What is the nature of privacy? Is it our basic right or a privilege? If it is our fundamental freedom, do we have to fight for it? That is the question.
Most people prefer easy options to avoid such crucial fights. For years it was only cypherpunks who have tried to develop technologies which could ensure one’s privacy even under the tough government pressure.
Now we have a clear vision of how to get there. Additional layers and micropayments could transform Bitcoin into a trustless worldwide P2P payment system with incorporated privacy right.
It may sound like utopia or even a threat to the established world order, but so was with trustless digital money. Now we’re here.
Technologies have already changed a lot in terms of how we treat and exchange information, and how we manage our finances. Why can’t code create a total privacy for everyone?
Nevertheless the society’s self-awareness is vital to success of the privacy revolution, because for now most people obediently allow third parties not only to store and sell their data but to manage their money as well.
ForkLog spoke to Jonas Schnelli, a well-known Bitcoin Core developer, leading privacy advocate and a prominent cypherpunk. We discussed the nature of privacy, possible change to the Proof-of-Work algorithm as well as about Bitcoin development stages and its immaturity for mass adoption.
ForkLog: Let’s start with some hot topic. Recently there was a conflict between Blockstream’s CEO Dr. Adam Back and a person known as Cobra. The reason for that was Cobra’s stance on Bitcoin Cash fork and Bitcoin.org objectivity. Eventually this resulted in appearance of another web-site, btcinformation.org.
Jonas: I’ve been into Bitcoin for a long time, so I’ve been following Bitcoin.org very precisely. I exactly remember the moment when Cobra showed up in 2015. His very first work on Bitcoin.org, his very first pull request was to add Google Analytics in order to set up ads for the website. In my opinion that move was very shady – you should not add Google tracking to any bitcoin website. Making money with Bitcoin.org was not considered as a positive development.
He’s probably the main owner of the Bitcoin.org domain so he really has a lot of influence, but in the same time he is pretty shady in what he wants to do. For example, later he said that he didn’t want any ads on the webpage, but there is a clear history of his pull requests and comments with him saying the opposite.
He is a controversial and aggressive figure on various levels. It doesn’t really matter whether he likes Bitcoin Cash or not. It’s up to him. However, his way of acting weird of being A and then B makes the situation a bit complicated and raises doubts that Bitcoin.org will once fail. If he wants to set up ads for Bitcoin.org, he would be probably open to someone paying him for advertising Bitcoin Cash. It looks like he is interested in getting money from this page.
ForkLog: Cobra is also advocating PoW change and urges the community to support a migration to a hybrid algorithm because of the alleged Bitmain’s dominance when it comes to mining. Do you agree with him? Is he correct about Bitmain’s monopoly?
Jonas: Again – the PoW change is a very harsh and aggressive move which may be extremely hard to bootstrap. I’m not sure whether you should play much in the politics field if you own a neutral informative website. You mission is to educate people about the situation, but not to take a side. I understand why people wanted to fork Bitcoin.org to make it more neutral and non-aggressive.
ForkLog: Is it possible that Bitmain controls 51% of Bitcoin hashrate?
Jonas: It depends on what you mean by saying control over 51%. Does it mean operating mining pools which control the majority of network hashrate? U.S. miners can give powers to Chinese pools and vice versa. In this case I think it’s possible.
ForkLog: I mean that Bitmain might have enough hashing power itself to control the network. Is it possible?
Jonas: Eventually it’s very hard to identify whether it’s true or not. We could not realistically say who owns how much hashrate, but I think it could be possible. The mining centralization is one of the biggest problem in Bitcoin.
ForkLog: How can we solve this problem?
Jonas: I think that we see new mining players coming into the field like big chips manufacturers. There are signs that the market aims at distribution of hashrate.
I don’t think that PoW change will make the situation much better, because there is always an advantage you can create if you invest a lot of money. Maybe you can hurt Bitmain at the beginning, but then another player will come up if the market incentives are not distributed enough.
ForkLog: Mining has become a big business. Is it a problem?
Jonas: It’s hard to say whether it’s good or not. There is a lot of arguments for ecological problem of consuming so much power. Some users also think that the current hashrate is too high and we don’t need that difficulty.
At the same time it proves that the incentives model of Satoshi is working, because there is a lot of competition. We know that mining centralization has happened, especially with Bitmain, but the question is how we can have a safe path from the existing PoW to another one to enforce decentralization if we can.
ForkLog: David Vorick from Sia believes it is possible that Bitmain has blocked Obelisk [ASICs producer] from entering Chinese manufacturers market.
Jonas: I think that Bitmain and the Chinese government have a lot of influence on Bitcoin mining, but I’m not really sure if it’s possible to drive a company out of the manufacturers market. It’s hard to identify whether it’s true, but if it is, it’s a shady move by Bitmain.
