Want to invest in bitcoin but don’t want to trust the security of your coins to a third party? You need to set up your own personal bitcoin vault! Follow the steps in this guide to get started. If you … Continue reading
I am not a licensed tax professional or a lawyer; this is not tax or legal advice.
One year ago today, the Internal Revenue Service of the United States of America declared bitcoin to no longer be a currency. In one brief notice, the IRS all but killed bitcoin’s chances of going mainstream as a medium of exchange in the U.S., instead relegating it to more limited roles as a store of value and payment protocol like some strange hybrid of gold and SWIFT. Retroactively to the mining of the genesis block, all bitcoin users in the U.S. must update their taxes to reflect capital gains or losses on all conversions of bitcoin into other currency, goods, or services based on the USD exchange rate at the time bitcoins were received and the time they were spent (this applies to other cryptocurrencies as well). These burdensome reporting requirements could raise the frequency of tax audits in the bitcoin-using population due to the scrutiny that frequent bitcoin usage and detailed reporting may attract; after all, the more numbers there are on a tax return, the more numbers there are to dispute.
The market has been developing “solutions” in response to this new non-currency paradigm for bitcoin. Various accounting tools such as LibraTax and Tapeke have been developed which help bitcoin users keep track of their bitcoin finances, including tools for tracking capital gains and losses on bitcoin transactions in real time. There are also “hold dollars, spend bitcoin” services, such as the dollar-denominated wallets offered by Bitreserve and Coinbase, which give customers the ability to use bitcoin as a payment rail rather than a currency. By storing funds as USD and simply using bitcoin as a transfer mechanism, there are no gains or losses to report. The recipient receives all of the benefits of accepting bitcoin, such as fast settlement and no chargebacks, and the sender experiences most of the benefits as well, save for privacy if the wallet is hosted.
Even with these solutions available to bitcoin users, the fact remains that the IRS’s guidance has left the bitcoin token in a precarious legal state: while the IRS classifies bitcoin as property for tax purposes, FinCEN and state regulators are classifying bitcoin as a “virtual currency” and subjecting bitcoin businesses to the same – or more stringent – regulations as those applied to banks, money transmitters, and other money services businesses. This places bitcoin in the worst of both regulatory worlds, causing accounting burdens for users and regulatory compliance burdens for businesses. With ever increasing amounts of friction being added to the experience of using bitcoin in the U.S., it remains to be seen whether this country will remain a leader in bitcoin innovation or whether entrepreneurs and innovators will simply leave for more reasonable jurisdictions.
This article was originally published on December 24, 2014 by Bitcoin Magazine. They have since removed it from their website, so I am republishing it here.
Washington Post columnist Henry Farrell has just added himself to the Nakamoto Institute’s running list of skeptics making bold assertions about the certain demise of Bitcoin. In a post entitled “Bitcoin’s financial network is doomed,” Mr. Farrell demonstrates his short-sightedness in the face of Bitcoin’s subtlety and allure, perhaps as a cunning-though-not-so-original means of acquiring cheap coins for himself. Regardless of his motivations, I couldn’t resist a full rebuttal, if only to reassure the weak hands among us that no, Bitcoin is still not doomed, and yes, Mr. Farrell is in for a rude awakening if he really believes the poor arguments he makes in his Post article. Without further adieu, a rebuttal to Mr. Henry Farrell, Bitcoin Skeptic:
“There is a reason why you have to “comply with hundreds of pages of regulations” to use the Visa network that goes beyond Visa’s selfish corporate interests. That reason is government.”
No, the reason you have to comply with hundreds of pages of regulations is that those networks are run by centralized entities that reside in a particular legal jurisdiction and are therefore vulnerable to attacks by the government and other powerful adversaries. The centralization of the networks precedes their vulnerability. Without this vulnerability, government regulation is as effective and enforceable as a law against breathing. See: Bitcoin.
“Governments regulate payment networks very heavily, for a wide variety of reasons, which include making sure that people don’t use these networks to support activities that governments don’t like. They use financial intermediaries as ‘points of control’ that allow them to control who does business with whom.”
Quoting Obama administration official David Cohen,
“Carefully designed and customized to maximize pressure, [economic sanctions] have impeded Iran’s ability to acquire material for its nuclear program, isolated it from the international financial system, drastically slashed its oil exports, and deprived it of access to a sizeable portion of its oil revenues and foreign reserves.”
This sounds like a great argument for Iranians to convert their oil into electricity to mine bitcoins, which can then be sold locally, exported to be sold abroad, or sent anywhere in the world to buy whatever they need directly for bitcoin.
Continuing the quote from David Cohen,
“Not surprisingly, the impact on Iran’s economy has been dramatic: its budget deficit and inflation have spiked, the value of its currency has sharply declined, foreign investment has all but dried up, and overall economic activity has stagnated.”
