Bitcoin Box

Ads

The Wasted Electricity Objection to Bitcoin, Part I

author: Vitalik Buterin
published: 2011-05-24 09:47:18 UTC

One of the main arguments in favor of fiat currencies as opposed to currencies based on a scarce resource, whether gold, silver or bitcoins, is that time must be wasted mining something that has no intrinsic value. Would it not be much more efficient, fiat currency proponents argue, to agree to use something easier to produce, like paper, as currency and have one centralized agency prevent counterfeiting? However, these arguments, while they do have some merit against gold, do not apply to Bitcoin since Bitcoin mining is intrinsically a dual-purpose activity: not only does it introduce new coins into the network, it also secures the network against counterfeiting. Whenever 50 new coins are generated, they come with a new block, and this block adds the transactions that have taken place since the creation of the last block to the chain, so that if anyone tries to spend their coins twice the second transaction will be thrown out as illegitimate since one can easily check that the coins have already been spent. If all the miners disappeared, the network would immediately become vulnerable to double-spending.

The technical point of block creation that many object to is that it requires the miner solving the block to find a value which hashes to something starting with a certain number of zeroes, a problem that can only be solved by trial and error. Many ask why it was necessary to include this requirement, as opposed to making block creation a simple matter of signing all the transactions. There is nothing about the system of each transaction signing the last one that requires coins to be difficult to create; it is conceivable to create a Bitcoin where all 21 million coins are created from the start with minimal computational effort.

There are two objections to this. First, there is the egalitarian objection. One of the main criticisms of Bitcoin as it exists now is the "early adopter aristocracy" - back when Bitcoin was much younger, many were able to amass many thousands of bitcoins, and now they have potentially over a million dollars in bitcoins sitting around, while people joining the network now are reduced to taking out 0.02 BTC out of the Bitcoin Faucet and need to join a mining pool which pays out several bitcents a day. That is not to say that they are poor; while the rate at which one could acquire bitcoins has reduced by a factor of 100, each individual bitcoin is 100 times more valuable. If 99% of the bitcoins in existence are locked away, due to near-infinite divisibility prices simply increase but then function as they would have otherwise - instead of the economy spending 600000 bitcoins, it would spend 600000 bitcents - a simple renaming. However, there is still a major problem: the hoarders are able to sell off a small amount of their bitcoins and bring the exchange rate crashing down, taking away value from everyone else - it is possible that this is what caused the crash after the May 14 price spike. Making bitcoins easier to make would even further exacerbate this problem; right now, the bitcoins that have already been mined are only one third of what will be available in 2023, giving future miners two thirds of the economic power, but if all bitcoins were available from the start the early adopters would have held control over 90% of them, and released them in slow, controlled bursts, giving them many chances to profit off the market and destabilize it. Essentially, Bitcoin would have become a de facto fiat currency, with a "federal reserve" letting out money at its whim.

But why, one might ask, can we not have the system release the bitcoins slowly, as it does now, without the wasted computational resources? The question that answers that is: to whom? If it is to a random bitcoin address, then we will have miners calculating trillions of hashes generating addresses. If it is to a random IP, then Bitcoin would have triggered a massive growth in botnets and the impact of people chasing after IP addresses might well have pushed the world onto IPv6 by now. Computational power, however, cannot be spoofed in this way; if someone figured out a way to make a 10-gigaflop computer pretend to be a 60-gigaflop computer (and thus, through recursion, a 360-gigaflop computer, etc) that would be, to put it mildly, a major boon to software developers everywhere. No mechanism, aside from computer power, works to prevent multiple identity spoofing, and imagine how long a Scandinavian welfare state would survive if one person could pretend to be a thousand.

The second objection is the counterfeiting problem. As Satoshi's original Bitcoin paper describes it, "Once the CPU effort has been expended to make it satisfy the proof-of-work, the block cannot be changed without redoing the work. As later blocks are chained after it, the work to change the block [ie. make a counterfeit transaction] would include redoing all the blocks after it." Thus, an attacker would need to be more powerful than the entire network to change the system. The same type of problem arises here as the egalitarian distribution problem: a decentralized P2P currency must, almost by definition, run by consensus, and CPU power is the only non-spoofable way to prevent one person from seizing control by pretending to be 51% of the network.

The multiple identity spoofing problem is one of the greatest challenges of the internet in general. Consider its results outside of Bitcoin: domain name registration is centralized, Gmail account creation now requires a phone number, account creation anywhere solves the problem with a human proof-of-work, the captcha. Cryptographic proof-of-work, although inefficient, is the only currently available practical means of solving the problem while maintaining the anonymity of the internet, and Bitcoin and Bitcoin's ideological parent, Hashcash, an anti-spam system which required email senders to solve the reverse hash problem, recognize this.

The Bitcoin mining system is much more than a wasteful digital shell-collecting enterprise that one might see with currencies based on rare but useless material objects. It encompasses the role of counterfeiting prevention, provides a powerful market analysis tool and offers receipt functionality (the ability to prove that a transaction occurred, as well as see the sender, receiver and value) far better than similar systems in conventional currency can ever hope to, while maintaining anonymity, and attempts to compare the inefficiency of bitcoin mining to its equivalents in other currencies, both resource-based and fiat, need to take all aspects of this functionality into account.

The next part of this series will examine just how much electricity is spent mining bitcoin, and what will happen to the size of the network in the future.

Random Articles

blog comments powered by Disqus