This post will begin with a brief history of Bitcoin, progress to a summary of my views on Bitcoin as money, and conclude with my views on the blockchain as an enabling protocol.

This history does not aim to be a comprehensive chronology of Bitcoin. Rather, it is my intention to create something of a thematic overview of Bitcoin, covering its origins, some milestones in its development, its price history in U.S. dollars, and some details of the major controversies that have dogged it.

Origins

On August 18, 2008, someone registered the domain name bitcoin.org through Anonymous Speech, an anonymous domain registrar. This was soon followed by an interesting white paper written by the enigmatic Satoshi Nakamoto,1 which set out the basic concept for the Bitcoin payment protocol. This was soon followed in November 2009 by the registration of a Bitcoin project on SourceForge, a software source code repository and collaboration site. On January 9, 2009, Satoshi Nakamoto released version 0.1 of the Bitcoin software and mined the so-called “Genesis block”, which included the famous line, The Times 03/Jan/2009 Chancellor on brink of second bailout for banks.

Milestone Transactions

The first Bitcoin transaction occurred on January 12, 2009, when Satoshi Nakamoto sent ten bitcoins to Hal Finney, a cryptographic activist and software developer. The first known Bitcoin transaction for a physical good was made on May 22, 2010, when Laszlo Hanyecz bought—indirectly2—a pizza for 10,000 bitcoins.3

Bitcoin derivatives began to appear in 2010, with a call option contract sold on December 9, 2010 and a put option contract sold on April 12, 2011.

It should be noted that most transactions for goods or services involving bitcoins continue to rely upon the services of middlemen—often Coinbase or BitPay—that accept bitcoins and convert them into national currencies to pay the providers of goods or services. This reflects the fact that few providers are willing to hold bitcoins due to their price volatility relative to national currencies.4

Prices

The first exchange rate between Bitcoin and the U.S. dollar was published by the New Liberty Standard on October 5, 2009, at $0.000764 per bitcoin. On February 6, 2010, the first Bitcoin exchange, the Bitcoin Market, was established, allowing owners of bitcoins to trade their bitcoins for national currencies. After being mentioned on Slashdot, a newsite for science and technology, interest in bitcoins surged and the exchange rate for bitcoins increased tenfold to $0.080 per bitcoin. Since that time, the price of bitcoins has risen quite dramatically (albeit with significant fluctuations along the way). For an understanding of how rapidly bitcoin prices has appreciated, we can draw on price data from CoinDesk: from approximately $0.0858 per bitcoin on July 18, 2010, the price of bitcoins rose to an all time high of $1124.7631 per bitcoin on November 30, 2013. The price did, of course, collapse thereafter, falling to $239.63 per bitcoin on May 10, 2015.

Exploits, Forks, and Hacks

Bitcoin has been surprisingly free from significant vulnerabilities. Indeed, the only known major exploit of a flaw in the Bitcoin protocol occurred on August 15, 2010, when someone exploited a weakness in the code used to check transactions to create 184 billion bitcoins and send them to two addresses. This flaw was subsequently patched, and the Bitcoin blockchain updated to eliminate the transaction.

On March 12, 2013, the blockchain split in two and for six hours there were effectively two Bitcoin blockchains, with separate versions of the transaction history for bitcoins. This split was occasioned by a software upgrade to version 0.8 of the Bitcoin software, which introduced a change from the BerkeleyDB database to the more efficient LevelDB database (to reduce blockchain synchronization time). Because of a difference in the way the two databases handled locks on the database while updating the data, machines running older versions of the software rejected a block of transactions, while machines running the newer version 0.8 did not, resulting in two separate blockchains. This was ultimately resolved by downgrading to the older version to maximize backward compatibility.5

While the actual Bitcoin software has been relatively free from significant exploits to date, the same cannot be said of the Bitcoin exchanges, brokers, and other platforms used to transact in bitcoins. A full list of all the hacks is beyond the scope of this brief history. I will simply note some of the more memorable ones (ordered by amount of bitcoins affected):

  • MyBitcoin, a Bitcoin payment processor, was hacked in July 2011 and 150,000 bitcoins stolen.
  • Linode, a web hosting provider, was hacked in March 2012 and 46,000 bitcoins stolen.
  • Bitfloor, the fourth largest Bitcoin exchange was hacked on September 3, 2012 and 24,000 bitcoins (the majority of its available bitcoins) stolen.
  • Bitcoinica, a Bitcoin exchange, was hacked on May 11, 2012 and 18,000 bitcoins stolen.