Collectively punishing an entire population of millions of innocent, peaceful people for the actions of political leaders that are forced on them doesn’t sound like something to brag about. But like Madeline Albricht before him, I’m sure Mr. Cohen would say that the Iranian people’s suffering is “worth it.”
Continuing the quote,
“Put simply, financial institutions everywhere need dollars to serve their customers, and thus require access to U.S. banks through correspondent accounts to settle their customers’ transactions.”
They need dollars, until they don’t. And with many fiat currencies growing weaker by the day, people may elect to do an end-run around their rulers and choose a politically-neutral option like bitcoin instead of trusting their government not to mess up the next attempt at fiat currency.
“Now, imagine the likely response of the U.S. (and the E.U., and, for that matter, China) to a payment network which is designed from the ground up to be decentralized, so that it is impossible for any specific intermediaries to really control payment flows from one actor to another.”
I imagine it looks something like the nation-state equivalent of a young child throwing a tantrum because their parent didn’t buy them a particular toy at the store. Baseless threats. Pounding fists. Bargaining. And, finally, acquiescence.
“Such a network would be impossible for states to control.”
“While Bitcoin allows consumers to buy illegal drugs on Tor Hidden Services sites like Agora and Evolution, they don’t do so on a sufficiently large scale to really cause enormous alarm.”
‘They’re just subverting a decades-old policy of prohibition out in the open, no big deal.’ Keep downplaying bitcoin’s revolutionary effects, Mr. Farrell, it just makes the rest of your arguments look even more absurd. In reality, politicians probably learned after the first “enormous alarm” that they raised about this capability that they should just shut up and let law enforcement do their job rather than draw too much attention to the fact that people can easily go online and buy “any drug imaginable” using bitcoin.
“But if Bitcoin were ever to threaten to become a truly decentralized payments network, owned by no one, and with no one e.g. capable of implementing Know Your Customer rules…”
In case you didn’t notice, Bitcoin already is a “truly decentralized payments network, owned by no one…”
“If Tim Lee and other Bitcoin fans want to make the case that Bitcoin can become a major payment network, they need to do one of two things.”
Bitcoiners don’t need to “make the case.” Bitcoin is.
“First, they could show that the U.S. and other major states would not feel threatened by a well-established payment system that they couldn’t control.”
Telling such a story would be lying. The good news: the sooner they assimilate, the less painful it will be.
“Second, they could show that a Bitcoin financial network would survive the opposition of hostile states that have enormous control over the actually-existing financial systems that Bitcoin needs to connect to, as well as regulators, police, etc.”
As former Executive Director of the Bitcoin Foundation Jon Matonis pointed out in Forbes almost two years ago, a ban on bitcoin would “fail miserably.” The only remaining option to curb adoption would be to attack the network itself (as opposed to the endpoints that a ban would target). Given the time and resources required for such an attack, bitcoin adoption could spread to the point that a concerted attack on the network would be too expensive before such an attack would even be feasible. As suggested earlier in this post, it’s not unimaginable that marginalized States (like Iran) would contribute resources to secure and utilize the Bitcoin network. I have already heard rumors that a government in China is converting locally produced coal into electricity to mine bitcoins because it’s not worth exporting the coal itself. Assimilation may be occurring sooner than expected.
Even if a State were to marshal the resources necessary to launch a credible attack against the Bitcoin network, developers could change the code within hours to render an attack impotent, and a game of whack-a-mole would ensue which would likely be a) politically unpopular since, presumably, a lot of people actually want to use bitcoin b) financially draining, since new specialized computers would need to be manufactured for each attack, consuming huge amounts of electricity in the process and c) pointless in the long run, since there are hundreds of alternative cryptocurrencies people could choose to use instead of bitcoin if things got really ugly – good luck trying to attack them all!
“Bitcoin is doomed as a payments network — the very point at which it looks as though it is likely to be widely deployed is the point at which governments, like that of the United States, will crack down on it.”
Even if this were true, it would not render false any of the above arguments in favor of Bitcoin’s survival. Bitcoin can – and would – survive a direct attack.
“US understands the value of its influence over the global financial system, and is demonstrably willing to upset business in order to pursue its strategic aims.”
Yes, and like a bull in a china shop, destroying all that is good in the process – except Bitcoin.
“Moreover, much of this power comes from the fact that any individual payment system, if it is to be effective, needs to be interoperable with other payment systems which, by and large, rest on transactions in US dollars.”
Bitcoin already coexists with fiat payment networks via payment processors such as BitPay, but if hyperbitcoinization were to occur, that wouldn’t even be necessary anymore. Bitcoin would not need to interoperate with other payment systems because it would be THE payment system. And it would not “rest on transactions in US dollars” any more than the auto industry rests on the supply of horse feed. Given sufficient liquidity post-hyperbitcoinization, a bitcoin wallet and an Internet connection is about all that will be needed to conduct commerce of any magnitude with anyone in the world.
