Fire (and lots of it): Berkeley researcher on the only way to fix cryptocurrency

By Dan Goodin

Marines use flamethrower to spectacular effect in field.

Nicholas Weaver made no bones about it: he really, really dislikes cryptocurrencies.

Speaking at the Enigma security conference in Burlingame, California, last week, the researcher at UC Berkeley's International Computer Science Institute characterized bitcoin and its many follow-on digital currencies as energy-sucking leeches with no redeeming qualities. Their chief, if not only, function, he said, is to fund ransomware campaigns, online drug bazaars, and other criminal enterprises.

Meanwhile, Weaver said, there's no basis for the promises that cryptocurrencies' decentralized structure and blockchain basis will fundamentally transform commerce or economics. That means the sky-high valuations spawned by those false promises are completely unjustified. He also said investors' irrational exuberance just adds to the unviability of cryptocurrency.

Summarizing a talk titled "Cryptocurrency: Burn it with Fire," Weaver told an audience of security and privacy experts:

In conclusion, it is a dismal space. Private and permissioned blockchains are an old idea—a good idea—just with a new buzzword on it. The public blockchains are grossly inefficient. The cryptocurrencies don't work to provide anything against drugs and ransoms and stuff like that. Smart contracts are an unmitigated disaster unless you like comedy gold. And the field is just recapitulating 500 years of failures. So in the end, the only winning move is not to play—unless you like playing with flamethrowers.

To support that conclusion, Weaver recited an oft-repeated list of supposed benefits of cryptocurrencies and explained why, after closer scrutiny, he believed them to be myths. That list included:

Myth: Cryptocurrencies are useful for paying for things.

In fact, Weaver laid out a variety of reasons why cryptocurrencies make a poor substitute for the use of payment cards, checks, and old-fashioned cash to pay for goods and services, either online or at brick-and-mortar businesses. For instance:

Cryptocurrency transactions are expensive. Because cryptocurrencies are supposed to have no central authority that can reverse a transaction, they are "fundamentally incompatible with the modern financial system." As a result, obtaining digital coin requires (1) giving an exchange cash and waiting around until the exchange converts it into dollars, (2) being given credit by the seller, or (3) holding onto cryptocurrency balances over an extended period of time and being subject to turbulent swings in valuation.

People who try to bypass the exchanges and the waiting game they require risk ending up like Apple cofounder Steve Wozniak, who last year lost more than $70,000 in a bitcoin transaction.

Not only does the buyer have to incur the the exchange fee and delay, but most sellers do as well. As a result, cryptocurrency transactions have artificially high fees built into them.

Cryptocurrencies are deflationary. That means the longer someone holds onto a cryptocurrency, the more goods and services it will buy. That creates a replay of the failed gold standard following World War I and beyond, when unbridled deflation ensued as currencies were based on fixed amounts of gold.

"In a deflationary currency, rule one is never spend your currency, lest that 10,000 bitcoin pizza fill your stomach with a Breaking Bad pile of regret a few years down the road," Weaver said. To illustrate, he displayed a slide depicting the now-iconic image the massive pile of cash accumulated by fictional meth dealer Walter White in the AMC television series Breaking Bad.

Cryptocurrencies are hard to hold. Ask just about anyone who has stored large amounts of cryptocurrency in a "hot wallet," that is, an Internet-connected computer. They will almost inevitably say their wallet has been stolen. That makes cryptocurrencies a major inconvenience and liability.

Myth: Cryptocurrencies are decentralized

In theory, there are no central authorities that control cryptocurrencies. In practice, quasi-central authorities abound. Consider the 2016 bailout of The DAO, a crowdsourced investment fund, after hackers swindled it out of $50 million worth of Ethereum. The hack exploited a loophole in a "smart contract" that was intended to use computer code, rather than a court of law, to enforce a legal agreement. Ultimately, some members of the Ethereum community voted to void the contract in a move that was at polar opposites to the "code is law" ethos of smart contracts.

Similar debacles challenging the decentralization claim have played out since. One was a bug in an Ethereum wallet platform that froze $280 million worth of the digital coin. Another example is the Augur prediction market. While billed as decentralized, it relies on people to determine is a prediction is correct. That has led to a determination that the Democrats wouldn't take control of the US House of Representatives in 2018.

Myth: Blockchains will revolutionize x

Bitcoin and most other cryptocurrencies rely on a permissionless chain of hashes to verify a public ledger of all previous transactions. The rise of cryptocurrencies has spawned renewed energy in "permissioned" or "private" chains that supposedly can be used in new ways to keep records. The problem, Weaver said, is that these chains have existed for decades in the form of hash chains and have already been used for just about anything that could benefit from it.

"For all of those who say 'blockchain will solve X,'" Weaver said. "The only thing it solves is you now know the person knows nothing about X."

What's worse, Weaver said, is that public blockchains are woefully wasteful and inefficient. Contrary to what blockchain proponents say, the requirement that many computers participate in resource-intensive "proof-of-work" computations has nothing to do with securing consensus. Instead, it's required to prevent so-called Sybil attacks that subvert a peer-to-peer system by creating a large number of fake nodes.

The result is that bitcoin and other cryptocurrencies waste what Weaver said is an "obscene amount of resources." A central authority that designated 10 trustworthy entities could generate the same blockchain with "10 Raspberry Pis using less power than an incandescent light bulb."

Ultimately, Weaver said the only things cryptocurrency is useful for paying for are ransoms and conducting other illicit transactions. He noted that, years ago, cryptocurrency advocates held up WikiLeaks and the now-shuttered adult-services website Backpage as legitimate beneficiaries of digital coins. Those arguments lost much of their weight as WikiLeaks founder Julian Assange came under scrutiny for alleged sexual assault and other alleged misdeeds while Backpage founders came under federal indictment.

And even if there were legitimate businesses flourishing under cryptocurrencies, the vulnerability digital coins face raises questions about their long-term viability. Remember the skyrocketing transaction fees that nearly hamstrung bitcoin in 2017? Attackers could touch them off again by spamming the network with certain types of bids. In the event the network implements spam filters to stop the abuse, attackers could train the filters to block legitimate transactions, a move that would effectively cause the filters to carry out denial-of-service attacks.

No doubt, Weaver's take on cryptocurrencies will touch off well-meaning dissent from crypto-anarchists, who prefer math and code to banks and governments. But for this reporter, who for close to a decade has covered digital coins from the sidelines—most recently chronicling the suspicious case of a Canadian exchange claiming it lost $137 million of customers' holdings—the talk was confirmation bias in action. I've long felt a growing skepticism about the promise or benefit of cryptocurrency. Now, I know why.