Can money ever be fully trustless?

Bitcoin was founded on the idea that we should be able to have and hold money, as well as make transactions with it without having to rely on a centralize infrastructure such as the banking system. With fiat money, unless you are dealing in cash, you cannot make a payment to another person without at least one bank, usually two, getting involved in that transaction. For example, I write a twenty-five Dollar check to my babysitter. She takes the check and deposits it into her bank account. Then the check amount is debited from my bank account. If she never took the check to her bank, it would be as if I never paid her.

For the most part, this system works fine. However, it is based on the fact that both I and my babysitter trust that our banks are going to make good on the transaction and continue to exist. We also assume that the banks are handling their assets responsibly and are not in imminent danger of failing. If a bank should fail, then we also trust that the government FDIC system will reimburse all its account holders as promised. In other words, having, holding, and dealing with fiat currency involves trusting in a lot of people and institutions along the way.

People in the US learned during the Great Depression and more recently, in 2008, that the trust we place in those institutions isn’t always well founded. I’m sure it’s no coincidence that Bitcoin was launched in 2009, just one year later. With Bitcoin you don’t need any kind of centralized institution. I have a wallet; you have a wallet. As long as I know your address I can send you funds directly from my wallet to yours and no one else needs to be involved. That is actually technically not true, as it does take the miners running the network to actually confirm the transaction; however, the network is not centralized and it’s going to be a random miner whose machine deals with that transaction. It’s done automatically, with no need for a human to actually know what’s going on. The only human beings who will have any interest in my payment to my babysitter will be me and the babysitter. It’s just numbers for everyone else.

The essence of trustless money is that there is no need to trust any intermediaries to do the right thing in order for your money to be safe and make it to its destination. The network itself is decentralized such that one individual cannot significantly impact it in a detrimental way. There are amazing technical ways to make this possible and the technology has truly come a long way since Bitcoin was launched. In fact, Bitcoin is already starting to look like a dinosaur in comparison to the new developments.

Trustless money is definitely possible from a technical standpoint. My question, though, is given that human beings are the end users, is trustless money really possible, or practical?

The first thing everyone needs to know about trustless money is that it is completely up to you to keep your money safe. There are two main ways that you can lose all the money in your wallet. The first way is if you lock your QT wallet with a password and lose it, and you also did not record (or you lost) the private key for each address in that wallet. If I lose my password to my online fiat banking account, there is a way to reset the password through the website and no other human being sees either my old or new passwords; in other words, the data is fairly secure, but if I lose my own keys, I can easily get new ones which will also work.

But if I lose my wallet password and the private keys to my wallet addresses, then I have lost my money. It’s the same thing as losing a physical wallet loaded with cash in a bad neighborhood. It’s gone, the only difference being that at least the bad guys can’t access the funds either.

It’s not particularly complicated to keep a record of things like wallet passwords and address private keys. One could store that information on a flash drive kept in a special place. One could keep an updated hard copy of the information in a special place. One could also use a service such as Last Pass to store all that information. Naturally, one would want to keep such important information in more than one location, in case one location burns to the ground. For example, I keep a copy of this information both at home and at work. The important thing is you don’t want to lose the information ever. You also want to be able to access it relatively easily. You need that wallet password every time you want to send money out of your wallet.

The other way you can lose all your wallet funds is if some malicious person somehow gains access to your wallet password or your address private keys. If they know your wallet password and have access to your computer, they can empty it out directly. If they know your private keys, they can import your addresses to their own wallets and then empty them out. Either way you lose.

The more convenient it is for you to access your own wallet, the easier it is for someone else to steal the information. For example, let’s say you keep a file on the same computer that has the wallet password. This makes it very easy for you to input the password as needed. But it also would make it easy for someone else to do the same if they gained access to your computer. If you store the information on a third party password service, and someone gains access to your account, they could steal the information that way. The less convenient you make accessing your password (such as you have to dig up the hard copy and then type in each character), the safer it will be but also the more of a pain it will be for you to just use your wallet. Good security is always going to be a trade-off between end user convenience and restricting ease of hacking and other types of thieving.

Each end user is going to come up with a different happy medium between their own convenience and making theft difficult for someone else. The main point here is that it is up to each end user to take full responsibility for protecting their own funds. In the fiat world, that is taken care of for you if you have a bank account. The bank assumes responsibility for keeping cash and physical assets safe (bullet proof glass, heavy duty safes, etc.), as well as for keeping its website secure for the customers. Most people do not use their own computers in a way that places security front and center. The keeping and protecting of wallet passwords and address private keys are only the most basic precautions. There is also the matter of secure Internet channels, antivirus software, firewalls, and all kinds of things most people don’t even know about. Taken together, those things are not cheap.

I remember a recent time when someone’s Diamond wallet got hacked and emptied. Since the breach was not the result of utter stupidity on the wallet owner’s part, the Diamond community came together and helped the guy mitigate his losses. I sent a small contribution to that end and am glad to know that the community would do the same for me. After that incident, people started recommending that you only run one wallet on each computer. The reality is that some cryptowallets do contain malware which can harvest sensitive information such as passwords and private keys from other wallets. The recommendation makes sense, but if I’m going to run five wallets, then that means I need to own five different computers. Some wallets can be run off Raspberry Pi computers, which are much cheaper than laptops, but there is a learning curve in learning how to use them. They do not run Windows! But even if you do know how to program a Raspberry Pi, that is an outlay of $50 to $75 for each wallet. That introduces a new element of risk into your cryptocoin wallet. You would need to have the confidence that you will at least make that cost back.

