Chapter 2: Smart Contracts

[Note: below is chapter 2 to Great Chain of Numbers]

“Setting something in stone” is a common phrase used to describe permanence of a promise or obligation.  While there are numerous historical and sacred texts that deal with justice, tort, and commerce, one example illustrating the confluence of permanence and clearly defined obligations etched in stone comes from Mesopotamia.  The Babylonian Code of Hammurabi dates back to roughly 1772 BCE and consists of 282 laws.  While the famous “eye for an eye” (lex talionis) is inscribed on surviving clay tablets, roughly half of the code deals with contracts involving payment of wages, rent and liability for damaged property.  Other clay tablets from Mesopotamia record interest-bearing loans and debts.  While the interpretation and enforcement of these obligations is a matter of speculation and historical restoration, the human endeavor to codify duties and responsibilities is a never-ending story.

A more recent example, contrary to common belief, Samuel Goldwyn actually said, “his verbal contract is worth more than the paper it’s written on.”1 Yet either way it is stated, Goldwyn’s oft misquoted catch phrase illustrates one of the core issues that continually impacts property law and rivalrous resources: how to create clearly defined terminology, guidelines and terms of service in a reliable way.

In 2006 Nick Szabo, the progenitor of the idea of cryptographic contracts, compared humankind’s current analog spectrum of decision making to a digital system to describe the differences between “wet code,” which is interpreted by human brains and “dry code” which is interpreted by computers.2 In contrast to the seemingly binary logic of machine language, even though contracts, rules and regulations may be written by ostensibly objective parties, they must still be interpreted and enforced by yet another party or parties of humans.  And as a consequence stipulations do not always go as they were originally delineated.  This may change however as Szabo also described how computer programs have been and will continue to slowly edge towards mastering different niche domains that reach farther into “wet code” – into the human realm of nebulous obfuscation, fickleness, inconsistency, and abuse.  This is the subject of disagreement in this manuscript and will likely continue to be in the near future.

What is safe to say is that smart contracts and cryptoledgers are not a silver-bullet panacea solving ambiguity in human interactions beyond the reach of the algorithms.  According to its latest biannual arbitration scorecard, The American Lawyer’s 2013 survey highlighted 165 treaty arbitrations and 109 contract arbitrations involving $121 billion in disputes, a record.3 Similarly, Fulbright & Jaworski publish an annual Litigation Trends and Survey Report in which they survey senior corporate counsel regarding various aspects of litigation and related matters.  In the latest survey they found that contract disputes in the US (44%) and UK (57%), remained the largest type of litigation pending against their company, followed by labor and employment disputes.4 Aside from the famous fabricated contract from Paul Ceglia, few contractual disputes involve tampering of the actual contract in the developed world – more often than not the agreements are certain and the facts, or its meaning, are in dispute.5 But as discussed below, smart contracts encompass the wider spectrum of formalized agreements, such as financial instruments (synthetic assets) or codified representations of value (e.g., tokens).

Automation in commerce is increasing daily.  With the advent of NASDAQ in 1971, electronic securities exchanges have traded shares of stocks, bonds, and other instruments on a daily basis and in some cases continuously for twenty-four hours a day.  This digital creation was made despite the fact that then-contemporary paper-based exchanges capable of trading similar instruments have been in use at least since the founding of the Dutch East India Company in 1602.6 While there are numerous reasons for why the NASD built it, the primary motivating force for electronic exchange in general is that it provides users with faster logistical and organizational efficiencies, much like electronic mail does  compared with its analog counterpart; while simultaneously removing numerous intermediaries, middle men and 3rd parties though often they interpose new ones. While there are still hardcopies of securities (e.g., a share register) that in some cases must be maintained and on-file with governmental and corporate entities, in reality the instruments on all modern exchanges are just electronic bits that are representations – abstractions of various contractual obligations, conditions, and terms of service in the real world.

A smart contract is a proposed tool to automate human interactions: it is a computer protocol – an algorithm – that can self-execute, self-enforce, self-verify, and self-constrain the performance of a contract.789 Whereas Bitcoin and its direct progeny are referred to as the “1.0” generation, as shown below, contracts, on “2.0” platforms – the next generation of cryptocurrency, are able to enforce themselves.10 They do not have a physical enforcement arm the way legal contracts do.11 Rather, because they embody complex contractual relationships in computational material, they move certain defined asset(s) automatically under certain conditions.

Twenty years ago, Nick Szabo used a specific name for some of these instruments: synthetic assets.  Synthetic assets, in his words, “are formed by combining securities (such as bonds) and derivatives (options and futures) in a wide variety of ways. Very complex term structures for payments (i.e., what payments get made when, the rate of interest, etc.) can now be built into standardized contracts and traded with low transaction costs, due to computerized analysis of these complex term structures.”12 Today, both lawyers and software programmers have the ability to create these types of instruments.

Although some may have attempted to build a priori-based arguments against using such digital representations, post 1971, a fortiori, it has become clear that scarcity (a rivalrous asset in the economic sense) and value need not be solely represented by physical phenomena.13 And while each individual has his or her own subjective valuation, some currently see that there is potential utility or even speculative value in holding, using, and trading these electronic financial instruments.

In Cryptoledgers We Trust

Decentralized cryptoledgers are another refinement and evolution of Szabo’s ‘wet-to-dry’ system.14 Paper-based ledgers and electronic ledgers are typically held and maintained by 3rd parties such as banks or clearing systems; these entities create a “trusted” environment that, the argument goes, could be abused and manipulated by human elements (e.g., changing content, destroying records, double-spending) and imposes considerable cost.  When you trust a 3rd party, you are exposing yourself to the malfeasance of that 3rd party.

In November 2008, Satoshi Nakamoto – a pseudonym for one or several individuals – released a white paper that, for the first time, detailed a method for using a decentralized, encrypted software-based ledger that solves these 3rd party abuse and vulnerability issues. That white paper gave rise to Bitcoin.15

In contrast to the existing methods, argued Nakamoto, a decentralized cryptoledger called the Bitcoin protocol can serve as the sole middleman.  As an algorithm the protocol is unbiased and capable of auditing, authenticating, validating, approving, and transferring integer values along a ledger that is distributed to tens of thousands of computers (called mining machines) that are located around the world.  These computers run an open-source program that provides all of these aforementioned functions and they are rewarded for their work (seigniorage), by the provision of an integer value, a virtual-only token called a bitcoin (sometimes referred to as a “cryptocoin”).16 The Bitcoin ledger also has other potential uses that have not been fully utilized such as the ability to manage smart contracts or any instrument, asset or token that can be arithmetically encoded into software.  In fact, the upcoming version 0.9 release of Bitcoin will provide room in the ledger for each transaction (also called a tx) to include an additional 80-byte hash, just large enough to provide for a “distributed contract” – a feature that has drawn even greater outside interest over the past year due to its ability to represent any asset class or property, not just one value (fiat).17

In practical terms, the Bitcoin cryptoledger is its own 3rd party repository as it creates a consensus-based, trustless environment that negates the role of 3rd party intermediaries that existed in a paper-based analog world.  It also acts as a decentralized timestamp database.  Whereas historically timestamps were issued by a Time Stamping Authority (TSA) – or digital notary – that is vulnerable to abuse and tampering, a user can now store a timestamp on the ledger without concerns over data corruption as it stored on thousands of decentralized machines.18 More to the point, it provides the abilities of many other functionaries (e.g., accounting, auditing) and institutions (e.g., data warehouse) thus making a multitude of middlemen entirely redundant and allowing for bilateral transactions to take place.  Whereas Alice’s Accounting Co., may take a quarter of a year to audit and reconcile accounts for Bob’s Boutique Bookstore, a bitcoin transaction, as well as the entire global Bitcoin ledger, called a blockchain, is authenticated, verified, copied, and audited approximately every ten minutes (Litecoin is even faster, verifying every two and a half minutes).

While the underlying mathematics and cryptographic concepts took decades to develop and mature, the technical parts and mechanisms of the ledger (or blockchain) are greater than the sum of the ledger’s parts.  Simply put: bitcoins do not actually exist.19 Rather, there are only records of bitcoin transactions through a ledger, called a blockchain.  And a bitcoin transaction (tx) consists of three parts:

an input with a record of the previous address that sent the bitcoins;

an amount; and

an output address of the intended recipient.

These transactions are then placed into a block and each completed block is placed into a perpetually growing chain of transactions ―hence the term, block chain.  In order to move or transfer these bitcoins to a different address, a user needs to have access to a private encryption key that corresponds directly to a public encryption key.20 This technique is called public-key encryption and this particular method, Elliptic Curve Digital Signature Algorithm (ECDSA), has been used by a number of institutions including financial enterprises for over a decade.2122 Thus in practice, in order to move a token from one address to another, a user is required to input a private-key that corresponds with the public-key.

