Payment systems are systems of pipes and valves that allow monetary transfers between people all over the world. To most, they sit insulated from view. Even when in plain sight they evade comprehension. With large responsibility for errors and lack acknowledgement for progress, there has been little innovation and construction of new pipes. Bitcoin represents a new way to re-plumb the financial system on a decentralised architecture. However, much like the existing financial system, few people understand the consequences of the layout and design of its pipes.
The plumbing analogy fits far closer to Bitcoin than normal financial markets. Bitcoins are not coins, indeed there is no concept of identifiable currency units. Bitcoin should be considered a type of monetary fluid with a unit of account, Bitcoin. The monetary fluid, bitcoins, flows through a system of pipes (transaction outputs) and fittings (transactions).
Constructing the Bitcoin’s pipes
Transactions are constructed using previous transactions as inputs to fund transaction outputs. Each output can be thought as a pipe with some capacity of Bitcoin. Each transaction is a fitting, connecting one or more of the existing pipes. The pipe or pipes that is the result of a fitting can at most carry the same capacity of the sum of the pipes that led into the transaction.
Bitcoin is neither an account based payment system or a tokenised banking system. The protocol uses the history of all past transactions to generate a state of unspent bitcoins. When we say there are 13 million bitcoins in circulation, what we actually mean that the system recognises that there are 13 million bitcoins in unspent outputs that can be reassigned according to the rules of the payment system. The reassignment is irreversible and hence new transactions are additions to the growing complex system of pipes.
Analysing Bitcoin’s pipes
The graph of pipes or transactions is largely immutable and therefore makes it amenable to analysis. Pipes are only destroyed if there is a reorganisation on the consensus of the network. The system of pipes is append only and therefore the complexity and size of the transaction graph grows over time. Bitcoin’s history can be evaluated looking at the state of the pipes on January 1st 2014 or any block height.
One problem in any analysis is the lack of mapping from inputs to outputs. When warm water that comes out of a tap, there is no separation between the hot and the cold. In Bitcoin, if two transaction outputs are both inputs in the same transaction, the protocol makes no attempts to map inputs to outputs. Bitcoin retains the information that can reveal the capacity of the individual pipes that were feeding into the fitting. In this way, Bitcoin is not a token system but something far more fluid and complex.
In the diagram above each node is a transaction or an unspent output. The green nodes are transactions and the white node indicates unspent outputs. The number contained within the circle represents the sum of the outputs of that transaction or transaction output. Each edge is the link of output to the subsequent transaction. We cannot say in which proportion the inputs of the transaction are funding the outputs.
Imagine this transaction was the purchase of a new iphone 6 costing 1.5 BTC. Now assume that one of the funding transactions used to fund the purchase was a theft. The theft is marked as the orange transaction. Now the difficult question becomes how much of the stolen Bitcoin remains in the thief’s possession? Bitcoin the protocol does not have the answer to this. Instead we would have to rely on our legal principles to establish that all of the 0.5 BTC remaining in the possession of the thief was actually the stolen Bitcoins.
As the blockchain is a public set of transactions the analysis could be performed on an arbitrarily large scale. For example, we could ask the question: are the bitcoins that you are holding the same as the ones that I once had? The analogue is pouring water into the pipes at a source transaction and analysing how much of the same water collects at the target transaction. To perform such analysis, two types of algorithm are used — min flow and max flow. Min flow asks the question: “what is the minimum number of bitcoins that went from the source to the target?” The max flow asks the question: “what is the maximum number of bitcoins that could have gone from the source to the target”. If min flow returns a positive answer, X, then the target is at least holding X amount of bitcoins that were once held at the source. The water that flowed through the source is the same as the water that we found at the target.
However, usually the min flow quickly goes to zero because we need to combine transactions in order to pay our debts. So if I make the payment of 1.5 BTC for the iphone 6. The min flow from each of the inputs to the expenditure is 0.5 BTC. The algorithm places the maximum number of bitcoins, 0.5 BTC, in the change and leaves 0.5 BTC to pay for the good. In the max flow case, the amount would be 1 BTC in both cases since the output is larger than 1 BTC. After only a few transactions, it is likely that the min flow falls to zero.
In the instance of min flow being greater than zero, we can prove that the bitcoins went from the source to the target and we have full traceability. But where min flow is equal to zero for all potential outputs, as is often the case, we have no traceability. Even though we can show the connections between all the different transactions or pipes in Bitcoin’s history, we cannot say a lot about the flows of funds or monetary fluid. We get transparency but hardly any traceability. The parties that cause the obfuscation can also be identified by their bitcoin addresses and could be subject to adverse claims (more on this in a future post).
In light of this, perhaps it is a red herring to even think of Bitcoins as units of currency and we should be rethinking the way that we speak of “my bitcoins”. Perhaps flows of currency as I have described it should be thought of as simultaneous creation and destruction of interests that are not necessarily tied together (as is the case with some US securities). These issues must be understood in order to develop private law frameworks for Bitcoin as well as appropriate AML tools and guidelines. One thing is for sure there are no coins in Bitcoin.
In some follow up posts I will discuss more complex pipe arrangements (mixing services) and more specific legal issues around negotiability and fungibility that are prompted by this type of analysis.