Open in app

Sign in

Write

Sign in

Satoshi Paper's careful border

Shin'ichiro Matsuo
10 min readFeb 9, 2018

Two huge incidents show lack of understanding in securing system.

Though Japan is known to have a diligent nationality and they accurately operate systems in general, the second huge incident at cryptocurrency exchange occurred which followed to Mt. Gox incident in the country.

The mechanism of the CoinCheck incident is not disclosed at the time of writing this article. Some news says that there were fundamental defects in its key management. However, I think that the essential thing is, there are blockchain companies which do not understand precondition of system security - what blockchain technology realize and what it does not realize. Hence, such important knowledge is not informed to consumers and users. If there is an advertisement to claim sufficient security even in such case, the business is not qualified to operate. I would like to describe what original blockchain achieves and what is out scope in this article to have essential understandings of blockchain security.

What Satoshi paper says and what do not

The technologies of many public blockchain based projects (from now on, I focus on public blockchain) are based on logic and algorithm described in Bitcoin paper by Satoshi Nakamoto (2008). In this paper, the proposed technology is described as follows.

An electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.

In this paper, we propose a solution to the double-spending problem using a peer-to-peer distributed timestamp server to generate computational proof of the chronological order of transactions.

Satoshi paper describes the technical realization of above and its self-evaluation. However, it does not claim anything other than them. That is, Bitcoin is a payment system to prevent double-spending without a trusted third party. It is not another thing. The sentences and words are carefully chosen. I will describe the reason why Satoshi chooses the word "payment" in a later section.

There is no description of the existence of exchange in the Satoshi Paper. The author(s) claims that the proposed scheme works as a payment scheme to prevent double-spending only when everything is concluded by Bitcoin. The paper does not describe other claims. In other words, exchange among Bitcoin and fiat currency is out of scope, and the paper does not mention anything about the sureness of the technology for such application. Hence, it does not show the risk of applying Bitcoin technology to such environment with considering fiat currency.

The other thing which the Satoshi paper does not explicitly describe is key management. The paper has implicit assumption that every participant manages cryptographic key securely. It is usual that designers and evaluators of cryptographic protocols like me implicitly assume that cryptographic key is securely managed, then do not describe on this in the paper. It often occurs that a developer does not implement secure key management mechanisms because she/he does not know that implicit assumption and it is not explicitly described in the paper. For example, many implement related vulnerability of SSL/TLS cause from the ambiguity of IETF RFC document. Of course, we should manage cryptographic keys securely in blockchain system. Unfortunately, there is no standard of the key management framework for blockchain based systems, but we should deeply read NIST SP800-57, which describes the general concept of key management, key lifecycle management, operation and technical realization. In the case we use hardware wallet, there is a validation framework of implementation, which is called CMVP (Cryptographic Module Validation Program). We should not focus on the narrow discussion like a combination of hot wallet and cold wallet, and multi-signature, but should have key management system and framework based on existing ones. Otherwise, exchanges misunderstand that it is fine to implement only some technology alone, it is insufficient for sustainable security. At this time, we need to discuss based on current standards for financial systems; then we should add more blockchain specific standard when needed.

We should be aware that, needs of key management implies we should manage server machine and devices to resistant to cyber-attack. This is the same both for exchange and consumers' PC. That is, if we act in the Satoshi's world (and other similar world based on cryptography), strict actions against cyberattack are required even for general citizens. Though the cost and obligation are not described in Satoshi Paper, we need to aware them.

Payment and Settlement

I wrote that the claim of Satoshi Paper is only payment scheme. I would like to consider the difference between payment and settlement. These two words are a bit confusing but have different meanings. Roughly speaking, payment means ordering transfer some value, and settlement means completion of the transfer. When we use cash, the payment and settlement are conducted at the same time. When we make a wire transfer, we firstly make a payment as an order; then settlement happens using bank network.

When we carefully review the Bitcoin protocol, the data recorded in the block is an accumulation of payment with keeping time-wise order. I think this is the reason why Satoshi choose the words "payment system." If all thing is conducted by Bitcoin transactions and the possibility of the overturning of blockchain is negligible, we can consider the accumulation of payment records as evidence of settlement. However, at this time, we cannot finalize all value transfer in the real world only by Bitcoin, and we have to have an interface to fiat currencies. Most people and nations actually need settlement in the fiat currency world. But, Bitcoin protocol does not have the functionality of settlement in the fiat currency world, it needs additional settlement functionality outside of Bitcoin world. This is the true nature of the exchange.

In theory, Bitcoin protocol has a quite small possibility of the overturning of the blockchain. Security of underlying cryptography and key management issue can cause a problem even in the payment functionality. Bitcoin also asks all participants additional operational cost. But, the merit of Bitcoin blockchain is making "payment" public verifiable without a trusted third party in the payment functionality. We need to seriously recognize that Satoshi concentrates on the payment.

In the Satoshi Paper, the word of "currency" is not used to explain the proposed scheme. Thus, formally, it is not accurate to explain Bitcoin as a cryptocurrency. Unfortunately, "Cash" is used in the title of the paper itself, and this is the main reason to make people have more expectations than the paper claims to Bitcoin. However, when we consider the trust model of the Satoshi Paper, if all things are closed in the Bitcoin world, this word choice is considered the expression of a philosophy that it can be treated as cash - the mean which has both payment and settlement functionality. Note that, still, in this case, exchange to fiat currency is not considered.

Border to keep "Without Trusted Third Party."

I would like to think more deeply about what Satoshi paper shows. This is related to "Decentralization" which is the most important catch copy of blockchain, "without trusted third party" from the Satoshi's word. It is, of course, quite an important word for blockchain enthusiasts. But, it is important to think about border which Satoshi indicates in the paper, to clarify the area we can make things decentralized.