To verify these transactions and movements along the ledger, a network infrastructure is necessary to provide payment processing.  This network is composed of decentralized computer systems called “miners.”  As noted above, a mining machine processes all bitcoin transactions (ledger movements) by building a blockchain tree (called a “parent”) and it is consequently rewarded for performing this action through seigniorage.  Blockchain trees are simultaneously built and elongated by each machine based on previously known validated trees, an ever growing blockchain.  During this building process, a mining machine performs a “proof-of-work” or rather, a series of increasingly difficult, yet benign, math problems tied to cryptographic hashes of a Merkle tree, which is meant to prevent network abuse.23 That is to say, just as e-commerce sites use CAPTCHA to prevent automated spamming, in order to participate in the Bitcoin network, a mining machine must continually prove that it is not just working, but working on (hashing) and validating the consensus-based blockchain.2425 At the time of this writing the computational power of the network is 200 petaflops, roughly 800 times the collective power of the top 500 supercomputers on the globe.26

To prevent forging or double-spending by a rogue mining system, these systems are continually communicating with each other over the internet and whichever machine has the longest tree is considered the valid one through pre-defined “consensus.”  That is to say, all mining machines have or will obtain (through peer-to-peer communication) a copy of the longest chain and any other shorter chain is ignored as invalid and thus discarded (such a block is called an “orphan”).27 If a majority of computing power is controlled by an honest system, the honest chain will grow faster and outpace any competing chains.  To modify a past block, an attacker (rogue miner) would have to redo the previous proof-of-work of that block as well as all the blocks after it and then surpass the work of the honest nodes (this is called a 51% problem).28 Each 10 minutes (on average) these machines process all global transactions – the integer movements along the ledger – and are rewarded for their work with a token called a bitcoin.29 The first transaction in each block is called the “coinbase” transaction and it is in this transaction that the awarded tokens are algorithmically distributed to miners.30

When Bitcoin was first released as software in 2009, miners were collectively rewarded 50 tokens every ten minutes; each of these tokens can further be subdivided and split into 108 sub-tokens.31 Every 210,000 blocks (roughly every four years) this amount is split in half; thus today miners are collectively rewarded 25 tokens and in 2017 the amount will be 12.5 tokens.  This token was supposed to incentivize individuals and companies as a way to participate directly in the ecosystem.  And after several years as a hobbyist experiment, the exchange value of bitcoin rose organically against an asset class: fiat currency.

While colloquially someone may say he or she has ten bitcoins, there is no physical or even digital object that is an actual bitcoin.32 We are talking simply about the ability, by virtue of having exclusive knowledge of a given unlocking private password (a key) of a given schema, to cause a change in a ledger entry in that distributed schema.  And because all the mining systems operate with clearly defined “dry” rules, through consensus they respect the ledger entry change.  In other words, transferring a bitcoin is merely moving a specified integer value from one address to another address; all such moves are recorded on a public ledger.  As a consequence, users can actually access, transfer, and “store” these tokens through numerous mediums including a digital wallet (accessible from a laptop, tablet, smartphone), through an online browser and even through air gapped, cold-storage techniques such as a “paper wallet” or USB drive.33 Yet the actual ledger remains distributed amongst the mining equipment.

Another way to look at the Bitcoin system is through a thought experiment: try to stop using the word “property” to refer to the thing owned, the thing in which there is a property right.34 Instead, talk about an owner of some owned thing – or resource. The owner has a property right in some owned thing – in some resource.  So then ask: what is the ownership or property right in a bitcoin?  What exactly is a bitcoin?  You then have to carefully define what you mean.  And of course it is not ownership of “a bitcoin” – since there can be fractional bitcoins (the smallest unit is called a satoshi).  Economics does not have a category of “property,” as it is the study of human actors and scarce resources.  Property is a legally recognized right, a relation between actors, with respect to control rights over given contestable, rivalrous resources.  And with public-private key encryption, individuals can control a specific integer value on a specific address within the blockchain.  This “dry” code effectively removes middlemen and valueless transaction costs all while preserving the integrity of the ledger.  In less metaphysical terms, if the protocol is a cryptocurrency’s “law,” and possession is “ownership,” possession of a private key corresponding to set of transaction (tx) outputs is what constitutes possession.35 All crypto assets are essentially bearer assets. To own it  is to possess the key.  The shift from bearer, to registered, to dematerialized, and back to bearer assets is like civilization going full circle, as the institution of property evolved from possession to the registered form that predominates in developed countries today.

In terms of the logistics and mechanics of exchanging bitcoins to and from fiat, there are several methods.  For large volume, over the past several years there have been several companies (BitStamp, Kraken, BTC-e) that have created web-based exchanges by which a user deposits a token and the exchange in turn is partnered with a physical bank in specific jurisdictions.36 Once a user “sells” the token on the exchange, this bank then provides fiat liquidity to the exchange.  Since the genesis block in 2009, approximately 12.4 million bitcoins have been mined, some of which are permanently lost (e.g., where a user has lost or forgotten the information comprising his or her private key).37 As of this writing, the current market cap of all mined bitcoins is seven billion dollars; for comparison, MasterCard’s current market cap is $125.24 billion.

Not a One-Trick Pony or One-Hit Wonder

With its decentralized, peer-to-peer abilities that allow for near-instant transfers and trustless authentication of value while simultaneously serving as a registry of all property ownership (titles) with an algorithmically controlled stable money supply, the Bitcoin protocol has several limitations.38

Since the initial release of Bitcoin, up until now, the protocol has not been natively capable of managing and tracking more than one asset class.  For instance, three years ago, when ten thousand bitcoins were traded for a pizza, the token could have just as easily become pizzacoin.3940 That is to say, while value was exchanged, those using the blockchain could have attempted to track the value of pizza.  Or more precisely, those using bitcoin as a medium of exchange (MOE) could have used pizzas as the unit of account (UOA) (e.g., when setting the bitcoin price of those alpaca socks, consult the bitcoin-to-pizza ratio).41 Instead, the users of bitcoin consulted the bitcoin-to-fiat so fiat remained the unit-of-account as prices in fiat are generally used to measure the value of goods in the physical economy.    Another way to look at this is, those using bitcoin could have treated it in a “colored coin” manner (see below); and conventionally each coin would have equaled 1/10000th of a pizza.  As a consequence, it became clear that in order to begin tracking, trading, and managing smart contracts in a decentralized manner (and thereby exchanging smart contracts and even smart property), you were limited to just a few workarounds described below.42

How do we trade assets on the blockchain?  Purely proof-of-work, blockchains present logistical problems.  One choice is to build and maintain tens of thousands of altcoin blockchains that serve as ledgers for each asset.  This in turn would require a hash generating network to verify and protect against double-spending attempts (i.e., the 51% problem).  While there is no specific engineering reason that prevents this solution from being carried out (and perhaps it could take place through endeavors like Humint),43 motivating the human element to build and maintain a mining network in a profitable manner could be very cumbersome.   At the time of this writing there are several hundred different altcoins, most of which are mere line-for-line copies of Bitcoin or Litecoin – there are even automated tools that allow users to create their own clones, such as Coingen and Razorcoin.44 Yet, despite the existence of these altcoins, their creators have thus far been unable to re-create the “network effect,” which continues to back Bitcoin.

Another approach could be to build another layer, or platform, on top of a blockchain which specifically relates to an underlying reference asset.  Of all the existing decentralized cryptochains in existence, the one with the most institutional momentum, merchant exchanges, and community involvement (both in terms of software development and user base) is Bitcoin.  In economic terms this is called the “network effect.”  That is to say, the more people who use the network, the more valuable the network is.  Other examples are social media sites like Facebook: the more your friends use it, the more potential value it has for you.  Or with credit cards, the more merchants that accept Visa, the more useful and convenient it is for you.45 While other altcoins (and altblockchains) may be invented, convincing a critical mass of user, merchant, and developmental adoption is a constant uphill battle.  It should also be noted that first-movers are not necessarily the players that the market chooses in the long run.  For example Diners Club was the first credit card; yet it was displaced by other participants and is relegated to a small niche today.  Similarly, both Friendster and MySpace were the first funded companies in the social networking space, yet it was Facebook that became the industry leader.  Kodak, Blockbuster, and Tower Records are also recent examples of incumbents that were unable to adapt to a different market landscape.  In fact, the technology industry is filled with instances of disruptive innovations and creative destruction, including most notably RIM, which spearheaded the smart phone with its Blackberry concept but after mismanagement woes is now on the verge of bankruptcy.4647

For the near future at least, Bitcoin is the protocol du jour.