Controversies

Bitcoin has been mired in its fair share of controversies since its inception in 2009. Most notably, it was the payment protocol of choice at the Silk Road, an illicit marketplace for drugs and other illegal goods on the Deep Web. The “anonymity”6 provided by the Bitcoin protocol has made it a potentially useful payment protocol for parties engaging in illicit activities, include transactions in narcotics, weapons, and the financing of terrorism.

There have also been a number of highly publicized failures of Bitcoin exchanges, including the bankruptcy of the Mt. Gox Bitcoin exchange (which at its height handled some 70% of all Bitcoin transactions) in February 2014. In addition, certain persons involved in Bitcoin related companies have been charged with money laundering and other crimes, notably Charlie Shrem, who was a founding member of the Bitcoin Foundation and a co-founder of BitInstant, a now defunct Bitcoin exchange.

More Information

For more information, you may wish to refer to the excellent History of Bitcoin, which remains the most comprehensive source of information about the history of Bitcoin.

First, let us look at the economic definition of “money”: an item that is generally accepted as payment for goods and services and repayments of debts. It performs three functions: a store of value, a medium of exchange, and a unit of account. Currency, which is sometimes used to describe Bitcoin, is defined as a generally accepted form of money which is issued by a government and circulated within an economy.

There remains a fair amount of disagreement over whether Bitcoin is money or merely an asset. Notably, a December 2013 NBER working paper by David Yermack at NYU Stern took the view that Bitcoin is not, in its present form, currency. This view was echoed by Stephanie Lo and J. Christina Wang in a policy paper written for the Federal Reserve Bank of Boston in 2014.

The tax authorities of the United States, Australia, Singapore, and Norway have likewise taken the view that Bitcoin is an asset and is taxable as such. This view has been taken by various monetary authorities, including those of Hong Kong and Finland. This view treats Bitcoin transactions for goods and services as a form of barter. Despite the claims that Germany and the United Kingdom have recognized Bitcoin as “private money”, it does not have the implication of government recognition of Bitcoin as money that some of its supporters have implied, since this classification relates primarily to the tax treatment accorded to Bitcoin.

In light of all of this, how do I view Bitcoin’s potential as money?

My view of Bitcoin’s potential as money has not changed much since I first started following news about Bitcoin, back at the beginning of 2014. It is an interesting proof of concept and a very fascinating decentralized peer-to-peer payment protocol. In its present form it is not, in my opinion, viable as money, for the following reasons related to its performance on the three functions of money as defined by economists.

Price volatility reduces its ability to act as a stable store of value

We can see from Bitcoin’s historical price chart that it has experienced substantial price volatility. Moreover, by running a simple statistical analysis on the CoinDesk historical prices dataset, we can obtain a clearer understanding of the annualized daily volatility of price of bitcoins in U.S. dollars, as shown in Table 1.

By contrast, the annualized daily price volatility of the GBP–USD and EUR–USD in 2014 were 3.5% and 3.4% respectively. In 2014, the annualized daily price volatility of Bitcoin was 74.7%.

The significant volatility of Bitcoin prices compared with established national currencies (and equities and commodities for that matter) renders Bitcoin a poor store of value. One of the principal uses of money is to time-shift consumption, i.e. a person receives money today for work done in the past (or to be done in the future), spends some of it immediately and saves some of it to spend later. For this to work, money must retain its value across time, subject to inflation, i.e. it should exhibit relatively low price volatility. This is a function that Bitcoin in its present form performs poorly; the value of a Bitcoin (in national currencies) and thus its purchasing power may fluctuate substantially from day to day. To understand why this is the case, recall that most merchants obtain their inventory and pay their employees in some national currency. When they price their goods or services in Bitcoin, they will by necessity have to consider what price in bitcoins will be equivalent to the price they would charge in their national currency, and thus the amount that one Bitcoin will purchase will fluctuate from day to day. Moreoever, most merchants that accept bitcoins have chosen to minimize the risk of holding bitcoins by exchanging the bitcoins they receive for national currencies at the point of sale or on a very frequent basis.

Furthermore, as noted by David Yermack in his working paper for the NBER, there appears to be little correlation between the fluctuations in Bitcoin’s price and macroeconomic events, which makes it very difficult to use traditional risk management tools to hedge the risks of holding bitcoins.

Difficulties with utilizing Bitcoin as a unit of account

In order to function as a unit of account, money must have a consistent value that allows one to compare the prices of goods. As an example, one would be correct in assuming that a book that costs $10 is twice as expensive as a book that costs $5. Moreover, the value of money ought to be consistent over time, such that when a customer visits a cafe for a coffee, the price stays the same from day-to-day. In the case of Bitcoin, due to the aforementioned price volatility, this is not the case. Merchants accepting bitcoins will necessarily have to recalculate their prices frequently, with the result that one cannot know in advance what one Bitcoin will buy.