“The sorry recent history of financial flows to and from another stateless financial system, Somalia, provide some evidence of how difficult life can get for financial networks that have been targeted by the US state.”
The history provides evidence of how difficult life can get for centralized financial networks! As pointed out at the very beginning of this piece, this is a vulnerability that Bitcoin explicitly by design does not share. For this reason, Bitcoin will survive where others have failed. With this in mind, cue the dramatic music and bring on the doom!
by John Light
BTC address: 12sJXtV8aQ8orQFhmaqe5KRsKoC7tsRuoT
This post was originally published on my LinkedIn account here.
With Microsoft recently joining the ever-growing list of companies that accept bitcoin payments for goods and services, the fledgling global currency and payment network is once again in the headlines and on the minds of people everywhere who are curious about this increasingly popular digital phenomenon. While Microsoft and thousands of other merchants that accept bitcoin have opted to convert at least some of the bitcoin they receive into local currency using a merchant payment processor, that is increasingly going to be the exception and not the rule as bitcoin gains usage and acceptance worldwide.
Earlier this year, the CEO of online retailer Overstock revealed that the company keeps 10% of the bitcoins it receives rather than converting them to local currency. Also revealed were plans to offer financial incentives to Overstock partners that choose to accept bitcoin, including better rates and faster settlement for vendors and larger bonuses for employees. As acceptance grows worldwide and the supply chain loop begins to close around the bitcoin economy, there will be less and less reasons to convert bitcoin into local currency. With this in mind, if you still need convincing as to why you should at least consider accepting bitcoin at your business or using bitcoin to pay for things you buy online or in-store, here are ten reasons why bitcoin is better than previous payment technologies:
- Bitcoins are impossible to counterfeit. The supply of bitcoins is limited not by the corruptible laws of man, but by the incorruptible laws of mathematics.
- Bitcoin gives you more freedom. As a peer-to-peer payment network, bitcoin lets you send money to anyone, anywhere, at any time, with the possibility for more privacy than is offered by a bank account, credit card, or traditional remittance service.
- Bitcoin is fast. Payment confirmations using bitcoin take on average just ten minutes compared to the hours, days, or even weeks that payment confirmations can take using traditional money transfer services. Bitcoin payment processors often offer merchants instant confirmation, so there’s no need for customers to wait in the checkout line – it’s just tap and go.
- Bitcoin payments are irreversible. The more confirmations a payment receives on the network, the more certain it becomes that the funds are “good,” thereby eliminating chargeback fraud for recipients. Services such as programmable escrow and insurance can be layered on top of bitcoin to provide senders protection in cases of a dispute.
- Bitcoins can be secured inexpensively. Using a combination of encryption, cold storage, and multisignature addresses, bitcoins can be secured for a small fraction of the cost of storing and transporting paper currency or precious metals in vaults and armored cars.
- Bitcoin units are scalable. Despite the limited supply of bitcoins in existence, their digital nature means they can be divided into an infinite number of smaller denominations. Right now, people are spending “whole bitcoins” for large purchases and “bits” for smaller ones, but those units could get smaller as market liquidity increases to service the global economy.
- Bitcoin is always open for business. Unlike banks, which are notorious for holding inconvenient hours, bitcoin, and the global network of online exchanges that trade the digital currency for local currency, is “open” all day, every day.
- Bitcoin has low fees. There is no fee to receive bitcoins, and senders only have to pay on average .0001 bitcoin, or about $0.035 USD as of this writing, to send a payment. There are no annual fees, no overdraft fees, and no dormant account fees – owning bitcoin is the same as having cash in hand.
- Bitcoin makes money more accessible. With bitcoin, there is no need to wait in long lines to send and receive money. Instead, all that is needed is a mobile phone to send and receive bitcoin anywhere in the world where there is a cellular or Internet connection.
- Bitcoin is apolitical. Because bitcoin is decentralized, it cannot be abused by governments or corporations to stifle political debate or discriminate against legal businesses, nor can it be arbitrarily debased to fund empires, wars, or the extravagant lifestyles of the political elite.
As a payment system, bitcoin is admittedly far from perfect, but it is still demonstrably better than the legacy value transfer and storage methods in use today. The Bitcoin software continues to be updated as improvements are made to the underlying code, and more developers are joining the open source effort every day.
For better or worse, money is an integral part of our lives which gives us the ability to communicate value to others, and in an increasingly globalized world it is becoming increasingly important that our money and payment systems be global as well. What bitcoin offers is an opportunity to have a global currency and payment network without the delicate diplomacy that would be necessary to impose one through the top-down political process, instead achieving worldwide adoption through bottom-up consensus among people about how to best communicate value. Bitcoin is truly democratic, a currency of the people, for the people, and by the people. Bitcoin is better.
I was recently invited to speak that the Coins in the Kingdom conference in Orlando, FL on the topic of “Basic Bitcoin Security.” Here is a link to the slides I used for the presentation:
I’ll post a video of the presentation here once it is uploaded to the internet.
