what gets entered into the ledger, making it censorship resistant. Before Bitcoin, all attempts to achieve this goal ran into an irresolvable dilemma: without a central authority affirming the identity of those validating the ledger, a fraudulent validator could secretly distort the consensus by creating multiple computing nodes under different aliases.

(Think of all those fake Twitter aliases for a sense of how easy this is.) By replicating themselves, they could cast more than 50 percent of the votes and get their own false, “double-spent” transactions inserted into the shared record. This could be resolved by some authority identifying and authorizing each computer user, but that would just take things back to square one. It breached the Cypherpunks’ ideals of “permissionlessness” and censorship resistance. Satoshi Nakamoto’s ingenious solution lay in a mix of carrot-and-stick incentives that encouraged those who were validating transactions to do so honestly.

Any computer anywhere could participate in validation work, and, in fact, would be incentivized to do so with a lottery-like system of bitcoin rewards. These would be paid out every ten minutes, whenever one of those computers successfully added a new batch, or “block,” of freshly validated transactions to the blockchain ledger. (These computers are known as “miners,” because in seeking to win the ten-minute payout, they engage in a kind of computational treasure hunt for digital gold. At the time of writing, the ten-minute “block reward” was equal to 12.5 bitcoins—around $125,000—issued automatically by the decentralized software protocol to the winning miner.

Miners also pick up transaction fees, which we’ll get into later.) Now, since it’s a permissionless system, anyone could up their chance of winning the randomly assigned bitcoin reward lottery by adding more computing nodes to the network. So Nakamoto needed a non-centralized way to prevent a rogue miner from taking over more than 50 percent of the computing power. He achieved this by requiring every single competing computer to conduct an exercise called “proof of work”: a difficult mathematical puzzle that requires heavy computation to find just one number within a mountainous digital haystack of other numbers.

Proof of work is expensive, because it chews up both electricity and processing power. That means that if a miner wants to seize majority control of the consensus system by adding more computing power, they would have to spend a lot of money doing so. Because of features such as a “difficulty adjustment,” which makes the proof-of-work puzzle ever harder as overall network-wide computing power increases, Nakamoto’s proof-of- work system ensures that the costs of a so-called 51 percent attack grow exponentially as an attacker gets closer to that consensus-controlling threshold. Double-spending and fraud are not illegal in Bitcoin; in other words, they are just “taxed” to such a degree that it’s prohibitively expensive.

At the time of writing, the io site was estimating that a 51 percent attack would require an outlay on hardware and electricity costs of $2.2 billion. Over time, bitcoin mining has evolved into an industrial undertaking, with gigantic mining “farms” now dominating the network. Might those big players collude and undermine the ledger by combining resources? Perhaps, but there are also overwhelming disincentives for doing so. Among other considerations, a successful attack would significantly undermine the value of all the bitcoins the attacking miner owns. Either way, no one has managed to attack Bitcoin’s ledger in nine years.

That unbroken record continues to reinforce belief in Bitcoin’s cost-and-incentive security system. If we view the bitcoin currency from this angle—and not merely as it is popularly portrayed, as a strange new digital unit of value that some geeky guys think is a good alternative to dollars, euros, or yen—we can build a conceptual framework for understanding the wider implications of Satoshi’s invention. The currency, bitcoin (lowercase “b”), is first and foremost a store of value that rewards people for securing Bitcoin (uppercase “B”), the system. That, and not the hope that it will become an everyday medium of exchange, is its primary purpose.

Without its existence as an incentive for computer owners to honestly validate exchanges of valuable information, Satoshi’s censorship-resistant distributed ledger simply wouldn’t work. Of course, for this all to tie together, the miners must regard bitcoin currency as having value—they must believe they’ll be able to exchange it for other things of established value, be they goods and services or fiat currencies such as dollars. Fully exploring how they, and millions of others, came to conclude that bitcoins did have value requires a deeper dive into how human communities reach agreements on what constitutes a common medium of exchange, store of value, and unit of account—the three qualities of money.