The second difficulty lies in the relatively high cost of a bitcoin compared to the typical goods and services demanded by consumers on a day-to-day basis. This requires items with prices denominated in bitcoins to be quoted in more than two decimal places, e.g. 0.0010BTC (approximately $0.24 at the exchange rate on May 10, 2015). While there are some national currencies that have unusually high denominations, including without limitation the Indonesian rupiah, the Japanese yen, and the Korean won, it is often easier for people to deal with large denominations by simply cutting off the extra zeros than it is for people to deal with decimal places. For example, a cup of coffee in Japan may cost around 400¥, which amounts to approximately $3.35 as at the exchange rate on May 10, 2015. Consumers have generally taken the approach of ignoring the two zeroes at the end of the figure, which is admittedly much easier than trying to infer the approximate value of 0.0010BTC or compare it with another value like 0.0340BTC.

Limited acceptance of Bitcoin as a medium of exchange

For Bitcoin to serve as a medium of exchange it must be broadly accepted by merchants of goods and services and by individual consumers. Thus far, it remains to be seen whether Bitcoin will ever achieve the level of broad acceptance currently enjoyed by national currencies. At least as of 2014, while hard statistical data is hard to come by, anecdotal evidence suggests that it remains the case that a significant fraction of Bitcoin transactions involve speculation rather than transactions for goods and services.7

Even the most optimistic supporters of Bitcoin ought to acknowledge that the number of bona fide Bitcoin transactions for goods and services are at best a rounding error compared to the number of transactions for goods and services done in various national currencies, and that the majority of merchants that do accept bitcoins do not hold bitcoins for long, preferring to convert it into more readily accepted national currencies for their own transactions. This speaks volumes about the ability of Bitcoin, in its present form, to serve as a medium of exchange.

Security of Bitcoin wallets

Bitcoins are held in digital wallets, which have proven quite vulnerable to theft by determined cyber-criminals. The first known theft of bitcoins from a digital wallet occurred on June 13, 2011. This was followed by other notable thefts from digital wallets.8 Moreover, digital wallets have also proven vulnerable to data corruption, as was the case with Bitomat, then the third largest Bitcoin exchange, which lost its wallet (and 17,000 bitcoins) when its virtual machine on Amazon Web Services Elastic Cloud Computing was deleted on July 26, 2011.9

Indeed, the process of properly securing one’s Bitcoin wallet is rather more than most ordinary computer users will be likely to be able to follow. I do expect, though, that new startups will emerge that will improve this process, so I do not view this as a serious long-term problem. I am more concerned about the long-term ability of defenders to protect Bitcoin wallets from determined attackers.

In general, my view is that until securing Bitcoin wallets is intuitive and relatively painless for ordinary users, Bitcoin will remain an esoteric technology used mostly by technologically savvy users.

No incentive to continue validating transactions

Verification of Bitcoin transactions on the decentralized blockchain depends upon miners to verify transactions. Thus far, miners are incentivized to verify Bitcoin transactions because they have the ability to earn an amount of bitcoins for being the first miner to successfully solve a computational puzzle derived from recent Bitcoin transactions and add the solved block to the blockchain. The reward for successfully solving the puzzle and adding a block to the blockchain is designed to halve every 210,000 blocks, or approximately once every four years. Currently, the reward is 25 bitcoins.

At some point, the amount of bitcoins earned from solving and adding a block to the blockchain will likely fall below the level where it is sufficient to incentivize miners to continue verifying transactions, which could be a major threat to the viability of Bitcoin as a payment protocol. It should also be noted that the difficulty level of the problems that must be solved to add a block to the blockchain is also designed to increase progressively to match the computational power being deployed by miners, which has the effect of increasing the cost of earning bitcoins to miners.

While Bitcoin miners can also be incentivized through transaction fees, as described briefly in the original white paper by Satoshi Nakamoto, it will be necessary to determine a fee schedule that is sufficient to incentivize enough miners to continue to verify transactions even when the amount of bitcoins distributed to miners for successfully solving the block is below their breakeven value. This transition to transaction fees may well be several years or even a decade in the future, but it is a pressing problem that needs to be addressed when considering Bitcoin’s long-term potential.

This is one area that could do with more rigorous academic and quantitative research: what level of transaction fees would be sufficient to incentivize people to expend computational resources to verify transactions once the incentive of new bitcoins is no longer present, which is estimated at current rates of bitcoin mining to occur around 2140. Alternatively, one might consider whether an update to the Bitcoin core software might increase the 21 million bitcoin limit to continue to incentivize miners to verify transactions.