[EDIT: video added below]
This article was originally posted on the Let’s Talk Bitcoin blog.
In a March 2012 article written for the MIT Technology Review, Jessica Leber shared an anecdote from leaked State Department cables describing the shock of Afghani policemen when they received their first paycheck via the mobile phone payment system M-Paisa. The amount they received was around 30% more than they were receiving previously, prompting them to believe they’d received a raise. After some investigation, it was discovered that they hadn’t received a raise, but rather that their superiors had been skimming that “extra” 30% off the top and were now unable to do so with payments going directly to their subordinate’s phones. So deep was the corruption that after paychecks went digital some superiors even took to confiscating their subordinate’s phones in an attempt to cash the M-Paisa credits themselves.
The lesson here, aside from the importance of using encryption on one’s mobile devices, is that digital currencies offer unique ways to combat corruption that aren’t possible with traditional payment systems. Bitcoin compounds this effect by decentralizing control and adding features such as programmatic smart contracts, wallet backups, and file encryption to create a resilient, censorship-resistant payment network. And one more thing: the whole transaction history is completely public.
When I first learned about the radical transparency of the Bitcoin block chain, the history of all transactions which have ever been confirmed by the Bitcoin network, I was simultaneously attracted and repelled by it. My approach was cautious – here was a payment and monetary system which has full accountability for the honesty of every account balance mathematically hard-coded into the software, but with full accountability came full traceability of every satoshi back to the coinbase transaction from which it originated. It seemed a devil’s bargain: you can monitor the network, but the network can also monitor you.
Despite this fact, the pseudonymous nature of every Bitcoin address and the advent of “mixers” which bundle Bitcoin transactions together to conceal the sender and intended recipient from block chain investigators has led technologically-savvy privacy advocates to promote Bitcoin as a way to protect personal information when paying for goods and services.
While Bitcoin does have the ability to provide privacy, speed, and security for the financial transactions of private citizens and organizations, there are also opportunities for using the public ledger technology that Bitcoin pioneered to provide transparency and accountability for public figures and institutions.
Using an open public ledger system like Bitcoin, the entire funds flow from banks and public treasuries to government agencies and their contractors can be tracked to provide accountability for every unit of value received and spent. Government agencies and public officials could be associated with a specific payment address so that auditors and citizen watchdog groups can monitor the accounts for suspicious activity.
The huge amounts of waste, fraud, and “lost” money that recently occurred during the Iraq and Afghanistan occupations could have been prevented if public ledger technology had been used to provide full accountability for the funds. Government employees and citizens who are routinely victimized by corrupt officials could protect wages and savings from theft by using encrypted wallets and multisignature accounts.
Hyperinflation, capital controls, bank account “haircuts,” wage skimming by superiors, civil forfeiture, and other forms of kleptocratic government corruption and overreach are all made completely irrelevant by Bitcoin, which turns over control of the currency supply to a mathematical algorithm and control of the currency accounts to the individuals controlling the private keys that allow funds to be spent.
In the future, public institutions of all kinds, whether governments, NGOs, or even for-profit corporations, could see their accounting become fully transparent as stakeholders demand the use of public ledger technology to provide more accountability. Corrupt officials may find it more difficult to extract money from subordinates and citizens as more people use cryptocurrency to transfer funds peer-to-peer and store funds behind layers of encryption.
The technological breakthrough that cryptocurrency represents is likely to be a welcome arrow in the quiver of justice advocates around the world who desperately need such tools to combat serious cases of theft, fraud, and abuse. The good news is that the tools are available today – it’s now up to the people of the world to choose how, and if, they want to use them.
Disclosure: I received a copy of this book for free for review purposes. I’ve done my best to keep my review as objective as possible; it’s worth noting that I am an outspoken proponent of privacy, especially as it relates to one’s finances, and so the topic of this book especially appeals to my sensibilities. Therefore my bias here is towards financial privacy, not necessarily this book. All that having been said, it was a very good book. A more thorough review follows:
Midway through 2011, after nearly three years of research into the causes behind the global financial crisis of 2008, I found Bitcoin. Or it could be said that Bitcoin found me. I don’t remember where I first heard of Bitcoin, but I do remember that it kept returning to my radar until I could no longer brush it off: I had to dig deep into this new technology to find out what all of the excitement was about. I applied the same rigorous analysis to Bitcoin that I had applied to the financial crisis, and after dozens of hours of reading deep into the history of the cypherpunk movement, learning the technical details of cryptography from a layman’s perspective, and comparing Bitcoin to my knowledge of existing alternative currencies such as LETS systems and precious metals, I came to the conclusion that Bitcoin was special. Indeed, Bitcoin is beyond special – it is quite possibly the most important invention of the 21st century. The latter realization came later, but from early on I understood that Bitcoin was unlike anything that came before.