(For that dive, we again will shamelessly recommend The Age of Cryptocurrency.) What we can say is that, contrary to popular opinion, a currency need not be backed by anything, be it the commitment of a government or a fixed amount of commodity such as gold, only that it be sufficiently recognized as a useful means of measuring and clearing exchanges of value. This might seem counterintuitive because we tend to think of money as a physical thing that somehow contains value within the particular item—the paper note, or the gold coin. But in reality currencies only convey a symbolic tokenized value, one that’s derived solely from the collective will of society to commonly accept the token as a marker of that value.

This same malleability of thinking can be applied to any token, so long as enough people accept it. That’s what happened to bitcoin. The structure of the ledger is also important for keeping Bitcoin secure. Nakamoto conceived of his as an ever-growing, unbroken chain of blocks, each representing a batch of transactions strung together and validated within a ten-minute bitcoin reward period. Hence the word that’s now on every CIO’s lips: ” (Notably, the term “blockchain” never appeared in the original Bitcoin white paper—a good argument for why Bitcoin should have no exclusive claim to the term.)

Within each block period, every miner that’s engaged in the proof-of- work race for the next bitcoin reward is simultaneously gathering new incoming transactions and arranging them into their own new block. The details of each transaction—date, time, addresses of senders and recipients, the amounts sent, —are captured and run through a special cryptographic algorithm to produce an alphanumeric string known as a hash. A hashing algorithm can convert any arbitrary amount of original source data into a single, fixed-length string of letters and numbers, providing a means of mathematically proving the existence of that underlying information.

Anyone in possession of the transaction information can easily run it through the same hashing algorithm to confirm that whoever made the original hash must be in possession of the same data. A key feature of hashes is that they are hypersensitive to changes in the underlying data. Here’s one we generated from the previous paragraph’s raw text by running it through the highly secure SHA-256 algorithm that Bitcoin uses: 63f48074e26b1dcd6ec26be74b35e49bd31a36f849033bdee4194b6be8 505fd9 Now, note that when we simply remove the last period from that paragraph of text, the algorithm came back with a completely different alphanumeric string: 8f5967a42c6dc39757c2e6be4368c6c5f06647cc3c73d3aa2c0abdec3c 6007a5 If you think about this in terms of someone trying to secretly change transaction data, you can see how this hypersensitivity is vital to the blockchain’s integrity.

If anyone tries to introduce changes to existing transactions, other miners will clearly recognize that the new hash output doesn’t match what they have in their versions of the blockchain. So they will reject it. Bitcoin also takes advantage of the fact that it’s possible to take two hashes, combine them, and produce a root hash that encapsulates the two separate data proofs. This process can be repeated ad infinitum, creating hashes of hashes of hashes in a hierarchical structure known as a Merkle Tree. This is how transactions within each block are bundled and cryptographically tied together.

Bitcoin then takes this linking function one step further. Through another cryptographic hashing function, the winning miner ties their newly created block to the previous one. This turns the entire blockchain into a never- ending, mathematically linked chain of hashed transactions that goes all the way back to the “Genesis” block of January 3, 2009. Make a change to a transaction from January 15, 2011, and the blockchain’s interlinked hash- based record of all the data recorded in the subsequent seven years will be completely altered. It’s a bit like how banks use exploding dye to protect banknotes: any thief who tries to spend the stolen money is immediately exposed.

This unbroken record of transactions provides the foundation that miners use to verify the legitimacy of the transactions contained in the winning miner’s new block. If a miner is satisfied with the contents of that block they will commit to connecting their next block to it if they are lucky enough to be the winner. If they’re unsatisfied, they would attach their new block to an earlier block whose contents they trust, leaving the suspicious one as an ” This decision-making forms the basis for Bitcoin’s consensus logic, which is based on a convention known as the “longest

” The idea is that if no miner has amassed more than 50 percent of total computing capacity, then mathematical probability will ensure that any attempt by a rogue minority to add a series of new ten-minute blocks to a previously rejected and orphaned one will soon fall behind the majority’s longer chain and will be abandoned. The caveat, of course, is that if bad actors do control more than 50 percent of the computing power they can produce the longest chain and so incorporate fraudulent transactions, which other miners will unwittingly treat as legitimate.