An entity gains persistent controls of the majority of the computing power of the network

As can be seen from analysis of the blockchain, the blockchain is vulnerable to attack if an attacker controls 51% or more of the total computing power in the network. This attack is, in general, limited to tampering with transactions occurring after the attack gains that majority control, for example double spending and preventing transaction confirmations.

In 2014, a group of miners, GHash.io, did temporarily gain control of 55% of the total conputing power in the network. This has led to some questions about what could happen if any group gains persistent control of the majority of the computing power of the network. While a direct attack on the integrity of the Bitcoin system—in the form of a double spending attack or preventing transaction confirmations—is unlikely, there are other ways in which allowing any entity to gain majority control of the network undermines Bitcoin as a payment protocol or currency. These include, without limitation:

  • A deterioration of the decentralized nature of Bitcoin, as from that point onwards one must trust that the controller of the majority of the network’s computing power will not engage in any dishonest or self-serving behavior.
  • Price discrimination in the transaction fees charged to different classes of customers.
  • Discouraging participation by other “miners” as the likelihood of them being able to profitably earn bitcoins as a reward for validating transactions or from transaction fees is greatly reduced by the presence of a majority controller.

While Bitcoin may not displace national currencies any time in the future, it is the blockchain protocol that underlies Bitcoin that is fascinating to me as an enabling protocol for future applications, similar to how our modern internet is built upon TCP/IP. It can be seen as the fundamental building block for a new generation of applications that require information to be stored in a—largely10—unchangeable database that is not controlled by any single entity.

My interest in the blockchain as a building block for future applications is by no means unique; a good number of VCs and entrepreneurs have expressed similar views, including:

To understand why I think the blockchain is interesting as an enabling protocol, it is necessary to first identify with some precision what the blockchain means.11 Second, we need to construct an understanding of what applications might arise—directly or indirectly—from the use of the blockchain. Finally, we need to understand some of the current applications that have been built with Bitcoin and the blockchain.

The blockchain is the beating heart of Bitcoin. It is the tamper-proof “ledger” that records each and every transaction that any given Bitcoin in circulation has been involved in since it was created. That’s all very well, but how does it actually work in practice?

First, let us begin with a simplified “thought experiment” that shows how a digital currency might work, and that shows why Bitcoin is called a “cryptocurrency”. Assume that two people, Clara and Rose, want to transfer a digital “coin” in exchange for something of value, say, a pair of gorgeous Louboutin shoes. This digital coin is essentially a series of digital bits that represents a unique signature that says that this coin is currently owned by Clara. To signify ownership of the coin, Clara will use a form of public-key cryptography to sign the coin.12 Rose can verify that the signature was created by Clara’s private key by using Clara’s corresponding public key.13 (By way of background, the “coin” is simply a chain of digital signatures signifying ownership, no more, and no less, and each “coin” is unique because the chain of signatures will be unique. This is essentially how Bitcoin works: each bitcoin is a chain of unique digital signatures from the persons that have owned the bitcoin.)

So, Rose can see that Clara owns the coin, but there is one problem that she will still face. She has no way, at this stage, of verifying that Clara has not already transferred ownership of this coin to someone else, say, Amelia, for a new Apple MacBook. There are two ways that Rose can verify that Clara has not already spent the coin:

  • Check with a trusted authority that has knowledge of transactions made with the coin
  • Check with a decentralized, tamper-proof public ledger of transactions that has knowledge of transactions made with the coin

The trusted authority is one fairly elegant solution, provided that the authority is trustworthy and not prone to corruption. Human nature being what it is, this is not necessarily always true. The other solution, a decentralized tamper-proof public ledger of transactions, is the blockchain, the ingeneous idea that makes Bitcoin possible.

We will now look at how the blockchain works, using once again our trio of characters, Clara, Rose, and Amelia, and the Louboutin shoes. When we left our trio, Rose and Amelia knew that Clara currently owns the coin, but they have no way of determining whether Clara has already used the coin for a transaction with the other person or a third party.

Instead of having one trusted third party authority, e.g. a central bank or intermediary like PayPal, the blockchain relies upon each participant—typically a miner with significant computational and storage resources—having a complete record of all Bitcoin transactions to date, and each participant being connected to each other in a network.14 We will call each complete record of all the transactions in our thought experiment a “blockchain”. So, before accepting Clara’s coin, Rose will check her copy of the blockchain (or, in practice, a trusted server with a complete copy of the blockchain) to determine whether Clara has already spent that coin and no longer owns it. If it shows that Clara owns the coin and has not spent it, then Rose broadcasts the fact that Clara has offered to transfer the coin to her, and her acceptance of the coin to the entire network. All the participants in the network then update their copy of the blockchain to reflect the change in ownership. Rose now owns the coin.