While some efforts have focused on the above approach, projects like Mastercoin and Colored Coin have chosen to build on top of Bitcoin’s blockchain, to use it as a verification and transportation protocol – allowing them to focus on building asset management tools instead of building an entirely new hashing infrastructure.  Both of these projects have a different method of managing assets.  Mastercoin issues its own token called a mastercoin (a type of metacoin) that can be bought or sold like a bitcoin on an exchange.  On January 3, 2009, the genesis block for Bitcoin’s blockchain was publicly released, laying the foundation for all other future blocks to build on top of.48 Similarly, on July 31, 2013, the Exodus Address was setup for Mastercoin which the resulting framework is situated atop.49 Only a limited number of mastercoins were created during the subsequent month of August and they are only visible to users that use a specially designed wallet that can distinguish them from the rest of the blockchain.50 Despite some initial developmental hiccups, the community responded by providing 4,700 BTC ($5 million at the time) in crowdfunding.51 These mastercoins in turn insert tiny messages into the blockchain that can be used to represent user-defined assets like a derivative or gambling bet.  Special digital wallets and online tools are used to track, trade and sell these mastercoins to anyone around the world.

The Colored Coin project is a little different from Mastercoin in that a certain amount of Bitcoin (e.g., 0.001 BTC) are “colored” to represent a particular asset (e.g., green for a car, blue for a house, yellow for gold, pink for shares of stock).  Users can then exchange these “colored” assets with one another using the Bitcoin blockchain as the ledger.  For example, if you own a home, you could use 0.001 BTC (or any other arbitrary amount) to represent transfer and assign it a secondary attribute, the “color” blue or any other “color” to represent the character of the asset (e.g., a house).52 You can then send and exchange this new blue token using a special digital wallet called the Chromawallet to a buyer who uses a similar wallet.  Using an online exchange (or even decentralized exchange) the buyer can purchase your “colored” token with bitcoin or some other combination of “colored” coins.  All of this is managed through the same ledger.  The only intermediary in this process is the blockchain, which manages the tokens just as it would any other bitcoin.

While there are several other projects with similar abilities on paper (NXT, Invictus Innovations, Counterparty), they all share a main goal: to allow a decentralized cryptographic ledger (a blockchain) to serve the roles and functions that had previously been managed by numerous 3rd parties.  While it is unclear which of these, if any, will be successful, the full implications and applications of trustless asset management are spreading more widely into the larger software development community.

For perspective I contacted Mike Hearn.  Hearn is a core Bitcoin developer who recently left Google to work on the protocol full-time.53 He also has spearheaded the effort to enable smart contract functionality with the protocol, designing several codebases and use-cases for future development.  In an email exchange I asked him if he thought that smart contracts would initially be limited to financial instruments.  In his view, “well, ‘contracts’ in the sense Satoshi used them are about Bitcoin and Bitcoin is inherently about finance so yes, I think they will be restricted to finance.”

And what kind of application does he think could bring cryptocurrency to a wider audience?  “That’s the million bitcoin question isn’t it. I don’t know. There might not be one killer app in particular, but a variety of apps that are merely useful enough that everyone has a bit of Bitcoin lying around for the occasions when they need them.  I explored micropayments last summer as part of trying to answer this question.”

Due to fees set by traditional payment processors, microtransactions have been an area that was financially difficult to do until Bitcoin, which permits divisibility to the one-hundred millionth decimal place (and virtually farther if patched in later versions).  Many off-chain wallet and exchange solutions such as those at Coinbase and Circle enable users to exchange bitcoins at this granular level.  An off-chain transaction is one in which the movement of value (e.g., an asset) takes place outside the public blockchain.  That is to say, initially users sent bitcoins to one another directly through the blockchain, this is called an on-chain solution.  However, now Bob can send bitcoins from any of his wallet to his friend Alice who may be using a hosted wallet at an off-chain provider such as Coinbase (a trusted 3rd party).  Or in other words, Bob’s tokens first go to a Coinbase on-chain wallet which is synched to the public ledger, but then using an internal database, the representations of these tokens are divvied out to a specific user within Coinbase’s internal off-chain wallet system.  There are trade-offs to using each approach.  While on-chain solutions such as Blockchain.info are reliable and cannot be exploited by a 3rd party, trading and exchanges are conducted in the 10 minute time frames (due to blockchain speeds).  Yet readers should be aware that while there are advantages of using a trusted 3rd party situation (namely speed and microtransactions below the dust limit), it could also result in the total loss of tokens as illustrated by the Mt. Gox fiasco in which thousands of customers potentially lost all of their holdings.54

Similarly, Hearn and others have discussed how in the near future, a mobile device (smartphone, laptop, tablet) could pay for wireless access with random WiFi hotspots via Bitcoin-based micropayments.  That is to say, one of the problems with the current wireless infrastructure is that there is no automated, secure manner for strangers to use wireless hotspots without having to trust one of the parties, which could lead to abuse (e.g., credit card fraud).  If instead, if Alice’s WiFi router was enabled with Bitcoin functionality (i.e., had a built in wallet) then Bob could pay for usage via bitcoin – even as little as a fraction of a cent’s worth – and both parties could be satisfied.

Assurance Contracts

But are there practical, present-day uses for the technology which are not contingent on some hypothetical future blockchain gaining widespread acceptance?  Alexander Tabarrok, an economist at George Mason University and creator of the “dominant assurance contract” model and I exchanged emails in part of my initial exploration into the real-world applications of smart contracts.55 An assurance contract is a contract in which contributions to a group goal are held in escrow until the amount reaches a certain threshold, after which point the contributions are then released (e.g., crowdfunding via Kickstarter).  This has been discussed as an alternative model for funding public infrastructure (e.g., a lighthouse, water treatment plant, roads, or bridges) and consequently its objective, binary funding model has frequently put it in the spotlight as a relatively easy example for smart contract developers to encode.  The “dominant” version is a twist in that if contributions fall short of the threshold, those who contributed not only receive their original funds, but also a bonus – creating an incentive for many people to donate.  Tabarrok writes:

I see smart contracts and the internet of things as ending the problem of asymmetric information. In economics, asymmetric information problems occur when one party to an exchange has better information than the other party and out of fear of being exploited the lesser informed party backs out of the trade. Both parties lose since no trade occurs even when trade would be mutually profitable. Smart contracts and the internet of things can overcome many of these problems by making information revelation more credible and even by making trade conditional on information that neither party may even know!

Capitalism like science and technology is a dynamic system and no one can predict where it’s going to go. I expect only to be surprised by the uses people will find for dominant assurance contracts. Kickstarter and other groups have made assurance contracts more familiar (you only pay if enough people join). Dominant assurance contracts make a Kickstarter-like proposition even more compelling (you only pay if enough people join and if not enough join you get paid). I hope to see experimentation and eventually I hope that familiarity in the private realm will encourage people to experiment with DACs to fund public goods and government services which was my original motivation.

The big, immediate gain of using cryptocurrencies and cryptoprotocols is quite pedestrian, lower transaction fees. Our payments technology is expensive and cumbersome. This is true for credit card payments, dominated by a handful of firms, and even more so for the government run checking system which is basically a 19th century system.  Transaction costs are not sexy but there are a lot of transactions in the world and there are many billions to be made by improving the system.  The company that first cracks the transaction cost nut, and I think that will mostly require reputation and scale rather than new technology per se, will be for payments what Google is for advertising.  Big advances in the technology of asset management and banking, the sexy stuff, will come after and on the back of the billions made by reducing transaction fees.