ForkLog: You’ve been a Bitcoin Core contributor for three years now. Should we expect Confidential Transactions or Schnorr signatures implementation in the near future?
Jonas: To be honest Bitcoin Core doesn’t have a clear roadmap, because it’s an open source project and each contributor defines his own roadmap. The more people work on the same upgrade, the faster project move in that direction. Nevertheless it looks like we will see a Schnorr signatures proposal in the near future. This seems to be a next major softfork.
Bitcoin Core has a half year release cycle, so 0.17 is coming out. This release won’t include any softforks, but will have a lot of performance upgrades, lower level functions and a lot of stability stuff. 0.18 will be probably released in January or February. It’s quite possible that Schnorr signatures proposal will be included into 0.18, but it is always hard to predict when softfork is activated on the mainnet.
ForkLog: What about Confidential Transactions?
Jonas: I think the most realistic for Bitcoin protocol is Bulletproofs implementation which is a part of Confidential Transactions technology. It seems to be on the concept level for now. Maxwell’s Confidential Transactions just obfuscate the value of a transaction with lot of computations and a lot of scaling issues involved.
I wouldn’t say that any fungibility proposals, including Confidential Transactions, will materialize in the next 1.5-2 years. I doubt this is mature enough for Bitcoin.
ForkLog: What is the difference between Wasabi Wallet approach and Confidential Transactions?
Jonas: Wasabi uses Chaumian CoinJoin to mix inputs. It’s one of the way to increase your anonymity set on the blockchain, but it’s not going in the same direction as Bulletproofs or Maxwell’s Confidential Transactions, where inputs are mixed and outputs are obfuscated. So Wasabi’s approach is great, but it’s about mixing rather than creating a real confidential layer. If Confidential Transactions is implemented in the main protocol, the anonymity set is bigger than in the case when only particular groups use a privacy technology.
ForkLog: Regulators will not be happy about this.
Jonas: Eventually yes. We saw push backs at CoinShuffle, Monero and ZCash in particular. Regulators are not big fans of such technologies.
It could be that regulators, states or groups within states will oppose any fungibility proposal for Bitcoin protocol, we should expect that. It will make it really hard for IRS and other tax agencies to review the blockchain. That’s why I’ve said that we need two or maybe three years to have real privacy solutions incorporated into Bitcoin protocol.
ForkLog: Do we have to find a compromise with authorities on privacy? Regulators claim criminals will use such technologies to hide their financial activities.
Jonas: The whole question comes down to what privacy is. Is privacy only for bad people or is it also for good people? There is a lot of use cases where good people need privacy. In some countries the financial privacy is vital to security and survival.
I think that there is nothing to talk about with regulators. Privacy – that is what we want on the cypherpunks and technology level regardless of use cases.
ForkLog: No compromise?
Jonas: Exactly. No compromise!
ForkLog: How can you explain Schnorr signatures to ordinary users without technical background? Why do we need it in Bitcoin?
Jonas: Schnorr is superior crypto scheme than ECDSA that we’re currently using in Bitcoin. We didn’t implement Schnorr from the beginning, because there was a patent which now has expired.
Schnorr is way better than ECDSA especially in terms of aggregating of public keys and signatures. So you can do a complex multisig, let’s say with 100-200 signatures, with a single signature. It is really great for scaling if you want to scale in direction of MimbleWimble. It really helps to combine transactions and signatures to have a multisig on the large scale.
ForkLog: How do you assess progress of Segregated Witness in Bitcoin?
Jonas: The adoption is quite good right now. SegWit ideally would have been implemented from the day one in Bitcoin, because signatures are useless for light clients. If you have an SPV wallet (Wasabi, Samourai Wallet etc), the whole signature is useless for you, because you can’t validate it – you don’t have the full blockchain. Before SegWit, all those clients had to download the transactions, including signatures which in fact were useless for them, so it was waste of data.
We also have the problem of malleability which is basically the main barrier for Lightning Network. It means that a signature is a part of a transaction hash. You can create the same transaction with a different hash which was one of the probably main vulnerability that caused Mt.Gox collapse. With SegWit aggregation we got rid of those two problems and opened the path to Schnorr.
ForkLog: Do we need larger blocks?
Jonas: I don’t see any need right now. Blocks are not full and SegWit share is around 30%. Larger blocks mean higher cost of decentralization. We should increase the block size only if it’s urgently needed.
ForkLog: Some sceptics claim SegWit is a sort of betrayal to white paper.