Still, as we’ve explained, achieving that level of computing power is prohibitively expensive. It’s this combination of math and money that keeps Bitcoin secure. These cobbled-together concepts comprise Satoshi Nakamoto’s breakthrough: a decentralized, censorship-resistant record of the past. If we acknowledge that all accounting systems are merely estimates—that it’s impossible to arrive at a perfect representation of reality—then this one, a system that collectively captures the shared opinions of a community with no central authority, results in the most objective representation of the truth yet devised. In solving the double-spend problem, Bitcoin did something else important: it magically created the concept of a “digital

” Previously, anything digital was too easily replicated to be regarded as a distinct piece of property, which is why digital products such as music and movies are typically sold with licensing and access rights rather than ownership. By making it impossible to replicate something of value—in this case bitcoins —Bitcoin broke this conventional wisdom. It created digital scarcity. This was vital for how bitcoin is valued as a currency, but also for the many imitator crypto-assets that would come later. Yet, Bitcoin, even if it is a better mousetrap, is far from being a perfect mousetrap.

Nothing made that clearer than a bitter internal fight over what seemed like a mundane issue. It started as a technical disagreement but blew up into a full-fledged fight over control of what was designed to be an uncontrollable network. It showed that managing Bitcoin was more than just managing the ledger itself; it was about governing a community. It was about politics. Bitcoin’s “Civil War” Major code changes have always been difficult for open-source projects, and they are even harder for Bitcoin. There’s no identifiable leader to adjudicate disputes and no way, in the absence of identifying information, to be sure of whom you’re arguing with or how much of a stake they have in the system.

What’s more, there is real money on the table. Changes can deeply affect the value people have stored up in the digital currency. It’s a toxic mix. And it means that people will argue, and argue, and argue, and argue. The biggest fight of all revolved around a small piece of code: the maximum data size of an individual block, which from 2010 on was hard- coded to a limit of one megabyte. That limit meant that only about seven transactions could be processed per second over the Bitcoin blockchain, a serious impediment for payment providers who have aspirations for Bitcoin to compete with Visa, whose network handles about 65,000 transactions per second.

By 2016, there were too many bitcoin transactions over the network to fit inside the 1MB block limit. Transactions that were supposed to be settled in minutes were being settled in hours, or longer. To avoid that fate, users offered rising fee payments to miners to better their chances of having their transaction included in a block. An artificially created “fee market” was emerging, in other words, pitting user against user. By June 2017, the average fee on the Bitcoin network reached more than $5—okay for a $20,000 transfer but impossible for a $2 cup of coffee.

That cost was borne by the user and became an additional source of revenue for miners on top of the Bitcoin software’s routine 12.5-bitcoin block reward. Suddenly, the miners looked a bit like the banking gatekeepers that Bitcoin was supposed to disrupt. For users, a supposedly frictionless payments system was now saddled with friction. Many startups that were trying to build a business on top of Bitcoin, such as wallet providers and exchanges, were frustrated by an inability to process their customers’ transactions in a timely manner. “I’ve become a trusted third party,” complained Wences Casares, CEO of bitcoin wallet and custodial service Xapo.

Casares was referring to the fact that too many of his firms’ transactions with its customers had to be processed “off-chain” on faith that Xapo would later settle the transaction on the Bitcoin blockchain. Action was needed. Some simply argued in favor of increasing the block size. But this otherwise trivial coding change was not uniformly viewed as the best solution. Making blocks bigger would require more memory, which would make it even more expensive to operate a miner, critics pointed out. That could drive other prospective miners away, and leave Bitcoin mining even more concentrated among a few centralized players, raising the existential threat of collusion to undermine the ledger.