A DAC is a decentralized autonomous corporation, an AI entity that performs the functions of companies (e.g., payroll, issuing dividends) and is discussed at length in chapter 5.   There are several civic crowdfunding platforms that have been launched over the past couple years including Citizinvestor, neighbor.ly and ZenFunder.56

Legalese Challenges

Implementation of DACs, however, is not without its problems.  In view of this I spoke with Stephan Kinsella, a patent attorney, author and Bitcoin investor “while there seems to be potential with cryptocurrencies, cryptoprotocols and smart contracts in general, in my experience the legal industry changes at a glacial pace.  Many if not all of the segments are highly regulated and filled with well-established incumbents especially those integrated with banks.  As a result, most clients and partners typically like to continue utilizing traditional services and solutions and thus are very resistant to innovation.  Similarly, letters of credit and dispute resolution boards have existed for decades so this is not necessarily a selling point.  While there are theoretical advantages to using independent arbitrators or escrows, many contracts for property ownership or car ownership already set up a system of clauses where parties choose an arbitrator or how to use an escrow.   For instance, in terms of percentages, even when disputes arise the amounts of parties that ultimately use an escrow are quite small.  Though, perhaps with enough buy-in this could change later in time.”57

The problem, in his view, is that cryptocurrency is competing with an existing legal and commercial transaction infrastructure. “Again, while smart contracts present a very efficient and optimized marketplace, educating a userbase will be a constant uphill battle because in some ways you may have to reinvent the wheel; or recode the wheel as it were.  For instance, to hedge against a breach of contract Bob may have to issue a $1 million bond to cover insurance.  And in the event that this happens, you would likely need to work with a 3rd party who will have to look over the evidence of the case which in turn adds cost to the transaction.  Sometimes if a deal continues to sour, Bob will sue or simply write-off the loss.  Yet these types of interactions can and will likely happen despite using cryptoledgers.   Furthermore, while cryptoprotocols offers many methods to constrain governance, such as title management I do not see why banks would rewrite their system for this service any time over the next several years.58 They are typically risk averse and conservative.  In fact, I still see legal contracts with provisions that were written decades ago – even over a century – because they withstood legal scrutiny.  While smart contracts in theory could provide similar provisions, proponents and developers of next-generation crypto platforms should be aware that it will take many years of continuous education to convince businesses to adopt this different framework.”

According to Kinsella and others I spoke to on this matter, the smart contracts which would give rise to the fewest problems would likely be narrow contracts covering easily quantifiable, fungible commodities (e.g., oil, metals, ore, agriculture) or simple services, such as those provided by auto-repair shops and beauty salons – that is to say, something that is objectively measurable, mechanical and consistent, and low on consumer protection or complex representations and warranties.  While Bob and Alice would need to be aware of the various jurisdictions that provide different guidance and policies regarding the licensure of services (e.g., cosmetics, accounting), cryptoledgers and trustless asset management could enable a frictionless environment for bartering.  Decentralized exchanges that can manage cryptotokens could allow local service providers to buy, sell, and trade in-kind without going into fiat.59 While the tax and regulatory implications will unquestionably be different depending on the jurisdiction, this type of “cryptobarter” system may become useful and socially empowering in countries with faltering monetary institutions – like Argentina or Greece.

Argentina

In February 2014 I spoke with Wences Casares, an Argentine native and creator of a Bitcoin wallet used by institutions.  He recalls, in his youth growing up “in Patagonia I remember when we had so much inflation twelve years ago that my mother would carry her salary around in plastic bags and spend it as soon as she got it.  She would go to a market and there were workers whose sole job was to replace the sticker prices many times throughout the day because the price levels soared.”   In addition, Casares noted that at the national level, “the government did not want to raise taxes or lower spending so they printed more, causing inflation.  And when I talk to others about Bitcoin throughout the day I use different analogies depending on the person’s background.  Yet when I describe how Bitcoin works to Argentines, they figure it out very quickly.  They realize it cannot be confiscated and can be used as a store of value.”

Between 1998 and 2002, the Argentinian economy shrank by 28% as measured by GDP.60 At the end of 2001, the national government defaulted on $132 billion in debt and inflation reached a monthly high of 10.4% in April of 2002.61 Simultaneously the unemployment rate reached 20% by December 2001 and remained near 25% the following year all the way into 2003.62 While subsequent administrations reversed several of these policies, including restructuring external debt, in 2008 the Argentinian government nationalized private pension funds, amounting to $30 billion in private savings.63

Based on his experiences, Casares says that “when I have helped process face-to-face Bitcoin exchanges in Argentina, when you look at the other side of the transaction these users are not hackers or geeks, they are common people who see it as a good store of value.  Many in fact do not have much in savings but see how Bitcoin cannot be inflated.  People with significant amounts of money can easily move into hard assets yet those at the bottom, the common person cannot.  Bitcoin helps them and I imagine will continue to do so in the future.  There are a lot of benefits of Bitcoin, different people latch onto different benefits yet if another similar inflationary event happens, because of the proliferation of mobile phones it could catch on like fire.”

Sebastian Serrano, another Argentine native and founder of BitPagos, a virtual currency merchant payment service provider, expresses similar sentiment based on his first-hand experiences, “In Argentina there was a big wave of bartering that began in early 2002 whereby people traded food, services, almost anything at ad hoc fairs.64  During late 2001 through 2002 the peso was in free fall and there was a large increase in unemployment, which motivated people to trade things for things.  In fact, a few months into this crisis, many fairs and bartering clubs were already issuing their own ’credits‘ and creating their own bills as a form of scrip.65 Eventually a federation was created that issued a general note, yet counterfeit of this credit became a big problem.  As the economy recovered, the need for these clubs diminished and people stopped going to them – and while a few may persist, most completely shut down.  Yet I think cryptocurrencies and a decentralized asset management system would have helped with this barter system out substantially.  Not so much for price discovery but rather to prevent fraud because many of these fairs suffered from counterfeit notes and lack of transparency on how the notes were issued or distributed.66 And I think we are a few iterations behind something like a smart contract-based system that could be used in a scenario like that.  And perhaps these new platforms being developed will help in the long-run, because contracts make sense when time is a factor.  Thus, it is going to be very interesting to see how this develops again if we have another financial crisis.”

In 2013 the Argentinian peso lost 25% of its value relative to a US dollar and to stem capital outflows, Argentine policymakers enacted strict capital controls.67 As a consequence, ordinary people lacking in political clout have had difficulties in protecting their peso-based savings because access to foreign currencies is restricted.  While there is a fledgling Bitcoin community in Argentina, there are few formal outlets to exchange pesos to bitcoins or other cryptoassets that can provide a store of value resistant to inflation.68 Trustless asset management could enable ordinary people to, instead of relying on the local currency (e.g., peso) to exchange goods and services, exchange their services via different cryptotokens.

Such a system, if implemented, would be a more accurate rendering of the Big Mac index.69 The Big Mac index is an annually published currency-comparison tool created by the Economist that measures the purchasing-power parity (PPP) of each country.  That is to say, a Big Mac is a relatively consistent, quantifiable good that irrespective of jurisdiction should cost the same relative to the local currency.  However, since 1986, due to internal monetary policies a Big Mac is visibly overvalued or undervalued relative to chained US dollars.   While merchants and entrepreneurs do not necessarily need to know every available global price point for haircuts, oil changes, or even in-flight training these indices could help provide price discovery, enabling Argentinians to trade their goods and services at roughly market-rate prices without using local currencies.  In fact, just as globalization acts as to arbitrage wage rates of low-skilled employment between regions (i.e., ceteris paribus, the process of making textiles should cost roughly the same irrespective of locality), ultimately a decentralized system could enable entrepreneurs to coordinate economic investment to or from certain regions.

In one speculative example, Bob the mechanic in Buenos Aires could create a variety of “colored” tokens to represent tune-ups, repairs, and oil-changes and place them on decentralized exchanges that track those specific services.  Alice from the suburb of Avellaneda is an airline pilot and could similarly create tokens to represent certain amounts of flying time (e.g., two hour in-flight training) and also place the tokens onto a decentralized exchange.  Each exchange could list both the local rate for service (i.e., what the supplier is charging in fiat) as well as various cryptocurrency rates.  While inflation may erode purchasing power of fiat currencies such as the peso, decentralized platforms could enable both goods and service providers the ability to retain and exchange value in a decentralized manner that negates the need to use a repeatedly devalued intermediary. Alice and Bob could use price-matching services to transfer service tokens directly redeemable for the said service to one another, or even exchange for other intermediary cryptocurrencies.  To exchange between specific cryptoledgers, a consensus-based DAC may require “smart contracts” to provide for escrow and arbitration mechanisms before contracts are allowed on a ledger or exchange.  Or users may be willing to accept contracts without such clauses (i.e., caveat emptor), helped along in their commercial decision by independent decentralized autonomous agents which could provide a feedback, reputational mechanism (e.g., credit score) to allow market participants to see whether either Alice or Bob is a risky merchant.

But what a cryptoledger makes up in quantitative sophistication, it lacks in the qualitative – bartering in times of economic stress might work, but a real consumer economy might not.  According to Stephan Kinsella, “tens of thousands of formal and informal contracts are used every day between individuals, small companies and large institutions – and each of these may contain different nuances and subtleties relevant to the local setting.  Even hiring someone to be a temporary assistant may require qualitative language – some formalized legalese – and it will be difficult to automate those things.  In fact, most contracts outside the financial industry may not have clauses that are entirely mechanical; thus while smart contracts and cryptoledgers create a full-proof method of tracking ownership of assets, more than likely in some instances you will still need judgment calls involving humans – and there is already a subsidized public system in place for that which many market participants may be reticent to give up.70 Thus not only do you have to provide educational outreach but also consumer buy-in.”