But wait a moment! There’s one potential problem that might occur here. What if Clara sends the offer to transfer her coin to both Rose and Amelia at the same time, and both of them check the blockchain at approximately the same time? If both Rose and Amelia accept the coin and broadcast their acceptance to the network at the same time or within a very short period of one another, who gets the coin? How do the distributed participants decide which of the two conflicting transactions is the valid one?

Bitcoin solves the conflicting transactions problem by having Rose and Amelia broadcast the possible transaction with Clara to the entire network. This way, if Clara tries to use the same coin to pay both Rose and Amelia, other participants will notice and the network will warn them of the attempted double spending. Problem solved. But wait! Are we missing something? Let’s take a step back and think this through. What if Clara creates a whole army of fake identities on the network, and has those fake identities flood the network with confirmations of her transactions, so that both transactions are deemed valid but in actuality only one person—Rose or Amelia—actually gets the coin?

That’s where Bitcoin gets clever again. (See why I said that Satoshi Nakamoto must be either a polymath and genius or a team of extremely talented individuals?) Transactions are validated not merely by a number of network participants saying that they validate the transaction, but rather are validated by a computationally costly process known as a “proof of work”, or in other words, by solving a mathematical puzzle. This means that Clara, our unfortunate would-be fraudster, cannot simply put together an army of fake identities to enable her to double spend her coin. Instead, to double spend she needs to put together a lot of computational power to validate her fraudulent transactions. (This, of course, presupposes that there are a lot of honest participants in the network, such that the total computational power in the network is large relative to the computational power of any individual that might wish to validate fraudulent transactions.)

Let’s look at this “proof of work” concept in greater detail:

  1. A number of pending transactions (transactions that have not yet been validated by the network) are assembled into a queue.
  2. A network participant, let’s call him Rory, takes the queue of pending transactions, adds it to a timestamp, and then adds the hash of the last known valid block, and validates the queue by solving a hard mathematical puzzle. The network will only accept a validation if it is accompanied by the solution to that puzzle. (We’ll get to the point of why Rory is willing to spend his computational resources on validating the transactions later.)
  3. When Rory successfully finds the solution, he broadcasts this solution to the rest of the network. The other participants can verify that his solution is indeed the correct solution to the puzzle, and if that is the case, they update their blockchains to include the newly validated transactions.

The mathematical puzzle is computed by finding a nonce, x, that when hashed using a hash function,15 together with the queue of pending transactions, y, a timestamp, z, and the hash generated from the previous block, H(b - 1), produces a value equal to or less than a specified target, t. If this sounds like gibberish to you, don’t worry. It will all become clear momentarily. We can think of it as simply an equation in the form of h(x + y + z + H(b - 1)) = t, with t being a constant and x being the variable to be solved for. The target t is dynamically adjusted so that it takes on average ten minutes for a block on the blockchain to be validated.

Now, to keep track of the chronology of transactions, each block, Hb, contains a “pointer” to the previous block, in the form of a hash of the previous block, H(b - 1). This is the “chain” in the blockchain. When a miner successfully validates the block by finding the value of x, it broadcasts this solution and the resulting hash of that block to the network, which can then update their blockchains with this new block. The process then repeats itself with a new queue of transactions.

Now, given the decentralized nature of the blockchain, it is possible that from time to time the chain might “fork”, when two—or more—miners separately validate blocks of transactions simultaneously (or close to simultaneously) and broadcast their newly-validated blocks to the network. For the sake of simplicity, let’s consider a situation where two miners simultaneously solve two different blocks of transactions, which we will call Alpha and Beta. Due to network latency, some participants may update their blockchain with Alpha, while other participants update theirs with Beta. It is now no longer clear in what order transactions have occurred, and we seem to hit another stumbling block to decentralization. How do you decide which of the two versions of the blockchain is valid?

Fortunately, the blockchain has a solution to that. If a fork occurs, participants keep track of both forks but work to extend whichever fork is longest in their copy of the blockchain. Assume, here, that the blockchain with Alpha is extended first. Now, the participants working on the blockchain with Beta will cease working on Beta and switch to Alpha, and thus the fork will be eliminated. To address the potential risk of a fork, under the Bitcoin system a transaction is not treated as confirmed until it is part of a block in the longest fork, and, by convention, either at least two or at least five blocks follow it in the longest fork (i.e. three confirmations or six confirmations in total).