There was one feature of Bitcoin which I found both genius and troubling at the same time: the whole system is completely transparent. From the lowest level of the source code to the highest level of the transaction history, Bitcoin is completely open to the world for thorough inspection. From the perspective of someone skeptical of proprietary software and centralized systems, this excited me. From the perspective of a privacy advocate, this disturbed me. The saving grace which sold me on the system is that, if one is careful enough, Bitcoin addresses and their related transaction histories may never be tied to one’s identity, enabling the preservation of financial privacy. That saving grace, the ability to keep a Bitcoin address severed from a given identity, would be a topic of great interest to me, and I spent a lot of time learning about ways to prevent others from tracking the spending habits of any given Bitcoin address.
The good news is that newcomers to cryptocurrency no longer have to endure the many dozens of hours of research early adopters such as myself went through in order to feel comfortable with the technology. Many great researchers and authors have spent innumerable hours distilling the history, technical details, and best practices into easy to digest and understand articles, blog posts, and books. With Anonymous Bitcoin, independent computer security researcher Kristov Atlas has written the definitive book on Bitcoin privacy and anonymity. Starting from the (somewhat) hypothetical worst-case scenario that a local organized crime syndicate is out to steal your bitcoins, Anonymous Bitcoin shows how users of public ledger technology can keep their financial history private from investigators (“investigator” is the neutral term used in the book to describe someone who may want to scrutinize one’s activity on the public ledger). In the book, Mr. Atlas analyzes the current state of Bitcoin privacy (dismal) and describes the direction in which blockchain-based privacy technology is headed (promising). From clearing up misconceptions about anonymity to emphasizing the importance of internet hygiene, this book is a quick yet thorough how-to guide that leads the reader from transparency to anonymity with easy-to-follow instructions including pictures and helpful tips along the way.
One of my biggest takeaways from the book is that privacy technology as it relates to public ledger systems is a nascent but growing field. The explosion of interest in Bitcoin in the past year has brought hordes of new users into the fold, growing the available academic, financial, and developer resources substantially and leading to the research, funding, and development of promising privacy technologies such as Zerocoin, CoinJoin, Dark Wallet, stealth addresses, and more. Given the widespread support for such financial privacy technology, I look forward to the day when most of the content in this book is no longer necessary for privacy-conscious Bitcoin users to know. To be sure, Mr. Atlas has provided an excellent overview of privacy on the net, and the portions of the book pertaining to operational security, the separation of contextual identities, and maintenance of anonymity online in general will likely be relevant for years to come. But the day is rapidly approaching when the transaction history of a public ledger system won’t be as transparent as it is today. And it’s the excellent work of researchers such as Mr. Atlas that is helping to move the needle on this issue in the direction of more privacy and easier anonymity.
Financial privacy is an important issue for everyone who has something to hide: the employee who doesn’t want his co-workers to know how much he makes; the daughter who doesn’t want her parents to know she bought a pregnancy test; the executive who doesn’t want to reveal her company’s financial history to competitors; the blogger who wants to support a free speech organization without becoming a political target; the medical cannabis patient in California who doesn’t want to be arrested by the Feds for buying medicine from a legal dispensary; the issue of financial privacy touches many people in one way or another, and people shouldn’t have to forgo their privacy in order to participate in a promising new technology like cryptocurrency. For anyone who is interested in maintaining their financial privacy with Bitcoin, Anonymous Bitcoin is an excellent place to start; in fact, it may be the only resource on the subject you’ll ever need.
This was originally published on the Let’s Talk Bitcoin blog.
One topic I am often asked about by clients is investing in Bitcoin. Not just bitcoins the currency, but Bitcoin, the network and technology ecosystem. The conversation usually starts like, “I have X amount of money to invest in Bitcoin, how should I invest it?” After giving the disclaimer that I am not a licensed financial advisor and this is strictly my personal opinion, this is what I tell them:
Diversify your assets.
It is tried and true investment advice, and this is no different in the Bitcoin ecosystem. Putting all your eggs in one basket can be risky, for if something goes wrong with that basket, you stand to lose everything you’ve worked so hard for. While each investor’s risk tolerance is different, this advice is practical and proven for investors of all types of risk tolerance, from the conservative to the daredevil. If you have an investment portfolio which constitutes 100% of your personal investment income, I would consider a conservative investment in Bitcoin (or cryptocurrency more broadly) as being between 1-5% of this portfolio, a moderate risk tolerance being between 5-10%, and more aggressive being 10%+.
What I recommend to my clients is, first, after doing basic research into the fundamentals of the Bitcoin technology, invest in the bitcoin currency itself. Buy a small amount of bitcoins locally or from an exchange, spend some at a merchant you trust, send some to friends and family, practice storing some securely offline and bringing it back online, really get a feel for what you’re investing in so you can understand for yourself why this technology is gaining popularity and confidence in smart circles. If you come away believing in the long term viability of cryptocurrency as a technology and an asset class, put between a third and half of what you were planning on investing in Bitcoin into the currency itself.
After gaining some experience using the technology, explore the startup ecosystem. In the past few years, many innovative companies* have sprung up to serve the burgeoning cryptocurrency markets. There may even be one based near you, giving you an opportunity to meet the founding team and understand what motivates them to take what seems like a big risk on a new technology. After getting to know the space, begin your due diligence on the most promising companies. You can choose your investments based on your own criteria, whether its a service you personally want to exist, a service you see the market clamoring for, or something truly innovative that you can imagine being used for many purposes in the future. You might even just like the founders, and want to support them for personal and financial reasons. Maybe you even have a startup idea of your own that you want to invest time and money into. Whatever your criteria, another third to half of your allocated investment capital should be put into Bitcoin startups. That way, even if the price of bitcoin drops or Bitcoin itself fails, the company is still likely to survive, either because their business model isn’t wholly dependent on the price of Bitcoin or because they can adapt and adopt the next best cryptocurrency technology. Just keep in mind that startup investments are illiquid, long-term, and very risky commitments, and therefore aren’t appropriate for everyone.
This leaves some investment capital left over. When I ask my clients what they would invest the remainder in, the first choice is usually Bitcoin mining hardware. It seems like a sure bet; after all, it’s practically like owning a money-printing press, right? Well, not quite. When the Bitcoin network was first started, mining was very easy. Any computer with a CPU chip could do it, and early miners earned most of the coins that have ever been produced. As the bitcoin currency gained a monetary exchange value, there was more of an incentive to mine and innovate, which led to GPU mining and, more recently, ASIC mining. While GPUs are more commonplace (they power the graphics that computers produce on your screen), ASICs are not – this acronym stands for “application specific integrated circuit,” which is a technical way of saying that these chips are designed for one purpose and one purpose only: efficiently performing the computations necessary for Bitcoin mining (they can also be used for mining altcoins that use the same SHA-256 hashing algorithm). While mining has become more specialized, it’s also become increasingly competitive.
Whether or not mining is profitable can depend on a variety of factors, including the cost and reliability of the mining equipment, the accuracy of the manufacturer’s production schedule, the price of bitcoins, the mining difficulty, the cost of electricity where the equipment will be located while it is mining, and the time it takes for you to maintain these systems. If you have a reliable source of mining equipment and cheap electricity, it could be worth the investment. If not, you’re probably better off investing elsewhere. Some companies enable customers to offload a lot of these concerns to hosted mining operations that manage the equipment and maintenance costs (for a fee of course). The services of these companies often cost many times more than the cost of buying the hardware itself, making an already uncertain investment even more uncertain. I’ve had clients who profited from an innovative business model which allows you to trade mining capacity in real time similar to any other commodity exchange, but this is not quite the same as profiting from the mining itself and was likely due to sheer luck more than anything else. The short answer for mining: caveat emptor.
A final category that I would be remiss for leaving out is alternative cryptocurrencies, better known as “altcoins.” I’ve mentioned them a few times already, but they’re worth going into a bit more detail here. Altcoins are cryptocurrencies that people have created for fun, profit, or experimental/ academic reasons (often these motivations overlap). Many are “forks” or modified copies of the Bitcoin code, with several core parameters changed, such as the amount of coins that will ever be produced, the production schedule, difficulty retargeting, and/or the proof-of-work function. Others are more innovative, coding their own system from scratch, creating decentralized autonomous organizations, or even building application protocol layers directly on top of Bitcoin itself. Whatever the differences, these altcoins have been gaining increasing amounts of attention as people learn about Bitcoin and then discover that there’s a whole other ecosystem of over 100 altcoins. It’s worth investing at least 5-10% of what you’re allocating to cryptocurrencies in your investment portfolio into altcoins directly. No particular coin, use your best judgement with an altcoin as you would for any investment. Look at the community, the development team, traction in the market, features etc. Or maybe have a broad strategy where you put a little bit into everything, some a little more than others. Either way, many investors have made incredible gains in the altcoin market so it’s worth exploring.
As with all investments, cryptocurrency investing is risky. Because this sector is so new, it can be even riskier than others. Disruption can occur at a moments notice, and technological advancements mean things are constantly changing, at a seemingly faster pace than ever. But with great risk comes great potential reward, so if you’re excited about change, ready to shake up the status quo, and looking to capitalize on innovative new technology, cryptocurrency just might be the right investment for you.
Shameless plug, this is my Bitcoin startup. Learn more about us in this episode of Let’s Talk Bitcoin.
This was originally posted on the Money and Tech blog on Thursday, February 27, 2014.