Another question that both Stephan Kinsella and Sean Zoltek (chapter 6) brought up: how do we inform market participants that the benefits and advantages of switching to a new system outweigh the costs of using the existing infrastructure?  For instance, homeowners in many developed countries can already sell property without a realtor by using websites.  Similarly, homebuyers can purchase a deed and register it themselves.  And if you want to sell it quickly you can simply use a real estate agent.  Furthermore, while apartments, condos and townhomes are typically homogeneous units, not all houses are fungible, as they usually have some unique attributes that need to be quantified.  While this may be a small technical challenge that can be overcome, proponents should be aware that some consumers (or homeowners) may be uninterested in quantifying their assets via programmatic contracts.

Outside perspective

While much of the current literature, both academic and software development, is typically written for a US-based audience, I spoke with Preston Byrne, a fellow at the Adam Smith Institute and a London-based securities lawyer.  In his words, “the smart contract as envisioned by Nick Szabo does not yet exist. When it does, it will need to incorporate substantially all of the legal elements of a traditional contract and express them in the functions it performs automatically, at least to the extent that it is written to do so. It may be possible for a degree of modularity to be built into the code so, e.g., specific terms recognised at law could be reflected in code (provisions relating to termination, for example, on the occurrence of specific events) and standardized for use across different transactions.”

In Byrne’s view, while not impossible, drafting commercially viable smart contracts will not be easy – and code alone will not be sufficient. “If a contract is a negotiated agreement which (in the event of a dispute) a court can enforce, a smart contract is a contract which enforces itself.  Contracts are governed for the most part by (1) agreed rules and (2) a set of very complex legal fictions which govern how those rules should apply in the circumstances. For example, in English law it is required for any contract that is formed to incorporate an agreement of some kind, an actual transfer of value moving from both parties and the intention to create legal relations between them. In the event of a breach of the agreement or its being rendered voidable or void, they have a number of remedies – rescission, for example, where the contract is rendered void ab initio, specific performance, where a court orders one party to do something it had covenanted to do, and (more usually) damages compensating the injured party for loss.  While sometimes parties to a commercial contract will be able to recognise when a breach or other misfeasance has occurred and sort out the appropriate remedies between themselves, ultimately the final arbiter of (1) what the contract means and (2) what the consequences of particular breaches will be lies in the hands of a court or arbitrator which has the ability to bind the parties and coerce them to its will. Contracts mediated entirely by distributed, pseudonymous blockchains by fully autonomous DAOs are not well suited to this role.”  This is an issue that several individuals discussed in the evolution of this manuscript.  If the theory is there, where are the smart contracts?   Ignoring the hype and handwaving, the main obstacle is the technical codebase and complementary support services that need to be implemented – the infrastructure needs to exist to allow for smart contracts to fulfill the functions described by Szabo and Byrne.

Some sources have explained it is nearly impossible to remove all human interaction in commerce – therefore why bother with using a cryptoledger system?  Byrne argues that there will nonetheless be advantages beyond reducing transaction costs that lenders will be interested in – and only when cryptoledgers become more widespread in large organizations will smart contract technology become of practical use.  According to Byrne, this should not take long: “corporates and financial institutions have high overheads for personnel and equipment. They automate their operations when they can. The idea of replacing complex server architecture with a distributed blockchain – if indeed such a thing can be done – seems to me to be a rather simpler and more elegant solution for a bank to manage its balance sheet than legions of employees. A blockchain is basically the world’s most transparent and accurate accounting product. It’s only a matter of time before proprietary blockchains crop up internally at financial institutions, governments and businesses where it will start serving that function.  Consequently, the resources saved – currently used to pay salaries of financial services professionals – will be redeployed into lending operations and the economy at large.”

“In a similar fashion,” Byrne argues, “governments could do the same thing with their own finances and practically everyone would benefit. In the UK the public sector pay bill is £167.5 billion a year – 25% of state expenditures, 12% of GDP, and £3000 per year for every man, woman and child in the country.71 The UK could create a state-backed cryptocurrency – cryptosterling – tomorrow. Just write it, ensure only the Bank of England can mine it, issue everyone in the country with a private key, trade it for cash and deposits on a 1:1 basis over six months and replace national insurance numbers with a metal card containing the corresponding public key. Paying salaries and taxes, and claiming benefits, would be as simple as scanning a QR code and a bit of online monitoring; we could abolish the welfare bureaucracy overnight and save vast quantities of expenditure.”

“Such a currency would be superior to any other form of legal tender,” Byrne says: “imagine being able to see every transaction conducted globally in sterling in real time,  all while possessing the benefits of any other crypto, including security, transparency, speed, irreversibility, and low cost. It would also have the benefit of being able to be tinkered with as the state would control the majority, if not all, of the hashpower on the network and have knowledge of at least some of the private keys. This is useful, for example, to reverse proven fraud, rescind a contract or engage in quantitative easing – arguably things any state needs to be able to do in order to maintain civilisation.”

He adds, “I am aware there are those who will howl that this is not what Satoshi intended, and that this will result in a state which has absolute control over the money supply and the ability to interfere with personal finances mediated by the official blockchain. I agree. However, advanced states have this capability already – we are just paying hundreds of thousands of bureaucrats to exercise it.  Plus, nothing about a state-backed cryptocurrency prevents us from trading out and using some other cryptocurrency of our choice (e.g., dogecoin).  If cryptocurrency is to take off we need to start thinking in these terms.”

Byrne’s proposal of replacing sterling (GBP) with a sterling cryptocurrency which provides unforgeable transparency is already being experimented with in Iceland with the new Auroracoin initiative.72 The team behind the project ‘pre-mined’ (created) 10 million Auroracoins (AUC) and no more will ever be made. The creators of Auroracoin plan to give every citizen of Iceland 31.8 AUC on March 25 as a transparent mechanism to mitigate against a future banking crisis.   Similarly, the Mazacoin project is working with the Lakota Nation, a Native American tribe, to create an alternative cryptocurrency that can “give native American communities some fiscal autonomy.”73 While it is unclear what changes to the regulatory framework will occur in each jurisdiction or if market participants will adopt and utilize these tokens, this space will likely grow with other such experiments over the coming years.

Byrne also sees other developmental issues arising from breach of contract and thinks that one particular problem stands in the way of integrating cryptoledgers with repayment prioritization: what he calls ‘trusted 3rd party dogmatism.’  In his words, “There is currently very little dialogue between cryptocurrency advocates, mainstream financial institutions, and governments on cryptocurrency’s role in the economy – developers and libertarians are working furiously on one side of the rift and government, institutions and corporations cautiously observe from the other, and both size each other up – as if getting ready for a fight.”

“Given that cryptocurrency technology was ostensibly designed to wrest control of commerce from banks and the state,” Byrne adds, “this state of affairs should not be a surprise.  The result of this dichotomy, however, is that there is a disconnect between the banks who mediate transactions in the real economy and the cryptocurrency which seeks to supplant them.  This is counterproductive; the technology is open-source and can benefit everyone, including the banks.  But the gulf, until bridged, will act as a serious hindrance to development.  Take the idea of an asset-backed (secured) peer-to-peer loan as an example, where the borrower borrows in cryptocurrency and also collateralises the loan with cryptocurrency.  Talk to a cryptocurrency advocate, and he sees an opportunity to write a smart contract protocol that disintermediates a bank, avoids taxes and allows him to earn a little cash on the side beyond the reach of the revenue authorities. Talk to a bank at the moment, and they talk about money laundering, terrorist financing and regulation.  It doesn’t have to be like this.”

In his view, the solution is to reintroduce the trusted 3rd party (TTP) in a highly reduced but nonetheless essential custodial role. “Let’s return to that asset-backed peer-to-peer loan for a minute. For a bank to write that loan, it would normally negotiate an agreement on certain terms, take security over the assets concerned, and submit to a set of complex legal rules.  As Szabo noted:

‘Over many centuries of cultural evolution has emerged both the concept of contract and principles related to it, encoded into common law. Such evolved structures are often prohibitively costly to rederive. If we started from scratch, using reason and experience, it could take many centuries to redevelop sophisticated ideas like contract law and property rights that make the modern market work. But the digital revolution challenges us to develop new institutions in a much shorter period of time.’74

Continuing, Byrne notes that, “Szabo correctly points to the fact that the common law is a very complex body of rules.  He is also correct in that any smart contract we draft will benefit greatly by following its example.  Cryptocurrency will benefit more, however, from interaction with the law than attempting to replicate a parallel legal system of its own.  The primary, and one might say defining, characteristic of the English common law is that it was not, at least historically, made primarily through legislative fiat. Its evolution has been organic, with existing rules changing to new circumstances in the face of new and ongoing testing (litigation) – it is a form of transductive algorithm.  For example, the law relating to guarantees is notoriously complex because guarantors almost always have an economic interest in challenging the legitimacy of the instrument when the contract is called in, meaning that the rules are very specific and great caution must be exercised when drafting them.”

A transductive algorithm is inference from specific experiences and is a technique used in machine learning.75 Or in other words, being taught (or learning) about specific cases by which the knowledge can then be used for future cases in a similar domain.  And as Byrne suggests, it may take some time for the legal framework to organically form around cryptocurrencies, through a similar process.

Continuing, “Even in simple agreements, however, a hard rules-based approach – as an outsider to bank lending and law practice might perceive it – is far from the norm.  Law is ‘wet code’ not by mistake but by design.  Returning again to an asset-backed loan, let us suppose that this loan enters into default.  In the real world it is possible for one party to forbear from exercising its rights, or to seek a situation-specific solution which fits the facts on the ground.  Even if a loan is in default, it may not be in anyone’s interest to formally call it and enforce.  In my experience enforcement is an extreme solution; it is, however, the final remedy on which all faith in commercial contracts is based.  Coding smart contracts that make a role for TTPs who can be reasonably relied upon to act fairly, and have adequate resources or insurance so that if they breach their obligations they’re still worth suing, is a necessary step if cryptocurrency is to be adopted by the mainstream.  To do that, however, the cryptocurrency community needs to get over its ideological aversion to governments and banks and start selling to them.”

While his proposal will likely receive a mixed reaction, he sees this evolution in terms of the existing role of a 3rd party.  In his view, “taking the asset-backed loan as an example again, let us suppose there are multiple lenders.  Usually those lenders will enter into a contractual arrangement with an agent or trusted 3rd party, another bank or a professional trustee company, to hold and exercise their rights, at their direction and on their collective behalf.  This arrangement works because (1) the common law allows the lenders to contract with that TTP on certain terms and (2) the parties know where to find the TTP if it screws up.”

In Byrne’s view, once a trusted 3rd party is removed from simple transaction of the kind in the style proposed by Nick Szabo, such an agreement differs from a contract concluded in the normal way in that:

1) “the TTP and its associated costs are disintermediated and users become independent of existing institutions; however,

2) “the price of decentralisation is full cash collateralisation, making even the most basic lending contract unviable for ordinary commerce;

3) “the element of discretion to hold our rights in abeyance and adapt to changed circumstances is limited by the algorithm; and

4) “in all likelihood, the possibility of enforcement for losses which arise beyond the provisions made in the smart contract itself will be compromised, because

(a) by design, the technology doesn’t permit this course of action (as a party who would be liable for, e.g., consequential loss would almost certainly not hand over his private key in circumstances where his liability would increase); and

(b) even if one could present the contract to a court and trace all of the relevant assets, reintroducing a contract to the legal system when it was intentionally structured to exist outside of it does not tend to work out well for the party seeking to rely on its provisions.”

This is an issue that numerous reviewers of this manuscript asked: for digital contracts, how is the problem of real life enforcement solved?   After all, even if things are enforceable on the blockchain, a human still has to input the conditions for which contracts will be executed, and if anything happens in real life, it still has to be enforced by lawyers and the state.  However, there is no clear cut answer to this and each jurisdiction will likely react in different ways: from acceptance to outright banning.

Yet Byrne sees only one solution: invite 3rd parties back into the equation.

As Szabo said, “by extracting from our current laws, procedures, and theories those principles which remain applicable in cyberspace, we can retain much of this deep tradition, and greatly shorten the time needed to develop useful digital institutions.”76 To Byrne, this means that while “a technical understanding of jurisdiction specific legal principles is absolutely essential to smart contract design, trying to encode the sophistication of common law into an algorithm is impossible – see, for example, the Eurosail-UK 2007-3BL case, where ambiguity relating to the statutory consequences of a purely mechanical provision, which in all likelihood nobody expected would ever be invoked at the time the contract was entered into, had significant consequences for an entire industry. Reifying agreements in code and pushing for full decentralisation will create more commercial problems than it solves.”

Byrne thinks that the tradition can be easily retained and employed if it is applied, “the way in which this will be done is by ensuring smart contracts keep a foot in the real world.  We would still see a paper contract specifying what is reserved for the blockchain and what is not – automata are well suited to matters like collections, cash sweeps, swap payments and collateralisation, managing and blocking ‘accounts’ (query, if a blockchain is used, whether the need for accounts could be dispensed with as well), payment prioritisation, and even servicing issues such as title transfer on enforcement, as Nick Szabo has suggested (e.g., in the case of securities backed by a pool of automobile loans).”

“The role of an individual contract’s sole TTP,” he continues, “could be limited mainly to holding the private keys on trust and in confidence for the parties pursuant to the terms of their contractual agreement, leaving the rest to the machine, only intervening to exercise the critical discretion when things go horribly wrong – granting flexibility for complex situations involving insolvency, recovery of uncontemplated losses, and changes in the law such as reference currency re-denominations.  This human element which is held in reserve is also what would permit judicial control of the transaction.” However, Byrne added, “to move things forward on this front, computer programmers need to start talking to lawyers and bankers.  This is not to say that this would prevent anyone from using the technology outside of the legal system.  It is only to say that in order to mature, the technology will need to maintain some connection to the legal system and submit to its jurisdiction.”

While it is too early to tell how this intersection will play out in the United States, it will likely fill volumes of books over the coming decades.  In the meantime there are several cases currently being litigated that involve cryptocurrencies, including one concerning a Johns Hopkins doctor who sold prescription pain pills (oxydocone) through Silk Road – an anonymous marketplace that is largely known for its illicit drug trade.77 Similarly, Alydian was an ASIC mining company that went bankrupt and during the bankruptcy proceedings, the judge raised some questions that nearly all other jurisdictions will have to become familiar with: What is a token?  What is a cryptoledger?  Does it exist, and if so, where?  Can it be controlled or rescinded?  And so forth.78

And in Byrne’s view, there will likely emerge a balance that companies and institutions each come up with in terms of how integrated their operations will become with math, algorithms and cryptoprotocols – “a ‘balance of trustlessness,’ if you will. I think for most contracts of a large, capital-intensive nature (securitisations, corporate lending, corporate acquisitions, asset and property purchases) smart contracts will ensure they fall within legal jurisdiction in order (1) to better assess and mitigate commercial and counterparty risk and (2) to create a nexus with real-world assets which can be enforced against – the market will demand it.  The courts will develop an interpretive framework to compel people to turn over these assets.  If a trusted 3rd party knows the private keys, a central agent can control them and give effect to court orders.  The same is true for a government body using the technology, which in its hands should remain subject to both judicial and constitutional control.”

  1. They Never Said It: A Book of Fake Quotes, Misquotes, and Misleading Attributions by Paul Boller and John George []
  2. Wet code and dry by Nick Szabo []
  3. Arbitration Scorecard 2013 []
  4. Fulbright’s 9th Annual Litigation Trends Survey Report and Fulbright’s 9th Annual Litigation Trends Survey: Litigation Bounces Back; Regulation Hits High – U.S. Release []
  5. In June 2010, Paul Ceglia sued Mark Zuckerberg (creator of Facebook) claiming that a 2003 contract entitles him to an ownership of most of Facebook.  In March 2013 a judge recommended dismissal of the lawsuit as the contract was a “recently created fabrication.”  See Facebook Lawyer `Unsure’ Whether Founder Mark Zuckerberg Signed Contract from Bloomberg and Judge recommends dismissal of Paul Ceglia’s Facebook lawsuit from c|net []
  6. A type of securities exchange existed during the Roman Empire, societates publicanorum, which were organizations of contractors and leaseholders who performed services for the government. []
  7. The term smart contract is sometimes used as a bit of a misnomer, because it likely undersells the capabilities of a DAO.   An ‘active contract’ or ‘live contract’ explains that the contract itself is the mechanism that monitors and actively controls the prior agreement per the terms.  See also: WorkingWithContracts from bitcoinj []
  8. According to Mark Miller the first smart contracting system was AMIX, the American Information Exchange. []
  9. More concisely, smart contracts are about reducing default (e.g., counterparty risk).  The standard historical view has been that the state was necessary to enforce contracts (forward contracts as opposed to spot contracts).  However, Anthony de Jasay’s contends that Rousseau is misunderstood regarding the “public goods problem.”  The common view is that the optimal strategy is for both parties to default and that this somehow proved the existence of market-based contract failure.  Yet as de Jasay contends, the proponent of such a few employs a form of hedonic calculus in order to quantify the “incremental pleasure he expects to derive from having the state arrange the production of the correct amount of order and other public goods, instead of relying on a possibly quite inadequate patchwork of spontaneous arrangements, must outweigh the pain of coercion he thinks he will suffer at the state’s hands.”  See Inventing the State: The Social Contract by Anthony de Jasay []
  10. It has been called a platform, scaffold, foundation and a number of other nouns.  See Bitcoin: It’s the platform, not the currency, stupid! by Sander Duivestein and Patrick Savalle and Bitcoin 2.0 Explained: Colored Coins Vs Mastercoin Vs Open Transactions Vs Protoshares by Kyle Torpey []
  11. While smart contracts can technically self-execute, whether or not policy makers allows or recognizes them is another matter entirely. []
  12. Smart Contracts by Nick Szabo []
  13. This issue can involve entire papers and books in terms Subjective Theory of Value and preferences.  See Economics of Bitcoin: Is Bitcoin an Alternative to Fiat Currencies and Gold? by Peter Šurda and The Economics Of Bitcoin – Challenging Mises’ Regression Theorem by Michael Suede []
  14. Wet code and dry by Nick Szabo []
  15. See Bitcoin: A Peer-to-Peer Electronic Cash System by Satoshi Nakamoto.  Bitcoin also solves a long-standing mathematical thought experiment called the Byzantine General’s Problem which involves how independent parties (and strangers) can arrive at consensus as noted by Paul Bohm:

    The Byzantine Generals’ Problem roughly goes as follows: N Generals have their armies camped outside a city they want to invade. They know their numbers are strong enough that if at least 1/2 of them attack at the same time they’ll be victorious. But if they don’t coordinate the time of attack, they’ll be spread too thin and all die. They also suspect that some of the Generals might be disloyal and send fake messages. Since they can only communicate by messenger, they have no means to verify the authenticity of a message. How can such a large group reach consensus on the time of attack without trust or a central authority, especially when faced with adversaries intent on confusing them?

    Bitcoin’s solution is this: All of the Generals start working on a mathematical problem that statistically should take 10 minutes to solve if all of them worked on it. Once one of them finds the solution, she broadcasts that solution to all the other Generals. Everyone then proceeds to extending that solution – which again should take another ten minutes. Every General always starts working on extending the longest solution he’s seen. After a solution has been extended 12 times, every General can be certain that no attacker controlling less than half the computational resources could have created another chain of similar length. The existence of the 12-block chain is proof that a majority of them has participated in its creation. We call this a proof-of-work scheme.

    If that sounds confusing, don’t worry. What it means is just that consensus is reached, because computational resources are scarce. You vote with work. To rig the vote an attacker would need to control more computational power than the honest nodes. To ensure it’s more expensive for an attacker to purchase the computational power needed to attack the system, Bitcoin adds an incentive scheme. Users who contribute computational power get rewarded for their work. If the value of a Bitcoin rises and thus attacking the system becomes more profitable, it also becomes more profitable for honest users to add computational resources. At any given point, one would expect miners to invest as much resources into mining as is profitable for them. Bitcoin is a currency, because it needs incentives to protect the consensus process from attackers. This computational process (“mining”) is not wasteful at all, but an incredibly efficient way to make attacks economically unprofitable. Bitcoin never uses more computational resources than neccessary to protect the integrity of its interactions. []

  16. What Is Seigniorage? by David Kestenbaum []
  17. Core Development Update #5 by Gavin Andresen []
  18. An example is BTProof []
  19. See How do bitcoin transactions work? from CoinDesk and How the Bitcoin protocol actually works by Michael Nielsen []
  20. There is arguably actually a third key as well, a hash of the public key.  See Bitcoins the hard way: Using the raw Bitcoin protocol by Ken Shirriff []
  21. Cryptographers at GCHQ, the British intelligence agency had independently invented and used the public-private key Diffie-Hellman technique several years prior to 1976.  As a result of this and other mathematical schemas, the entire global financial industry, every diplomatic corps, cloud services and all e-commerce (to name a few) currently rely on cryptographic methods to securely transmit data. []
  22. Elliptic curve cryptography was first introduced by Victor Miller and Neal Koblitz in 1985.   While Diffie-Hellman can be used for public key encryption, not many people actually use it that way.  Also, Diffie-Hellman cannot do digital signatures which is what Bitcoin uses public key encryption for.  Furthermore, Bitcoin uses parameters set by secp256k1 (not the exploitable secp256r1).  See NSA Backdoors and Bitcoin by Chris Pacia, The Cryptography of Bitcoin by Edward Yang, An Overview of Elliptic Curve Cryptography by Julio López and Ricardo Dahab, ECDSA from StackExchange, Why can’t Diffie-Hellman be used for signing? from StackExchange and Cryptography and Contracts by Daniel Krawisz. []
  23. A Merkle tree is used to “store” the large transaction history (at the time of this writing, the blockchain is roughly 14 gigabytes and growing).  Technically transactions are not actually “stored” in a hash tree per se, but rather the proof-of-work that says a block is valid is based on hashing the Merkle tree input of all the transactions. []
  24. Bitcoin uses a modified version of Hashcash which was originally proposed in March 1997 by Adam Back; the actual cryptographic hash function is SHA256d.   It should also be noted that he recently voiced some vulnerability concerns regarding implementing a Turing-complete language with a cryptoledger, see Turing complete language vs non-Turing complete (Ethereum vs Bitcoin). []
  25. Or in short, mining as done today has very simple requirements: hard to produce results, yet easy to verify and relatively hard to hardware optimize.  This last aspect has changed with the advent of ASICs, yet due to competition there is an “arms race” between semiconductor designers.  See The Bitcoin-Mining Arms Race Heats Up from Bloomberg Businessweek []
  26. Washing virtual money from The Economist []
  27. There are actually four groups that ultimately provide “consensus”: miners, holders of tokens (anyone with a wallet), merchants and web-based services such as exchanges.  While miners are usually considered the most powerful (because without them, there would be no network, ledger or authentication) each of these other groups hold some sway.  Without exchanges, many participants would be unable to trade bitcoin for fiat or other alt tokens.  Without merchants, many participants would be unable to trade bitcoin for goods and services.  There is also room to distinguish a “hasher” and a “miner.”  In the long-term “hashers” may end up causing centralization of network resources into central pools that diminishes the ability for the network to stave off outward attacks.  Most “miners” today lack power to select or validate bitcoin transactions.  Modern miners simply sell a computing service (hashing) to the mining pools.  Decentralized pools like P2Pool would help alleviate some of that concern yet there are financial incentives for “hashers” to use larger pools that create imbalances that are discussed in Hashers are not miners, and Bitcoin network doesn’t need them.  See also Block chain entry and Selfish Mining: A 25% Attack Against the Bitcoin Network from Bitcoin Magazine.  The Ethereum project plans to use functional data structures and the trees are called “uncles.”  See Grokking Functional Data Structures by Debasish Ghosh []
  28. Operating a node is not the same thing as mining, running a full node ensures the integrity of the network.  Full nodes keep a copy of the entire blockchain.  Pool miners do not operate as nodes as they communicate with the pool owner which does operate as a full node.  See Bitter to Better — How to Make Bitcoin a Better Currency by Barber et. al. and What can an attacker with 51% of hash power do? from StackExchange []
  29. One of the best explanations of how hashing works can be found in: Bitcoin Mining Explained Like You’re Five: Part 2 – Mechanics by Chris Pacia []
  30. See Bitcoin Mining Explained Like You’re Five: Part 2 – Mechanics by Chris Pacia and The Marginal Cost of Cryptocurrency by Robert Sams []
  31. This effectively means that there could be billions of contracts, not just 21 million. []
  32. The pictures used on television news stories of a silver or golden ‘bitcoin’ are usually a Casascius coin.  The company that made them (Casascius) shutdown in 2013.  These were physical coins (or rather ‘containers’) plated in either silver or gold and a ‘private key’ to a bitcoin address was embedded on a card within it.  In a sense, this was a type of physical wallet that was intentionally made cosmetically similar to a traditional coin. []
  33. An air-gapped computer is one that is physically isolated from an insecure network.  This is done to protect trade secrets and prevent potential abuse such as hacking or espionage.  To prevent this kind of theft, there are off-site, cold-storage techniques involving using a paper-wallet to store bitcoins.  Blockchain.info created a guide that explains how to do that: Practical Paper Wallets.  In a different industry, in March 2012, Businessweek published a widely circulated report (China Corporate Espionage Boom Knocks Wind Out of U.S. Companies) about corporate espionage of a US wind turbine supplier (AMSC) conducted by its Chinese client, Sinovel. In short, while AMSC attempted to isolate its trade secrets and proprietary software code outside of China (using an ‘air gapped’ facility), Sinovel still managed to use social engineering (e.g., bribery) to lure one of AMSC’s key Austrian-based programmers to China.  An ‘air gapped’ facility in their case meant the proprietary code – “secret sauce” – was only accessible at a workstation that was not connected to the internet. Using the ‘defense in depth’ IT security strategy (e.g., multiple firewalls and secure zones nested within one another) AMSC purposefully built this facility with the sole intention of building a physically isolated silo that could not be easily compromised.  See also, FAA: Boeing’s New 787 May Be Vulnerable to Hacker Attack from Wired []

  34. I would like to thank Stephan Kinsella for articulating this particular thought experiment. []
  35. According to Black’s Law Dictionary entry for, “possession is nine-tenths of the law”:
    This adage is not to be taken as true to the full extent, so as to mean that the person in possession can only be ousted by one whose title is nine times better than his, but it places in a strong light the legal truth that every claimant must succeed by the strength of his own title, and not by the weakness of his antagonist’s. []
  36. Coinbase is technically not an exchange.  It is an online wallet that purchases tokens through other exchanges like BitStamp. []
  37. Approximately 26 million litecoin’s have been mined creating a market cap of about $500 million as of this writing.  In addition, some people forget their passwords or forget to back-up their digital wallet when discarding older computers which permanently makes those tokens unspendable.  See Missing: hard drive containing Bitcoins worth £4m in Newport landfill site from The Guardian []
  38. Depending on what kind of wallet or service you use, the time between sending and receiving a bitcoin could range from a few seconds to 10 minutes.  Each transaction and confirmation requires about 10 minutes to be processed by the network.  If you use a 0-confirmation method (e.g., Electrum), this time is cut down to seconds (although there is a security risk); see, How secure is zero confirmations? from StackExchange. []
  39. This Pizza Cost $750,000 from Motherboard []
  40. This asset tracking is not the same a referential datapoint such as the annual Big Mac Index compiled by The Economist []
  41. Grass Hill Alpacas was one of the first companies to sell its wares for bitcoin.  CoinDL is another long-standing company in the digital goods-for-bitcoin space.  Both of these were mentioned in an interesting interview between Pieter Wuille and Stefan Thomas several years ago. []
  42. Smart property implies that there is some issuer, and Bitcoin has no issuer. Bitcoin is a fiat medium-of-exchange by design, that aspect is not an organic evolution. []
  43. While there may be technical and social hurdles with their endeavor, it is a very unique spin of alts, see: Humint Hopes to Custom-Build Altcoins for Brands from CoinDesk []
  44. See Coingen and Razorcoin.  While some altcoins were originally intended to be part of some kind of “get rich quick” pump-and-dump scheme, this is not to say that they are forever useless or without utility.  Value is subjective and determined by individual market participants and their preferences.  As observers, we cannot know a priori what market participants will ultimately use the token ultimately for.  Obviously enormous inertia is behind Bitcoin but we do not know what risks and market conditions necessarily lay ahead decades from now and how those unknowns may impact the crypto ecosystem. []
  45. One reviewer of this manuscript suggested that there are even more similarities between the spontaneous, emergent order of Bitcoin and the vision of Visa as laid out by Dee Hock.  Hock described the success of Visa’s distributed payment processing network as “chaordic,” a blend of “chaos” (e.g., competition between member banks for merchants) and “order (cooperation between the banks in honoring the transactions across borders and currencies).  See Birth of the Chaordic Age from Dee Hock, The Trillion-Dollar Vision of Dee Hock from Fast Company, The Bitcoin Blasphemy by Joe Nocera and Hayek’s Liberalism and Its Origins by Christina Petsoulas []
  46. Creative destruction is an economic term originally coined by Karl Marx and later popularized by Joseph Schumpeter.  Its original usage has changed and is currently used to illustrate how market forces purge and reallocate capital towards other more productive uses.  See Creative Destruction by W. Michael Cox and Richard Alm []
  47. On BlackBerry 10’s 1st anniversary, BlackBerry’s U.S. market share hits 0% from BGR []
  48. For the technical specifications see the genesis block.  Note: Satoshi signed the block with the statement “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks” – which is based on a real article from The Times, Chancellor Alistair Darling on brink of second bailout for banks. []
  49. Blockchain address: http://blockchain.info/address/1EXoDusjGwvnjZUyKkxZ4UHEf77z6A5S4P []
  50. All mastercoins (MSC) were minted during a fundraiser for the month of August 2013 []
  51. Backed by $5 Million in Funding (4,700 BTC), Mastercoin Is Building a Flexible, New Layer of Money on Bitcoin from MarketWired []
  52. Since the genesis block people have included text, images and even files in the blockchain.  See Hidden surprises in the Bitcoin blockchain and how they are stored: Nelson Mandela, Wikileaks, photos, and Python software by Ken Shirriff. []
  53. Bitcoin Core Development Falling Behind, Warns BitcoinJ’s Mike Hearn from CoinDesk []
  54. Almost Half a Billion Worth of Bitcoins Vanish from The Wall Street Journal []
  55. The private provision of public goods via dominant assurance contracts by Alexander Tabarrok []
  56. Citizinvestor, ZenFunder, neighbor.ly []
  57. KinsellaLaw []
  58. One of the intentions of the smart contract system is to recreate the banking system.  Even if it worked, it could take many years to move beyond the current financial realm. []
  59. One common question people ask is how does fiat get into and out of a decentralized exchange (DEX)?  More than likely, at first there will be fiat pointers which are a non-redeemable token used to represent an asset marked for redemption.  For instance, with respect to mastercoins, reputation markets will develop as those who have to honor turning a mastercoin asset into fiat currency on demand.  Thus, in the long-term a DEX offsets the current centralization, yet the trust problem still exists on the edges; fiat will likely always need a 3rd party provider since it is provided by a 3rd party already.  In addition, one source explained that centralized exchanges will likely not disappear as users cannot connect to the Caribbean islands with a decentralized approach, or in their words, “Foreign exchange controls will prohibit the decentralized open nature and land people in hot water.  Centralized, regulated exchanges allow users to fly above the law.” []
  60. Argentina’s Economic Crisis: Causes and Cures from Joint Economic Committee, United States Congress []
  61. Simpson on Sunday: Argentinians summon up the ghost of Peron in hard times from The Telegraph []
  62. Argentina Unraveling from The New York Times and Accommodating an army of garbage pickers from CNN []
  63. Argentina to Nationalize Pension Funds from The Washington Post []
  64. BitPagos []
  65. Argentine Social Money Movement by Sergio Lub and Thomas Greco and Los clubes del trueque en la Argentina, una experiencia útil de secesión económica by Jorge Aldao []
  66. One likely problem may then be online theft instead – it is much easier for a hacker to get your virtual assets than fly over there and steal your physical notes. []
  67. Argentina to Replace Bogus Inflation Index to Mend IMF Ties from Bloomberg []
  68. Bitcoins in Argentina: A New Safe Haven? from The Argentina Independent []
  69. The Big Mac index from The Economist []
  70. For more on Title-transfer theory of contract see A Libertarian Theory of Contract: Title Transfer, Binding Promises and Inalienability by Stephan Kinsella []
  71. Public spending and pay by Crawford, Cribb and Sibieta, p. 165 []
  72. In One Month, Everyone In Iceland Will Own Cryptocurrency from Motherboard []
  73. Mazacoin Aims to be Sovereign Altcoin for Native Americans from CoinDesk []
  74. Formalizing and Securing Relationships on Public Networks by Nick Szabo []
  75. Learning by Transduction by Gammerman et. al. []
  76. Formalizing and Securing Relationships on Public Networks by Nick Szabo []
  77. Hopkins doctor suspended after charges in Silk Road case  from The Baltimore Sun []
  78. CoinLab’s Incubated Startup, Alydian, Files For Bankruptcy from TechCrunch []

2 thoughts on “Chapter 2: Smart Contracts

  1. Pingback: Breaking news: corporation finds productive use for altchain; world does not end | Preston Byrne

  2. Pingback: ConsenSys Media | Upacking the term ‘Smart Contract’

Leave a Reply

Your email address will not be published. Required fields are marked *