The transactions recorded in the blockchain are rendered effectively tamper proof thanks to one interesting property of the hash function used to generate each block: the output of a hash function is highly sensitive to changes in the input data, and the slightest change to the input changes the output hash unpredictably. Hence, if you change a transaction earlier in the blockchain, you would change the hash of each subsequent block, and thus you would need to redo the proof of work done to validate each subsequent block until the current block. Hence, to make a permanent change to a transaction that occurred in the past, you would need to make that change, redo all the proof of work done for every subsequent block that includes that transaction, and then beat the rest of the network to extend the blockchain. This is computationally intensive, indeed, some might say (assuming a sufficiently large amount of computing power held by honest participants), computationally all but impossible.

To incentivize network participants to expend resources (computational power and electricity) to validate transactions, the Bitcoin system rewards participants that validate transactions by awarding them a fixed number of bitcoins. This is critical; people are unlikely to expend resources without any reward, so either the system must intrinsically provide a reward (bitcoins) or the parties to the transaction must pay other participants to validate their transaction by offering a transaction fee. The reward of bitcoins to the participant (in Bitcoin parlance, a miner) that successfully validates a block first is of vital importance for two reasons. First, it is necessary as a threshold condition to get anyone to expend valuable computational resources and electricity to validate transactions that they are not themselves involved in. Second, it is a means of gathering sufficient computing power among “honest” participants (by paying them for the use of their computational resources to validate transactions) such that the odds of any individual fraudulent participant (assuming such participant is not sitting on outsized ) being able to subvert the blockchain (for example by double-spending) is negligible.

So, to summarize, the blockchain is:

  • Distributed because each participant has its own copy of the blockchain; there is no central authority that manages the blockchain.
  • Transparent because each transaction is logged on the blockchain and is visible to any participant that cares to look it up. For example, one can see all the transactions associated with a given block, #358037, by looking up the data on blockchain.info or by querying the raw data in the blockchain.
  • Chronologically ordered and tamper-proof through the use of cryptographic hash functions and the use of a pointer containing a hash of the previous block, which makes tampering with past transactions computationally expensive.
  • Robust because participants can enter and leave the network without affecting the blockchain, and because participants do not need to know each other in order to trust each other. Instead, they use the proof of work done to validate blocks and can verify the solution using mathematical, cryptographic rules.

(Incidentally, this reliance on cryptographic hash functions and public-key cryptography is one of the reasons why Bitcoin and its derivatives are called “cryptocurrencies”.)

What can you build with the blockchain?

Now that we understand what the blockchain is and how it works, the next question is: what can you build with the blockchain? Now, the use cases that I am mentioning here are by no means exhaustive: they happen to be based on a survey of current thinking about the blockchain, as well as some of my own thoughts on the matter. I suspect that many more unknown unknown uses exist and will emerge from entrepreneurs and inventors working to find solutions to current problems in diverse industries.

The first and most obvious use of the blockchain (and Bitcoin) is as a decentralized transmission protocol for sending digital property securely and irreversibly to another party.16 In its most basic form, it allows two parties to transfer money over the internet without the need for a trusted third party and the associated transaction fees often charged by such trusted third parties.17 This has significant implications for businesses engaged in, without limitation, global remittances, where, according to the World Bank transaction fees can amount to an average of 7.72% (Q1 2015) and remittances may take anywhere between two to five days to “clear” and be available to the recipient. The vastly lower transaction fees (presently 0.0001BTC per transaction) and significantly reduced time to confirm the transaction (approximately one hour assuming one waits for six confirmations) involved in transferring funds using Bitcoin may provide its first “use case”. We can easily imagine this being extended to other forms of transfers, for example micropayments where the small size of the payment—less than $1.00—would make it impracticable to use conventional bank transfer systems which often have a fixed minimum cost to make a transfer.

Moreover, we can imagine using the blockchain (and Bitcoin) to represent ownership and to transfer other assets such as listed and unlisted stocks, bonds, derivatives, demand deposits, movable and immovable physical property, or even more esoteric items like membership reward points, prepaid cellular talk time, access keys for safety deposit boxes, hotel rooms, cars, et cetera. This can be done by the use of something called Colored Coins or the Open Assets Protocol. This is not the place to go into the full details of the Colored Coin approach, especially since that appears to still be a work in progress, but it suffices to note that in principle it will likely encode a certain amount of data into an optional function OP_RETURN in the Bitcoin transaction that can store a modest 40 bytes of data and thus serve as a pointer to another distributed record storage system—most likely using torrent technology—that will comprehensively identify the asset. The fractional bitcoin and the blockchain is used for its ability to assure the integrity of the data and to harness the computational power within the Bitcoin network for security.

The second use of the blockchain (and Bitcoin) is for its tamper-proof recordkeeping function. We can consider this to be a distributed, public and verifiable record that replaces centralized records held by—and subject to tampering by—so-called trusted authorities. One possible use case would be for registration of land or other tangible property ownership. One fairly bold endeavor, if true, would be a pilot program in Honduras to use the blockchain to record land ownership. Another would be for making tamper proof records of transactions or data for companies and institutions, by recording a hash based on the transaction or data into the Bitcoin blockchain or an alternate blockchain. We could, for example, imagine an accounting ledger that records transactions in such a way as to preclude tampering with the accounts, making it more difficult to commit various forms of accounting fraud. Another possible use might be to record sales and purchases made by a company, again limiting the ability of fraudulent parties to later amend the records to disguise their activities, since changing the input data on which the hash is based would unpredictably change the output hash. We can also imagine this being used by medical practitioners and hospitals to record medical data and treatment records for patients in such a way, again, as to provide for easy auditing and tamper proofing.

The third use of the blockchain (and Bitcoin) is in the arena of distributed storage. Current cloud storage solutions such as Amazon S3, Dropbox, Google Drive and Box all rely on centralized data storage. This, of course, introduces a single point of failure (if something happens to Dropbox, Google, Box, or Amazon your data is pretty much toast), as well as the need to trust that these entities will not abuse their control over your data in the cloud. The blockchain together with peer-to-peer network protocols (e.g. based on the torrent protocol) could provide the basis for a distributed alternative to these cloud storage providers.

The fourth use of the blockchain (and Bitcoin) has been the development of “smart contracts”. The basic idea of a “smart contract” is that it is self-executing, for example, a smart contract might be devised such that the “payout” held by the contract is paid only when certain conditions are met. A very simple example might be a deposit contract where one party, the lessee, needs to pay a deposit to the lessor to guarantee the performance of a rental contract. One of the key risks in such a situation is that the lessor might spend the deposit that you’ve given them. In this case, one could encode a pair of Bitcoin transactions such that at the end of the transactions a sum of bitcoins equal to the deposit have been put in a state where neither the lessor nor the lessee can spend it independently. This smart contract terminates at the end of the lease and the deposit automatically returns to the lessee. We can, of course, devise even more complex contracts, but that is beyond the scope of this survey. In my opinion, one of the most ambitious projects in this space is Ethereum, a blockchain with a Turing-complete programming language that allows it to be used to build distributed applications such as smart contracts. Ethereum is not built on top of the Bitcoin blockchain, instead, it implements its own blockchain and network. Another, in my view more specialized and less interesting development is Counterparty, a smart contract system built on top of Bitcoin and using the Bitcoin blockchain and network.

The fifth use of the blockchain (or a technology based on the blockchain) is for electronic voting. It is a fairly evident fact that even in the developed Western democracies, voter fraud—in the form of ballot stuffing, misrecording of votes, destruction or invalidation of ballots, or tampering with electronic voting machines—is a perennial risk. One interesting and much discussed use for the Bitcoin blockchain or an alternative blockchain has been to record votes in elections. The use of public key cryptography and the blockchain enables the system to provide assurance that the person who owns the cryptographic key really did cast that vote (otherwise that person’s public key would not be able to validate the resultant signature), and that the vote was not tampered with once cast. Of course, this by no means eliminates voter fraud, in the sense that someone could install a rootkit that hijacks the person’s machine and vote, but it does at least reduce some options—including ballot stuffing, and tampering with voting records—for voter fraud. And that, in most cases, is better than nothing.

The sixth use of the blockchain (or a technology based on the blockchain) could be as the basis for identifying individuals and corporations. The concept is simple: issue each individual or corporation a pair of public and private keys that is permanently linked to that person’s identity. When a person needs to prove that his or her identity, he or she can use the private key to “sign” the relevant transaction, which can then be verified by the counterparty using the signor’s public key. We can imagine this being coupled to some form of blockchain derived border control register, such that when a person goes through border control their entry is timestamped and entered into a tamper proof register. I find this use somewhat weak at the moment—I expect that cryptographic techniques (including public key cryptography) will play an increasingly important role in protecting identities, but I remain skeptical that the blockchain is the best technology for identifying individuals and recording their movements.18

The seventh use of the blockchain (or a technology based on the blockchain) is in powering the Internet of Things. Researchers at IBM have proposed to use blockchain technology to facilitate transaction processing and coordination among interacting devices. Indeed, in one draft proof of concept, ADEPT, IBM and Samsung have proposed to use Ethereum to build the smart contracts by which smart devices can negotiate amongst themselves to perform their intended functions autonomously without the need for human intervention and without the need for a centralized entity to coordinate these smart devices.

The final use of the blockchain is probably more difficult to conceptualize a priori. These are what I call the unexpected results of tinkering, as multi-disciplinary inventors see the blockchain and apply it to fields as diverse as medicine, law, academia, logistics, et cetera. I do not care to try to speculate on this area, as it would require an in depth awareness of the pain points in these industries, an awareness that in my case would be limited to law and private equity.

What has been built with the blockchain to date?

Quite a lot. There are quite a number of startups that are beginning to leverage the idea that the blockchain is not merely a tool that allows Bitcoin to function, but also serves as a building block for other innovative ideas. This list is by no means exhaustive—such would be beyond the scope this post—but it does serve to provide some flavor of what is being done in the industry and where might be a good point to start evaluating Bitcoin and blockchain startups.

Remittances

  • BitPesa: A startup that allows people to send money to or from Kenya and Tanzania via Bitcoin.
  • Abra: A San Francisco based startup that uses Bitcoin to enable money transfers with no transaction fees.
  • Rebit: A Philippines based startup that uses Bitcoin to enable remittances to the Philippines with no transaction fees.
  • ArtaBit: An Indonesia based startup that uses Bitcoin to enable remittances to Indonesia with no transaction fees.
  • Volabit: A startup that allows people to send money to or from Mexico and Argentina via Bitcoin with no transaction fees.

Asset transactions and markets

  • NASDAQ Private Market: An interesting application of the blockchain and “colored” Bitcoin (via the Open Asset Protocol) to provide a platform to manage unlisted equity securities, by leveraging the blockchain for cap table management and stock transfers. This is possibly the first signs that the blockchain is starting to go “mainstream”, and—barring adverse regulations—will likely pave the way for further developments in using the blockchain to manage other assets like bonds and other fairly illiquid assets like partnership interests.
  • Augur: A decentralized prediction market that relies upon blockchain technology to eliminate the need for a centralized market operator to operate the market and act as the clearing house for transactions.

Storage

  • Storj: Decentralized cloud storage using peer-to-peer protocols, the blockchain, and cryptography to store data across a peer network rather than centralized cloud storage. This has some interesting potential, though I suspect that psychological issues of trust and accountability will likely dominate the initial discussions they have with insitutional or corporate clients.

Tamper proof records

  • Epigraph: A Texas-based startup that specializes in building title registration solutions on the blockchain.
  • Factom: A startup that is using the blockchain to store a hash generated from the relevant transaction or record, thereby providing users with a tamper proof record that also establishes chronology (since it can be traced to a specific block on the blockchain at a known point in time).
  • Edgelogic and Blocktrace: A UK-based spinoff from Australia-based Edgelogic that is building a blockchain-based ledger to store ownership and transaction data relating to certified diamonds, thereby reducing the likelihood of thieves being able to fence stolen goods by mapping the diamonds to a digital certificate that is based on existing industry certificates, police records and insurance records.
  • Proof of Existence: A service that allows users to generate a cryptographic hash of a document for inclusion in the blockchain, thus proving that the document existed at a particular point in time (as denoted by the timestamp of block in which it is recorded) and in a particular form (since otherwise the hash would differ).

Identity and information

  • Onename: A startup that is building “Facebook for Bitcoin”, a service providing Bitcoin profiles and human readable Bitcoin addresses. This, however, requires individuals to verify their identities using social media platforms, which certain categories of users might be reluctant to do.
  • Namecoin: One of the first “forks” from the Bitcoin codebase that builds additional functionality on top of the original Bitcoin protocol. It serves as a general data-value store, and could be used to build such things as a distributed domain name system or an identity database.

Smart contracts

  • Counterparty: A low-level protocol for distributed financial applications built to run on top of the Bitcoin blockchain. The Counterparty protocol has created a working decentralized exchange for trading user-defined assets. The protocol has own currency, XCP, which is used for crafting smart contracts and other financial applications using the protocol.
  • Ethereum: A non-Bitcoin blockchain with a Turing-complete programming language that allows it to be used to build distributed applications such as smart contracts. The protocol has its own currency, ether, which is used to execute its smart contracts.

Voting

  • BitCongress: An Ethereum based platform that relies on smart contracts and Bitcoin to generate tamper proof votes.

Closing thoughts

While Bitcoin’s future as a currency is by no means certain, I do feel that the underlying blockchain technology is a fascinating space well worth watching. We can already begin to see the emergence of interesting use cases for the blockchain in fields as diverse as title registration and ownership records, self-executing “smart contracts”, and distributed asset exchanges. I suspect that these will not be the only new technologies developed that harness the blockchain.

However, I remain only cautiously optimistic. one can see a lot of enthusiasm for the blockchain, but it remains to be seen whether there are as many problems begging for a blockchain based solution as its enthusiastic supporters believe.