The Decentralized Mystique

Today a team of data scientists release, and the New York Times reports on, what may be the most important piece of academic research yet on Web 3.

We expect headlines to focus on the more explosive potential implications of linking together many pseudonymous Bitcoin addresses. Yet, the real import of the paper cuts deeper and reveals more: We read it as showing that decentralization was more an ideology than a property of the Bitcoin technology in its early years.

Jaron Lanier is a technologist, artist and composer and is widely considered the father of virtual reality. He will appear at Consensus 2022 this week. E. Glen Weyl is a founder of the RadicalxChange Foundation and co-author of Radical Markets and “Decentralized Society.” While both work for Microsoft, neither speaks for the company.

The paper combines a variety of clever address-linking techniques similar to those offered commercially by firms like Chainalysis and Crystal Blockchain, together with approaches focused on identifying miners, to link more than 99% of Bitcoin addresses from the network’s inception in 2009 through 2011 back to unique individuals (and in some cases their legal names). While the study does not focus on identifying such names (except in two cases where they were already known), it shows enough about methods used that we suspect these will eventually be used to bring significantly greater transparency to the previously obscure founding figures in the community.

More deeply, they reveal several important properties of the early Bitcoin network, such as the finding that 64 agents (fewer than a thousandth of previous estimates based on counting addresses) mined a majority of BTC in this early period and that 51% of attacks could typically have been conducted by small groups of individuals (usually around five), including a single individual for significant periods. (In such attacks, a miner or group of miners obtains control of a majority of the network’s computing power and uses it to reorder, reverse or block transactions on the public ledger, usually to defraud other participants.)

Furthermore, in contrast to the self-image of Bitcoin as a global, open protocol, usage appears to have flowed through social networks connected to these initial pioneers in a manner like other nascent networks, from the early internet to Facebook.

The immediate implications for the ecosystem should be obvious. The researchers find that nearly all transactions through the end of 2017 can be traced to Bitcoin addresses associated with this initial group of 64 agents by a small number of hops (four to six). It is well-known that identified seeds can usually be traced over such short chains, and so we expect the researchers’ findings to quickly undermine much of the pseudonymity of Bitcoin if their methods are replicated and widely applied.

Furthermore, it seems unlikely that the researchers are the first to achieve this conclusion about the small number of early miners; it is plausible that organizations like the National Security Agency, China’s Ministry of State Security and Israel’s Unit 8200 have long had access to this information and chosen not to reveal this capability to preserve the mystique of pseudonymity and the assumed-private financial records it gives them access to.

The new findings have the potential not only to undermine the (limited) remaining privacy reputation in the Bitcoin network but more broadly, to have reputational spillovers to many cryptographic protocols used in Web 3.

Yet, the paper’s most important implications are more profound, if less sensational.

First and perhaps most importantly, it is one of the first papers emerging from the mainstream of academic research to directly speak to issues at the core of Web 3.

While protocols like Algorand, Avalanche and Stellar and techniques like quadratic voting have emerged from academic work, the relationship between academia and Web 3 has been much more distant than in other fields of technology, such as the original internet and artificial intelligence, where the academy was central to the development. We hope that this paper will help usher in a new era of serious academic work on and engagement with Web 3, which we believe is critical to achieving the promises and avoiding the perils of the space, in ways partially highlighted by the paper.

It is disappointing how long it took for the paper to be published; the primary findings of the piece were shown to us more than two years ago, and the academic review process slowed their reaching the public. In such a fast-moving space, academia must learn to keep up or become irrelevant in a way that is dangerous in that it allows technology to run far ahead of scientific understanding. We figured that out with COVID-19 and must port the lesson to rapidly emerging technologies that pose just as great, even if less obvious, threats.

Second, we take from the paper that many, spurred by overblown rhetoric in the space, have dramatically overestimated the power of technical solutions on their own to ensure the security and privacy of sociotechnical systems. While cryptography and consensus mechanisms have an important role in complementing other protections, they are usually quite fragile on their own, untethered from laws, social norms, institutional reputations, etc.

In this instance, Bitcoin seems to have, in sharp contrast to its common reputation, become something of a perfect tool of state surveillance, revealing activities that many users believed to be protected by pseudonymity to sophisticated state security agencies while hiding transactions from communities of peers such as other developers, friends or community credit unions that would have been better placed to monitor them in context.

More broadly, we are generally suspicious of approaches that attempt to remove the need for intermediate institutions and forms of organization by relying on global protocols: “Global states” are usually entry points for nation-states.

Third, the paper undermines not only the mystique of pseudonymity around Bitcoin but also the mystique of (technical) decentralization. It was not technical decentralization that sustained Bitcoin, but rather the decision of a small number of people, who seem to have known each other (through cryptography conferences and online forums) and their roles, not to attack the system.

What motivated this “altruistic” behavior? We believe that two interrelated causes are likely: the potential of financial gain in the future if the system was seen as never failing and a vision of technical decentralization that the early leaders wanted to see tried at scale.

We thus believe decentralization functioned not as a technical property of the system but as an ideological inspiration and foundation of power. Such (often false) myths have long been the foundation of a range of social movements.

Many dispute the historical existence of a man named Moses or his capacity to part seas, but few doubt the power of his story to ensure the survival of the Jewish people through thousands of years of tribulation. Yet, what is supremely ironic is that as a myth, “decentralization” aimed precisely to avoid traditional institutional ties and to provide, instead, guarantees; as we see it, the myth of decentralization instead provided a perfect foundation to replicate what it meant to supplant.

Finally, the paper points the way to what may be necessary to make decentralization work in technical design and practical application rather than mythic imagination. Bitcoin, like other technological platforms, exhibits network effects. Network effects spread through … networks. They are not the global open systems they purport to be. Thus, if they are engineered to privilege early adopters they will replicate the vast, arbitrary and oppressive inequalities of other technological systems that gave outsized power to early participants.

Other approaches to decentralization, such as the original internet, “webs of trust” and recent manifestations such as the Spritely Project, have attended to and directly tried to offset the power concentrations that come with network-based spread of uses. Meaningful decentralization requires awareness of and deliberate countering of “network power,” not an assumption that simplistic “openness” will achieve it.

Decentralization has long been the central dream of the internet. It was at the core of the pitch that computer scientist and psychologist J.C.R. Licklider made to the leaders of the Department of Defense’s Advanced Research Projects Agency (ARPA) to avoid disruption from Soviet nuclear attack when he founded the ARPANET, which evolved into the internet.

At various, often fleeting, moments decentralization has been achieved by concerted and often centralized efforts to invest in it. But lasting decentralization won’t spring from brilliant lone hackers and financial speculation; it will come from broad public interest, awareness and a range of legitimate institutions working to make it happen, even at the expense of some of their power, to avoid outcomes (such as cyberattacks parallel to the Soviet nuclear attacks of yesteryear) they fear.

Our fondest hope is that the hype around Web 3 can combine with academic work like this paper and public concern about the concentration of power in technology and authoritarian governments to make decentralization a more stable reality.

What the new Baylor Bitcoin study really says (and what it really doesn’t) about Satoshi & Co.

The paper makes no claims about the Bitcoin network today, more than a decade after the end of the period analyzed. But it underscores well-known and longstanding privacy challenges.

UPDATE (June 7, 13:47 UTC): Strikes "new" from description of address-linking technique focused on identifying miners; Sergio Demian Lerner discovered the "extranonce" method in 2013.