On the surface, it seemed both arguments had merits. “Big blockers,” as they were known, were on the side of making sure anyone could afford to use bitcoin—that high transaction fees wouldn’t make it impossible to pay for a cup of coffee. “Small blockers” were all about protecting two big-picture objectives: decentralization and security. Their differences were irreconcilable, all the more so because of how much money was now at stake. Bitcoin had grown from a small, hobbyist’s project into a global experiment with a market value of more than $50 billion by the fall of 2017.

Without an owner, or board of directors, or management, who was to say which side had the right idea for protecting this pool of value? A number of solutions were proposed, but none could attract consensus —a word that has almost holy connotations in Bitcoin circles. In part, it’s because there was no mechanism for determining how much of a stake the supporters of each idea held. The pseudonymous nature of Bitcoin, where there is no formal identification of people and the bitcoin addresses they control, is a vital design feature, with an emphasis on privacy and permissionless participation.

But it makes it hard to organize a vote on policy changes. Without a tally of who’s who and who owns what, there was no way to gauge what the majority of the Bitcoin community, composed of users, businesses, investors, developers, and miners, wanted. And so, it all devolved into shouting matches on social media. The big-blockers and small-blockers were hopelessly, er, blocked. The arguments got so bad that at one point the Bitcoin community on Reddit split in half, with two separate sub-reddits serving each constituency. And since agreement seemed impossible, more and more people came around to adopting a similarly divisive but almost inconceivable solution: splitting Bitcoin in half.

The idea was to “fork” Bitcoin. That’s a software term that just means you’re upgrading a program, like a new version of Microsoft Word. There are two kinds of forks, hard and soft. In a soft fork, the older version of the software lacks the new features but is still compatible with the newer version; in a hard fork, the new software is “backwards incompatible,” which means it can’t interoperate with older versions. A hard-fork-based software change thus poses a do-or-die decision for users on whether to upgrade or not. That’s bad enough for, say, word processing software, but for a currency it’s downright problematic.

A bitcoin based on the old version could not be transferred to someone running software that supports the new version. Two Bitcoins. Two versions of the truth. Then, out of the creative mind of Bitcoin developer Pieter Wuille came an alternative approach: a code change called Segregation Witness, or SegWit, that could be achieved with just a soft fork. It wouldn’t double the block-size limit per se, but it would make the transaction data more efficient, which meant that more or less double the information could be jammed into a 1MB block. Even more important, SegWit fixed some longstanding coding quirks that had made it difficult to implement a very important new invention: the Lightning Network.

Lightning, which might one day allow Bitcoin to compete with Visa’s 65,000 transactions per second, was created by Thaddeus Dryja and Joseph Poon. It allows people to jointly sign smart contracts that create time- locked, two-way payment channels based on a pre-agreed amount of money that the payer seeds with a single bitcoin transaction. They can then move funds to and from each other within that pre-established balance. Also, through an interlocking system of secondary channels, they can transfer funds to third parties, creating a network of traced payments that need not be confirmed in the Bitcoin blockchain.

So, there are no miners’ fees to pay and no limit on how many transactions can be done at any time. The smart contracts prevent users from defrauding each other while the Bitcoin blockchain is used solely as a settlement layer, recording net balance transactions whenever a channel is opened or closed. It persists as the ultimate source of proof, a guarantee that all the “off-chain” Lightning transactions are legitimate. Many in the coder community lined up behind the SegWit/Lightning solution, especially those associated with Bitcoin Core, whose developers, such as Wuille, were affiliated with the influential Bitcoin infrastructure company Blockstream.

The SegWit/Lightning combination was in their minds the responsible way to make changes. They had a duty, they believed, to avoid big, disruptive codebase alterations and instead wanted to encourage innovators to develop applications that would augment the powers of the limited foundational code. It’s a classic, security-minded approach to protocol development: keep the core system at the bottom layer of the system simple, robust, and hard to change—some use the words “deliberately dumb”—and thus force innovation “up the stack” to the “application ” When it works you get the best of both worlds: security and innovation.

But a group of miners with real clout was having none of it.