Besides security, to be your own banker, you also have to assume all responsibility for maintenance of your wallet. That means you have to keep up with the latest wallet upgrades and if your copy of the block chain gets corrupted in some way, then you have to take the time to download the entire block chain all over again. That can be an extremely time consuming process, and you are not able to make transactions through your wallet until the process is complete. The older the coin is, the longer it takes to download its block chain.

Fortunately, the wallets themselves are designed by the coin’s development team, so at least you start off with a working product (most of the time). But it is up to you to keep that wallet updated, to know about forks and how to deal with them, and other bits of technical knowledge for running your wallet. A good coin will only have occasional forks and mandatory wallet upgrades. However there are some coins which have nearly constant upgrades and forks. Sometimes there are very good reasons for this; other times it simply means the development team is not very good at building good wallets. If the reason for all the wallet drama is the latter, then you need to seriously consider dumping the coin.

This brings up a very important point, which is that a coin is only as good as its development team. If a coin loses its development team, it is going downhill fast and you’d better dump it. If the development team is not as technically competent with the coding as needed, you will be running a buggy wallet that will probably need to be upgraded often and the coin itself may fork often. Other issues that can happen with the development team are all the human ones. Perhaps they begin to fight among themselves; perhaps they can’t agree on the next step in the coin’s development. Sometimes these issues can be resolved in a professional manner; other times they can’t and the coin suffers.

The need for a development team is probably the biggest reason that truly trustless money isn’t actually possible. No matter how decentralized your wallet and transactions are, ultimately the coin you choose to use is at the mercy of its development team. A development team can be as small as one or two people, and some coins have been one man shows. You’re actually placing a huge amount of trust in a very small group of human beings under these circumstances. Even the trust we place in the fiat world is spread out over a much larger pool of human resources.

While many of the early adopters of Bitcoin and other altcoins are quite computer savvy and have no problems with handling wallet security and maintenance or in downloading large block chains, most currency end users, even if they do know how to do all those things, would rather not. For this reason, no matter what the coin is, if it looks like it might succeed, it does not take long for people to develop online services to take that burden off of people. For example, I personally consider the Bitcoin block chain to be way too big for me to want to download and store on my computer, so I have not used a desktop Bitcoin wallet in over a year, probably closer to two years. Instead I use online services such as Coinbase and CoinWallet to store my Bitcoins. If a particular coin does not yet have an online wallet, often a good exchange site will serve that purpose temporarily.

The online services are great. If they are reputable, they assume the responsibility of security and maintenance for all their users. This is great for the users, but… it is no longer trustless. When you use an online site to store your coins, you are placing your trust in the people who run that service to keep your coins safe and not steal them, just like you currently trust the people who run your fiat bank.

Besides people choosing to use online services instead of trying to take care of all the details of being their own bankers themselves, there actually are coins designed with centralization of that sort in mind from the beginning. When Josh Garza first came out with his cloud mining site, and later Paycoin, he recognized something important about human nature. People will not adopt a new coin or even a new payment system unless it is convenient for them. The vast majority of end users are not going to want to deal with the hassle of desktop wallets. For this reason, Garza kept Paycoin minting centralized. Yes, the QT wallets could mint, just not at the stellar rates which could be obtained through Zen Cloud. Later one, when the Microprimes stopped working, rather than taking the time to repair them, the new Paycoin team instead told everyone to mint their coins on a different centralized website. I sure found it easier to use than the Microprimes while it lasted.

Neucoin was also designed with centralization in mind. Anyone who wanted to participate in the initial games or Jango tipping that Neucoin provided need to have a verified wallet. Since the Neucoin team supposedly manually verified my wallet but never flipped the switch from “unverified” to “verified” on my account, I cannot participate in any of the games and other ways to earn coins that rely on a verified account. Furthermore, the minting algorithm for Neucoin ensures that minting can only happen reliably for very large balances. The only way for small balances to mint is for people to pool them or just use the Neucoin centralized platform and set aside coins to earn a guaranteed rate of return after a set period of time. Minting pools such as CoinWallet are another option, but again, you’re getting away from trustless.

When it comes to my own funds, I use a combination of my own desktop wallets which I take full responsibility for and online wallet services. The main wallet I run on my computer is my Diamond wallet, because it is so well designed that I can open it, unlock it for minting, and basically forget about it. It mints like clockwork and I can easily send funds out of it should I so desire. I used to also run my Paycoin wallet until the Microprime quit working. Then my coins went to to mint until announced its closure and released my coins. At that point I sold them and I no longer own any Paycoin. I also used to run a QT wallet for my Piggycoins. Then I had to repair the wallet by downloading the entire block chain which took two days. At that time I discovered CoinWallet and have been happily minting my PIGGY there ever since. I also mint a small amount of Neucoin there. The really great thing about it is that I don’t even have to log in and the coins mint. The downside is that CoinWallet could go under or steal all my coins one day. As far as I can tell, though, they are an honest service.

In conclusion, although it is certainly technically possible to have trustless money, because of the way human nature works, we are a long ways away from it being used across the board. Cryptocurrency provides some very innovative specific applications where the need for trust can be removed from certain aspects of financial transactions or even contracts. Overall, however, most people are going to prefer to deal with more centralized entities which they believe can be trusted, because using those services is ultimately more convenient and less expensive for the end user.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *