Ensuring Bitcoin Fungibility in 2017 (And Beyond)

rubber-duck-e1482876740287
28 December 2016

David Vorick is a Bitcoin Core developer, former IBM software developer and the co-founder of decentralized cloud storage platform Sia. 

In this CoinDesk 2016 in Review special feature, Vorick tells us why ensuring fungibility remains a top priority for bitcoin developers entering 2017, and how 2016 increased awareness of what he argues is a pivotal issue.

coindesk-2016-review

rubber, duck

Fungibility, put simply, is the idea that every item in a set is worth exactly the same amount.

In bitcoin, fungibility means that all bitcoins have the same value, regardless of who owns them or what their history is – and fungibility is extremely important to the success of a decentralized network.

To understand why, we have to analyze how bitcoin’s current limited fungibility is creating real problems in the marketplace.

For example, it’s common for exchanges and merchants to discriminate between bitcoins based on the owner or their history. An example is that exchanges will attempt to block bitcoins that have been stolen, especially if the theft was well publicized.

Other points of discrimination can extend to include bitcoins associated with drugs, gambling and other societal vices. But it’s important to note, this can happen even in cases where the owner of those bitcoins hasn’t engaged in any such behavior.

In short, the problem can be summed up like this: bitcoins with clean history can be accepted everywhere, while coins with dirty history can only be accepted in places that aren’t performing strict background checks.

Fair trade?

The problem is not that the merchants are rejecting bitcoins associated with unfavorable activities, the problem is the effect that it has on everyone else.

When performing a trade, dirty bitcoins are less valuable than clean coins. That means that everyone needs to know when they make a trade whether the bitcoins they will be receiving are dirty or clean, because that impacts whether they are getting a fair trade and whether they will be able to spend them or cash them out through the typical avenues.

The only way to know that your bitcoins are clean is to go to a centralized service and ask for a background check. Suddenly the value of your coins is being decided by a centralized party (something that many would argue runs directly against the core values of the bitcoin project).

Every platform accepting bitcoin could implement different policies for deciding which coins are clean or dirty. And exchanges in different legal jurisdictions (US, China, India, etc) are likely to have different policies.

The bitcoins worth the most money would then be the bitcoins accepted everywhere (which would only be a small subset of available bitcoins).

This means it’s not enough to just ask one exchange for a background check, you have to ask every major platform whether or not they think you have clean coins. And a platform doesn’t think that you have clean coins, their decision reduces the value of your holdings regardless of whether you actually use that platform – your coins cannot be traded with any of the platform’s users.

Worsening situation

2016 has increasingly seen bitcoin fungibility come under attack.

Blockchain forensics startup Elliptic was able to raise $5m for the purposes of identifying illicit bitcoins, while exchanges like Coinbase have become increasingly strict about accepting coins with known fringe histories.

So fungibility has been damaged, though not yet enough that people feel like they need to consult blacklist services before accepting bitcoins.

That day is getting closer, though, and when it arrives it will be a massive blow to the whole bitcoin ecosystem – the need to consult a blacklist service is the need to ask permission to use bitcoin.

It will mean that bitcoin has become centralized.

Because any platform in any jurisdiction can damage fungibility by choosing to discriminate between coins, most fungibility improvements come down to privacy. The best way to protect fungibility is to ensure that there’s no way to tell the difference between two coins, regardless of the actual history of those coins.

Solutions

2016 has seen a lot of momentum in this direction, with many of the improvements on track to become available to the general public in 2017.

Below is a list of the most exciting things happening with regards to fungibility.

Lightning Network

Most transactions today in bitcoin go onto the permanent public ledger, available for anyone to scrutinize.

Lightning changes this equation by allowing strangers who have never met to transact without ever making a transaction on the ledger – instead doing everything off-chain through the Lightning Network.

The number of open-source Lightning implementations increased substantially in 2016, with the total number now somewhere between five and 10. This list includes implementations from Lightning, Blockstream and MIT.

Though no solution is yet ready for the masses, there has been major progress, and several implementations are promising basic releases in 2017.

Most of the existing code depends on Segregated Witness (SegWit) activation, however. Provided SegWit succeeds, 2017 should be the year that you are able to try out bitcoin’s Lightning Network for yourself.

TumbleBit

A research paper for a new tumbling service was released in early 2016, TumbleBit is unlike existing tumbling services.

This was a big leap forward, as it provided tumbling service that could not scam its users, and also could not de-anonymize its users. In short, a major improvement to existing tumbling strategies.

More than just a paper, successful tumbling operations have been submitted over the live bitcoin network.

TumbleBit is not something that you can use today, however, but a command line release is expected in early 2017 and a user-friendly graphical release is expected mid year.

You can expect 2017 to be the first year where bitcoin can fully support large scale, anonymous, secure tumbling operations, and that’s exciting.

Zcash

Long awaited, October 2016 finally saw the release of Zcash, a cryptocurrency in pursuit of the holy grail of fungibility.

zkSnarks, the technology behind Zcash, make it possible to achieve true fungibility, where every single coin looks identical to every other coin. The issue is that only recent computers are powerful enough to perform Zcash transactions, and there is uncertainty that the cryptography will hold up against further scrutiny.

Still, 2017 is likely to see improved performance, reduced computational requirements, and quite possibly improvements to the cryptographic protocols.

The progress that Zcash has made so far is a huge benefit to the cryptocurrency ecosystem.

Monero

Monero is a cryptocurrency with a core focus of fungibility, and its greatest strength is perhaps its philosophy, which holds that fungibility is strongest when everybody is forced to use private transactions.

Monero essentially acts as a giant on-chain coin mixer, with every single transaction participating in the mixing. This has a huge advantage over traditional mixers, as people tend to only mix their coins when they have something to hide (meaning that it’s often reasonable to assume that coins are dirty merely because they’ve been mixed).

With Monero, that assumption is invalid, because all transactions contain mixed coins. Due to this philosophy, and due to the large number of users, Monero is perhaps the most fungibile cryptocurrency in the ecosystem, outperforming even Zcash by this attribute.

2016 saw a huge rise in popularity for Monero (placing it as the most valuable privacy-focused cryptocurrency), and saw the creation of a new protocol, RingCT, which combines Monero’s traditional output mixing with the ability to disguise the value of the coins being spent.

A hard fork in early 2017 will introduce RingCT into Monero, further enhancing the privacy and fungibility of the cryptocurrency.

Coming soon

Elsewhere, 2016 has seen massive progress in the direction of privacy and fungibility.

JoinMarket, which has been under active development by multiple developers throughout 2016, is working to provide a decentralized tumbling service. Further, 2016 saw the introduction of the MimbleWimble protocol, which would allow historic transactions to be removed entirely from the blockchain.

Progress was also made on privacy-improving technologies like MAST and Schnorr signature aggregation.

It’s believed Schnorr signature aggregation will allow multiparty signatures to appear like single-party signatures, while MAST will allow highly complicated scripts to appear like less-complicated scripts.

Client-side validation is an off-chain scaling technique which improves both privacy and scalability, allowing both the blockchain history and the blockchain state to be pruned, exposing tiny pieces only to those who need to see them.

Each of these improvements is good for fungibility, and each is being actively researched or developed.

With this in mind, it’s safe to say that fungibility research is very active today, and is likely to produce exciting new technologies in 2017.

Rubber ducks image via Shutterstock