This week, the headlines of tech, business, and mainstream news organizations have been filled with rumors, doom, and gloom regarding the failure of one of the most well-known bitcoin exchanges, Mt. Gox. This follows a long history of instability at the exchange, which was once the largest by volume but has within the past year dropped to the single digits as a percentage of global bitcoin exchange volume. Mt. Gox recently halted withdrawals from their exchange on February 7, 2014, attributing a problem with their web wallet implementation to a long-known quirk in Bitcoin called “transaction malleability.” Then, after deleting all of their tweets over the weekend, on Monday February 24, 2014, the Mt. Gox website began returning a blank screen. After an uproar in the Bitcoin community and media, MtGox.com currently shows this message from CEO Mark Karpeles:
Dear MtGox Customers,
As there is a lot of speculation regarding MtGox and its future, I would like to use this opportunity to reassure everyone that I am still in Japan, and working very hard with the support of different parties to find a solution to our recent issues.
Furthermore I would like to kindly ask that people refrain from asking questions to our staff: they have been instructed not to give any response or information. Please visit this page for further announcements and updates.
There has indeed been much speculation as to what has actually gone wrong with Mt. Gox, and this post is not meant to add to this speculation, but rather to clarify the situation for readers and provide advice for how to prevent or avoid such incidents.
As mentioned above, Mt. Gox has a long history of inconsistent service stemming from outside attacks as well as internal failures due to being “a victim of [their] own success.” It is almost an annual event for them to crash catastrophically, taking the price of bitcoin down with them. For those who have been paying attention these last few years, this latest failure is not a surprise. For the many newcomers to Bitcoin since the boom of 2013 who failed to do any due diligence whatsoever, it comes as a complete shock. There are also long-time bitcoiners who have had money stuck in Gox, and others who simply trusted them to continue operating and acting as a responsible custodian of their coins. Here are my suggestions for readers who are wondering how to avoid a similar situation in the future:
- Do your due diligence before giving money to strangers. What is the reputation of these strangers? Have they been known to shut down their service sporadically, or experience theft from criminals public and private? Are there better options out there? These are important questions to ask and answer before depositing money at a cryptocurrency exchange.
- Keep as little of your money stored on exchanges as possible, for as short a period of time as possible. If you must keep money on an exchange (for instance, if you are actively trading and waiting for orders to fill), use two-factor authentication (2FA) to secure your account. Note that 2FA will not protect you from “inside jobs” or a technical failure on the part of the exchange service.
- If your exchange needs aren’t urgent, try using local exchange methods instead. Attend a cryptocurrency meetup to trade with enthusiasts in your area, or use a service like localbitcoins.com to meet traders at a local library or coffee shop.
- For storage of your coins, use an encrypted wallet service that gives you control of the private keys that allow your coins to be spent. Blockchain.info offers a great mix of security and convenience, as does the Mycelium mobile wallet. Regardless of what service you use, make sure YOU control the private keys and ALWAYS use 2FA or a secondary PIN for access and withdraws. For longer-term storage needs, I recommend using an offline encrypted Bitcoin Armory wallet.
- Self-regulatory associations in the Bitcoin ecosystem such as DATA (edit: and C4) are developing security and transparency best-practices that existing and would-be Bitcoin businesses should adopt to mitigate abuse and fraud. In the mean time, exchanges can hire a security auditor or offer bug bounties to white-hat hackers.
For those who have been directly affected by the issues at Mt. Gox, my best hope is that all wrongs are righted and everyone is made whole again, and soon. If you are feeling depressed due to loss and need someone to talk to, please email me. I never had any money at Gox but still know the feeling of deep loss and will gladly provide comfort during this difficult time. For more recommendations on securing your cryptocurrency assets, check out my blog post entitled “Securing Your Bitcoins.”
Throughout my time researching and participating in the cryptocurrency economy, I have seen a lot of hacks and a lot of fraud. Though the old saying “a fool and his money are easily parted” could apply here, I’d like to think that it is not completely the fault of end users. It is also about the tools that are available, and how easy it is for people to use them. Though cryptocurrency is a new technology, there are a growing number of options for you to secure your bitcoins.
Offline “Cold Storage” Wallets
The gold standard in cryptocurrency security, cold storage is the process of keeping private keys offline to make them unreachable to hackers via the internet (private keys allow cryptocurrency to be spent). The solution for this that I recommend to clients is the Bitcoin Armory Wallet – to me, nothing else comes close in terms of features, usability, and support from the development team. They have an excellent step-by-step guide on their website to help you set up the wallet and transfer your investment safely offline. You will need two computers for this, one which is kept permanently disconnected from the internet to keep the private keys safe, and one to keep online for broadcasting signed transactions to the network. The offline machine can be a cheap netbook or Raspberry Pi setup (hint: going the Raspberry Pi route will take some patience and/or technical skills). After creating encrypted wallet backups on multiple forms of media (CD, USB drive, and paper), add full disk encryption to the offline computer. I recommend full disk encryption for your online computer as well.
For the cryptocurrency that you want to keep readily accessible, it’s important to have the wallet encrypted to prevent unauthorized spending. Reputable client-side Bitcoin wallets such as Bitcoin QT, Electrum, KryptoKit, and blockchain.info all have the option to encrypt the wallet, and this option should be exercised if you want to protect your wallet from wallet-stealing viruses and physical intruders. Blockchain.info is unique in that it is both a client-side wallet and a web wallet; the encryption is performed locally on your computer, but the encrypted wallet file is stored in the cloud for convenient access. While you can’t easily protect encrypted desktop clients from keyloggers yet, it is possible to protect an encrypted blockchain.info wallet by using Two Factor Authentication which requires not only a password to decrypt the wallet, but also another one-time code which is sent via email, SMS, or an app like Google Authenticator. I can’t emphasize this enough: use Two Factor Authentication on every account possible. Not just Bitcoin accounts, but email, social networks, and banking too. Short of encrypting everything client side, there is almost nothing else more you can do to protect your personal and financial data than to secure your accounts with Two Factor Authentication.
Aside from blockchain.info, I am not aware of any Android mobile wallets that offer encryption. However, all of the ones I have used do let you set a PIN to prevent unauthorized spending. The difference between encryption and a PIN is that if there’s just a PIN, an attacker could pull the raw unencrypted wallet.dat file off your phone and steal the funds. The best you can do is to use full disk encryption if your phone offers it, and only keep small amounts of cryptocurrency on your phone – no more value than you keep in your physical wallet. Make a backup of your wallet, encrypt it using an app like Crypt4all, and store the backup somewhere safe. Then, if you lose your phone, you have a chance that someone who finds it won’t be able to access the wallet before the phone dies and you have a backup to restore the wallet and move the funds to a new wallet.
A relatively recent security innovation is the invention of open source hardware wallets. These USB wallets store your private keys in a secure offline environment. Raw transaction messages are sent to the wallet for signing, then the signed transaction is returned to the computer for broadcasting. As public key cryptography becomes more prevalent in every day life, expect to see professionally produced open hardware wallet devices proliferate in the marketplace.
Though the concept has been around since the early days of Bitcoin, wallets supporting multisignature transactions (multisig, for short) have yet to be widely used. Multisig is a way of providing Two Factor Authentication via the Bitcoin protocol itself; rather than simply requiring one signature from a wallet to spend a Bitcoin transaction, multisig transactions require multiple signatures from different private keys.
An oft-cited example is that of the simple escrow transaction between a merchant, a customer, and an arbitrator. The customer initiates a multisig transaction with the merchant and adds an arbitrator who steps in in cases of a dispute. Instead of having to trust the arbitrator with actually holding the bitcoins in escrow, a multisig transaction makes it so that the arbitrator can only add their signature to the transaction to determine whether the coins are sent to the merchant or back to the customer. This is just one possible use-case of multisig. The other is having two multisig wallets, one on the desktop or in the cloud and one on a smartphone. The user would require two signatures in order to spend bitcoins from them, one from the desktop or web wallet and one from the smartphone. This way even if the desktop is hacked, the attacker would need access to the smartphone in order to take full control of the wallet. This isn’t perfect, but is much better than the current situation.
Multisig wallets are not just great for casual users and investors, they’re great for businesses as well. In addition to the previously mentioned escrow scenario, multisig wallets would help protect businesses that store large amounts of bitcoins from having their inventory stolen by hackers. Businesses could use multisig wallets to protect funds both internally as well as in customer accounts. Exchanges and gateways could use multisig voting pools to boost customer confidence and protect against unauthorized withdrawals.
Some Last Minute Advice
Make copies of the backup codes for all of your Two Factor Authentication accounts. Write down your encryption passwords and store them with your wallet and 2FA backups in a safe place – a private vault or home safe will do. It’s also possible to split up your passwords using a cryptographic sharing technique which allows you to share pieces of your password with trusted parties, to be recombined later in case something happens to you. Bitcoin Armory supports this capability natively with the Fragmented Backups feature.
When you first decide to start downloading and using cryptocurrency software, make sure your machine is malware-free, and use up-to-date anti-virus software to prevent future infections. Don’t click on random links from strangers, or friends for that matter (they could be hacked!), and avoid the seedier parts of the internet. Use browser plug-ins like No Script to prevent malicious scripts from executing just in case you accidentally open an infected website, and HTTPS Everywhere to make sure you’re logging into sites securely whenever possible. No Script will temporarily break most of the websites you try to visit; just add an exception for scripts that you trust.
And please, use Two Factor Authentication on your accounts.
- Store the private keys for your long-term savings wallet offline.
- Encrypt your wallet files and machines whenever possible.
- Set a PIN on your mobile wallets.
- Install good antivirus software and keep it up-to-date
- Don’t click on random links from strangers or friends.
- Install No Script and HTTPS Everywhere browser plugins.
- Use Two Factor Authentication whenever possible.