Satoshi Paper claims the border of "Satoshi's world" such that all things go well within the functionality of payment and preventing double-spending. However, this paper does not claim anything about what happens outside the border. This is an essential point. As I wrote above, the exchange is the outside of the border of Satoshi's world. Additionally, the claim of the Satoshi Paper is thing go well without trusted third part only for the business logic of "revising the ledger of payment." That is, any other business logic is also outside of Satoshi's world. Satoshi shows only the trust for the calculation of "Renewing accumulation of payment data," and there is no guarantee of trust and credit (slightly different from "trust") for other business logic and soundness of business.

It looks that many blockchain based projects do not distinguish inside and outside of the border of Satoshi's world - what is realized inside the border, what kinds of efforts are needed to keep the Satoshi's world sound, and outside of the border is not verified. Thus it is quite a dangerous world. I research blockchain with expecting tons of innovation will be produced over blockchain. At the same time, we need to be quite cautious on where is the technically verified border, if we are inside or outside of the border, and if the technology is confirmed and secure in the case we are outside of the border.

Challenge to create new trust model

We see a statement that "This is the problem of exchange and independent from the sureness of blockchain technology." From a technology point of view, this is correct, and such unbundling of stakeholders gives us much merit. This is the reason why we conduct research and standardization. On the other hand, there arises some doubt with considering about business perspective. Bitcoin public blockchain protocol provides a certain amount of sureness of processing accumulation of payment orders, but we need an external organization like an exchange to provide settlement functionality to realize real-world settlement. Most of all blockchain based projects monetize their business by the existence of the exchange. If there is no exchange, most of all blockchain based project might not begin. At this time, if we would like to build a business ecosystem with having an interface to the real world, we should discuss the security of entire blockchain ecosystem including the exchange. If we would like to isolate the Bitcoin blockchain layer for security analysis, all economic activities including tax, police and army cost, all social and public costs should be managed over blockchain, and things should be concluded within the world of cryptocurrency. This situation might be realized in the future, but current technology and trust model is different.

We should discuss trust model first - assumption that A honestly acts according to the rule, but B might behave maliciously - for both inside and outside of the border to start a business and monetize by using blockchain. Otherwise, we cannot define the protocol participants and protocol itself; then we cannot design the required security functionalities and their realization. Again, Satoshi Paper does not claim anything about what happens outside of the border. Hence, we cannot justify the sureness of the trust model based on Satoshi Paper, once we go outside of the border. Though we might refer the paper, need a discussion on a new trust model.

One of the goals of blockchain ecosystem is expanding Satoshi's world. This is reducing the area of applications which need trusted third party like Certificate Authority in Public Key Infrastructure (PKI), expanding the area of applications without trusted third party and single point of failure from payment and, as the result, we can process things without trusting a specific organization like exchange in many applications as possible. We need to expand the border carefully and step-by-step manner to realize it. In the real world, the expected trust models look like a spectrum. Therefore, we need to try to design a public blockchain technology which has some flexibility in trust model, then carefully expand the Satoshi's trust model in the mathematical sense to realize the democratization of innovation from public blockchain. The DAO case in 2016 is caused by carelessness in this expansion of the border and resulted in a possibility to lose $50M. Most of the current Bitcoin ecosystem with exchange step over the border of the Satoshi's world. Even if we imagine many innovations over this situation, it is not a sound and careful expansion of the border. The needed work is expanding the border as new trust models. Ethereum team is working on this, and there was a presentation to expand the Satoshi's border in BPASE 2018.

Things to keep in mind on blockchain ecosystem

It is not well known to general persons that Satoshi Paper is not peer-reviewed. That is, it is published without verification of correctness by experts. Currently, many researchers are conducting verification of what the paper claims. The security of the proposed technology by the Satoshi Paper is not finally verified. This is the things inside the Satoshi's world.

Moreover, most of the real-world blockchain businesses and ecosystems step over the verified border. If such project collects citizen's money as a business, careful verification on the area outside of the border. Qualified technologies, matured engineers, security experts and operations by a professional team are needed. We should note that such experts are quite limited and quite hard to find even if paying a huge amount of salary.

When we focus only on technology, security of blockchain system cannot be realized by a business idea, philosophy, and passion. The discussions and verification should be based on information mathematics because the blockchain business is executed by program codes. This discussion is quite complicated, and we need deep understandings that it is quite different from simple web applications. Serious preparation for cryptography, security and financial system is required. There is a good "fail-fast" culture to find better service from many fails. This is great away to refine the user experience. But, this is not enough to deal with financial systems. The project needs to pay attention to where the technology guarantees and where it does not with adding security expert. Otherwise, the project should be an experiment by donation.

We also see the statement as "Cryptocurrency will fail, but blockchain is promising by extensive future research and development." I do not know the statement is true, and I'm working for the future of blockchain technology including cryptocurrency. I need to say that "extensive future research and development" is quite a persistent effort and takes time as I wrote above. Though the unbelievable amount of money is invested in blockchain startups, the budget for such fundamental research is not sufficient. Persons who conduct such research is sometimes Ph.D. and faculties hired by governmental budget (it is a bit different from decentralization). The future of blockchain depends on them. If many persons in blockchain ecosystem think that progress of technology is available free, the blockchain ecosystem is not sustainable, and it cannot be a social foundation. The timing of CoinCheck incident is good for reconsider to have a sustainable, and win-win-win ecosystem for all stakeholders in this world.

Acknowledgement

I would like to thank Prof. Tetsutaro Uehara, Mr. Nat Sakimura and Prof. Shigeya Suzuki for many insightful comments.

Blockchain

--

--

Shin'ichiro Matsuo

Written by Shin'ichiro Matsuo

503 Followers

Research Professor at Virginia Tech and Georgetown University

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams