Regulating Bitcoin by Mining: The Regulator-Miner Attack
What should regulated Bitcoin look like? This is a difficult — perhaps premature — question and is fertile ground for discussion. Agnostic of whatever policy will be implemented, the regulating body must get buy-in from users and developers to adhere to their regulation. The key to establishing Bitcoin regulation lies in mining.
As a brief review, let’s define where we are today. Currency is anachronistic. Currency has both a physical token (cash) and an internet-based bank-backed transaction network. Banks fundamentally centralize currency supply which makes it easy for government to enforce banking regulation on users. The banks themselves eschew regulation by becoming ‘too big to fail’. Physical tokens enable much greater transactional anonymity and freedom, making them superior for certain uses. However, the usefulness of physical tokens as an asset class are limited both in the sense that physical tokens are difficult for individuals to secure and the government can discourage their use by placing large penalties on using them in proxies for undesired behavior (such as flying with more than a small amount of cash).
In order to figure out how this buy in could occur, let’s go through a simplified narrative of the current state of affairs. As an idealized start, let’s assume that what government really wants is to prevent and control criminal activity, finance public prosperity, ensure economic growth, and ensure domestic security. Control over the money supply seems essential to that end. At its core, irrespective of transactional medium, the government really only cares about the above stated goals, not how they were accomplished. If a totally anonymous system could meet the needs of the system, it should not only be allowed, but encouraged. In other words, this model of government evaluates policy on the merits of efficacy and protection of individual rights, not legacy compatibility, ignoring established structures to a certain degree to incorporate new technologies which better accomplish the higher level goals.
Bitcoin has caught the attention of the world’s regulators and policy makers. It has the potential to establish an uncensorable financial transaction network, lessening the grip government has on money. This frightens regulators; there is no clear model on how to achieve the high level goals with such a network. To make matters worse, a lot current users seem to be involved in operations the regulators fear, such as money laundering, black markets, and financial scams. Many vocal advocates for Bitcoin brush off the concern, declaring that this is the point. Many Bitcoin enthusiasts decry these dark uses and focus much more heavily on what Bitcoin could do for the developing world, but they aren’t loud enough. As a result, regulators focus on the illicit uses.
This is the current state of affairs in a nutshell. From here, I’ll depart a little bit from the present and move into a theoretical discussion on the future.
If the ‘regulator-friendly’ Bitcoin advocates can’t find their voice — and I don’t have confidence they will, at least relative to other voices — the regulators will decide to make Bitcoin difficult to be legal. They will not make it strictly illegal, but hard enough to counter the benefits of such a system. Consumer adoption will flounder as a result, illicit adoption will not. Illicit users were already breaking the law, this will not stop them. Failed cursory attempts to make the system illegal or difficult to use, will make the regulators will realize that in order to control this potentially uncontrollable tech they must take part in it directly. The regulators, smarter than some techno-anarchists might assume, will come understand that in order to really take part they must become large stakeholders. After close analysis of Bitcoin, they will realize that mining is the place in which they can gain influence. Furthermore, they will realize that they can enable the harmless-but-impactful benefits of the new system while mitigating the disadvantages.
Their first step is to commit the government to mine a fixed percentage (let’s say 10%) of the network hashrate — a hashrate is a proxy for the number of miners, as a fixed supply currency, Bitcoin is inherently zero-sum so 10% will get the government 10% of all new coins. Miners perform work which establishes a consensus on the record of transactions; by being a miner the government makes itself an important bookkeeper of sorts. The Bitcoin development community heeds miners’ desires because a break in consensus could cause a catastrophic fork. Having mining power will give the government an avenue to establish influence over future changes to the underlying Bitcoin protocol. This influence can be strengthened by demonstrating willingness to promote changes, a benefit for both the government and the development community. The current regime of miners are so disorganized and change-averse, it is almost impossible to get the network to support important improvements or security fixes. Government miners could collaborate with developers to help push out and develop new protocol. The government benefits directly, getting a voice in the development conversation — their needs will be given higher priority.
The government will also capture a large amount of the newly minted Bitcoin, giving them significant sway in the sale of these coins. By holding or releasing amounts of the asset at a price of their choice there is effectively a mechanism to control and adjust the rate of inflation.
Adjusting the inflation rate is far from their only control. The government could also put the Bitcoin into the market only to addresses which agree to comply with their regulations. They can incentivize this regulatory compliance by selling the bitcoin at a favorable price (to prevent arbitrage, this could be done with reasonable limits for an individual). What’s more, they could also provide other benefits; such as using their mining power to eliminate transaction fees for micropayments between addresses known to the government. The government-ification of Bitcoin can be sped up by offering favorable deals to give subsidies to ‘dark’ bitcoins from individuals willing to share their identity as well as by adopting policies which let the government accrue more Bitcoin such as allowing taxes or government services to be paid for or distributed in Bitcoin. (And perhaps not selling off the seized SilkRoad coins…)
This is a key point. This demonstrates how the government can get consumer buy-in to their regulation. They make their side of the grass greener. Consumers will directly benefit by cooperating, with more purchasing power and convenience. Anonymity is sacrificed, but many users might not have foresight on why maintaining their privacy should be more critical than an economic incentive. Without anonymity the government can subject you to selective enforcement of taxation based on your political beliefs or personal life, and engage in other practices which infringe on your rights as a private individual that are significantly more frightening.
With means to establish buy-in from users, how might government regulate Bitcoin? A reasonable policy might be that any domestically operating Bitcoin company treat the government version of the blockchain as authoritative during a critical event such as a sustained fork or 51% attack, ensuring stability of the blockchain for domestic use. These types of policies are relatively harmless, although create stability assurances for adopting a globally distributed system domestically. More main-line issues relate to transaction regulations, in which policies could be a threat to the openness of Bitcoin. We’ll examine two major categories of this type of policy, trap-doors and walled gardens.
A trap-doored policy means that an individual can ‘opt out’ of the policy with a drastic action, such as moving out of the country then tumbling their Bitcoin. Without direct custody of funds, the government will only send coins they own to an address with a known identity, and enforce that each of those users complies with some Know Your Customer (KYC) or Anti Money Laundering (AML) policy. This policy could be reasonable and include thresholds at which they don’t apply. With transactions on the publicly visible Blockchain, the government will see any user’s violations of policy and can come knocking. If compliance requires KYC, they would know the identity of the Bitcoin address which broke compliance by induction. I call this a trap-door policy because it allows for escape. The government in this case wouldn’t be able to stop an individual from going off the grid, but they’d still know their identity and could use traditional techniques to find them. This is not unlike current bank infrastructure in the U.S. You could pull all your money out in cash, but the government would see that and infer that you were up to something. Travel restrictions would make you subject to search and seizure. By itself, I don’t think this is a very harmful policy to enforce. Privacy conscious individuals could still take steps to anonymize their Bitcoin while disclosing the new ID’s to the government, letting them hide their activity from the greater public.
In a similar vein, the government can use these tactics to establish an authoritarian policy. For instance, they could establish a ‘walled garden’ by only selling their mining rewards as 2 of 2 multisignature spendable — M of N multisignature means that any set of M out of a set of N signatories could spend the funds — where they can produce one of the signatures, and then only sign off on a further 2 of 2 including the current government signing key. This gives the ability to stop any undesirable transactions. By using a 2 of 3 multisignature transaction where 2 of the keys are owned by different government branches, the government can gain the ability to spend a user’s funds without their permission. There is slight redemption in the idea that government might need ‘an act of congress and an executive order’ to do so, but the capability is still there. This is already the case with any crypto protocol; the government could compel you to produce your private keys. In a 2 of 3 scheme they wouldn’t even need to ask.
The factors that determine whether the regulations we see initially will resemble a trap door or a walled garden ultimately rests in how sweet the government is willing to make the deal for taking their regulated coins. As a technical matter, ignoring an idealized inalienable legal statute, it is irrelevant. Even with a conservative trap door policy, it is upgradable to any other more extreme policy. This is a problem.
A trap-door policy can be upgraded to any policy by enforcing the new technical change as the new regulation. For instance, a walled garden can be made fairly trivially by enforcing that the new regulation requires 2 of 2. A small redemption exists in that the trap door does not go away without the individual knowing. What line do you draw personally? Would you stay in the country if you opted into a system which promised a trap-door, but tried to move to a walled garden?
In this blog post, I described a mechanism by which a state actor could levy regulations onto a cryptocurrency network. I’d call it an attack, but it is not really an attack per se; the Regulator-Miner Attack does not fundamentally abuse any of the core systems to work in a way in which they are not intended to. Rather, it negates the benefits many in the community hold dear. Others in the community might see this as an effective means to sane regulation. In either case, this is written mostly as an academic exercise although I recognize that some of the ideas described here may have a place in future regulatory discussion. I worry that the desire for quick exits from VC money may make premature pushes to regulations that forfeit anonymity which are better today, but perhaps not tomorrow. I worry that much of the mining capability today is wielded by China, making Bitcoin subject to control by a foreign government. I worry, but I hope. And so I’d say:
Regulators wary of change, take this policy enforcement mechanism in hand and craft policies which create a better ecosystem; you can get adoption on any regulation you like.
Concerned citizens, be wary of subsidy with permanent identity.
Cryptographers & forward-thinking regulators, if the prospect of an authoritarian state built on top of Bitcoin terrifies you: build systems which are fundamentally anonymous; design regulatory systems which aren’t based on control of money, a system such that free flow of money is fundamentally needed to achieve government goals of security and prosperity.
Addendum on Cost:
Maintaining this is, simply put, cheap by design. A simple argument shows that this program is essentially free. Because mining inherently generates a resource that is valuable, it will pay for itself. Market dynamics push the price to always keep it profitable to mine. Bitcoin would break if it were not the case. Furthermore, current regulation programs are very expensive. Bitcoin presents an opportunity to drastically reduce the complexity and increase the automation of these systems which would save costs overall. In 2009, the IRS’s operational budget was around $12 Billion dollars. If a unified ledger were able to reduce cost of tax enforcement by even a percent, it would pay for itself. There is also the cost of letting Bitcoin run unregulated, which may eclipse all of the above.
Addendum on Risk:
There are a couple of risks to consider. Having mining power could be seen as a threat by other countries and establish a “bitcoin arms race” to control mining power. However, I think that this is inevitable to occur — a more close analysis is needed, but I’d wager the game theory works out similarly to a repeated prisoner’s dilemma. Given that some country will start to mine randomly, it’s in any country’s interest to be the first to start mining. Another risk that a government might face is that establishing regulations which may be existentially unfavorable to the crypto community will cause them to deploy systems which are resistant to regulation.