Jonas: I don’t think so. You can interpret white paper in a way A or in a way B. I personally believe there is no conflict between SegWit and white paper. This argument comes mainly from Bitcoin Cash supporters, but I don’t think this is really true. And even if it would be, does it mean that we always have to stick to the white paper? What if the current crypto scheme is broken? Does it mean that we can’t shift to Schnorr because of the white paper? The white paper is just a paper and what we do with the currency is another question.
The white paper was a great beginning, we should look back to it, but it was written by a single person or a group of people who didn’t know everything. We need to be open and question the white paper whenever we can. We don’t have one particular person in charge of all decisions, we are group of technical experts who can question whatever we want. In my opinion it’s one of the main benefits of Bitcoin.
ForkLog: Let’s talk about the triangle of PRIVACY, TRUST and SECURITY in bitcoin wallets. As for now the triangle isn’t solved. Can you explain the current state of digital wallets?
Jonas: In my understanding of a bitcoin wallet there are three main elements Privacy, Trust and Key Security. In order to ensure privacy you probably need to install your own full node. It means you need a lot of bandwidth and computation. Privacy is really hard especially when it comes to plain users who don’t want to download hundends of Gbytes just to do a transaction. They prefer to do it on a Coinbase level.
The same problem we see with Trust. If you want to trust nobody which is the idea of Bitcoin you need to validate your own chain. It also means the download problem and the time problem.
Key Security is essential for wallets, but usually it’s not so hard to manage especially if you use specialized hardwares.
I think achieving Trust and Privacy is much harder. In my opinion there are no wallets out there which solved the triangle for ordinary users in a proper way. You still can do it, but it requires a lot of configuration and expert know how.
If you use any SPV-wallet, you trust a remote server with transactions. They can show you imaginary transactions, they could hold back transactions from you. They can analyze your financial history. What if this server is hacked or owned by a government or someone who works against you. It’s not the original Bitcoin idea.
ForkLog: What is about Bitcoin Core?
Jonas: I would say Bitcoin Core is much better in terms of privacy, because nobody knows your transactions history. You download all the blocks, so nobody could identify what information in those blocks is interesting for you. It’s a bit different in the way of sending out transactions which means you need to broadcast them. There is a lot of ongoing analytics on the P2P level to identify who has created transactions. I think this problem of privacy in Bitcoin Core will be probably solved with Dandelion proposal which is going to be live in a year.
ForkLog: And I guess Coinbase fails to fulfill the triangle.
Jonas: Yes, when you use Coinbase, you don’t own bitcoins. You own login which allows you to use a Bitcoin address. If Coinbase decides to block you from spending bitcoins, you won’t spend them. Coins are owned by Coinbase. You also don’t validate your own chain, you just trust Coinbase.
In terms of privacy the company can provide IRS or other agencies with your data and it is completely out of your control.
ForkLog: This completely contradicts the Bitcoin concept.
ForkLog: Why do so many people take this apparently wrong way?
Jonas: Because it’s easy. It requires a lot of work to do Privacy and Security in the right way.
ForkLog: What do you think about UX problem in Bitcoin?
Jonas: I’m glad that it’s not so easy for now, because in my opinion the whole technology is not mature enough for mass adoption. UX is far from perfect, it’s complex and a bit strange. It’s hard for anyone out of the geeks community for now, but I’m glad it is so. We still don’t have Lightning, we don’t have immediate payments, there is still a fee problem.
The current state of UX in Bitcoin gives us time to solve more technical problems. After that we should focus on UX to make Bitcoin as available as Whatsapp.
However, if all the people come into Bitcoin right now, it would probably break it. We are not ready for this.
ForkLog: Do you believe that Bitcoin is a payment network as described by Satoshi ? For many people it looks more like a store of value.
Jonas: Yes, for now it may be, but I’m a big believer in the payment network. I want to pay anyone in the world for anything without people knowing that. Peer to peer payments system is a prime goal in my opinion. It’s my vision.
ForkLog: Should bitcoin be a legal tender?
Jonas: Maybe not bitcoin itself, but additional layers like micropayments and Lightning. I believe it should happen. If additional layers make Bitcoin a worldwide payment network, it will certainly increase the exchange rate of each bitcoin.
ForkLog: Do you think there is something unhackable in this world?
Jonas: No, for sure not.
ForkLog: Even a blockchain?
Jonas: We secure Bitcoin blockchain with ECDSA which can probably be broken by a quantum computer. The question now is: will quantum computers materialize in the future? I believe they will. So even Bitcoin blockchain is theoretically hackable, it depends just on how much computation you need.
The problem here is that you will identify that quantum computers are built only after they have been built. It’s important to say that Bitcoin has quantum resistance if you don’t do address reuse. If you don’t reuse addresses, you are safe even post-quantum.
Jonas Schnelli was interviewed by Nick Schteringard.
Follow ForkLog on Twitter and Facebook!