A Theoretical Evaluation of Anonymity and Security of Bitcoin System

tackynonchalantΛογισμικό & κατασκευή λογ/κού

3 Δεκ 2013 (πριν από 4 χρόνια και 10 μήνες)

526 εμφανίσεις





A
Theoretical Evaluation of Anonymity and
Security of Bitcoin System



Sulaiman Hamood Al Shekaili

Msc. Computer Science

682732


Project Dissertation submitted to Swansea
University in Partial
Fulfillment for the Degree of Master of Science



Department of Computer Science

Swansea University

September 2013

i


SUMMARY


This research entails evaluating the extent to which the
Bitcoin system is
secure and anonymous. The approach used for this paper includes a review of
literature on the system and previous research on the same topic. To further provide
additional background information around the topic, the research covers compo
nents
of the Bitcoin system such as the various digital wallets that handle Bitcoin
transactions.


Bitcoin mining, a process for using special computers to solve complex
algorithms in return for Bitcoins is also explored to explain one of the main ways how

Bitcoins come into existence. The characteristics of the Bitcoin system that affect its
security are also explored, with comparisons being done between the characteristics of
Bitcoin and those of similar currencies in use.


The anonymity and security of t
he system are tested through an egocentric
analysis of a well
-
known attack that was launched on the Bitcoin network. The
egocentric approach works by focusing on the network around the thief. The
knowledge presented by this research indicates that the Bitc
oin system is not fully
anonymous or secure. Most of its security and anonymity hinges on the different
client/ wallet service businesses that facilitate storage of Bitcoins and transactions.
This is because if there is a way an attacker can use the identi
ty of a user and link it to
a Bitcoin transaction by compromising the security of the wallet service, then the user
ceases to be anonymous. Because of the relative young age and complexity of the
Bitcoin system, there is a deficiency of knowledge and resea
rch about it. Obtaining
ii


respondents who have used the Bitcoin system is extremely difficult and this makes it
difficult to conduct interviews. However, by reviewing the major components of the
System, the research sets the stage for future inquiry.






















iii



DECLARATION

This work has not previously been accepted in substance for any degree and is not
being concurrently submitted in candidature for any degree.

Signature:................................ Date:................................



STATEMENT 1

This dissertation is the result of my own independent work/investigation, except
where otherwise stated. Other sources are acknowledged by giving explicit references.
A bibliography is appended.

Signature:................................ Date:.
...............................


STATEMENT 2

I hereby give consent for my dissertation, if accepted, to be available for
photocopying and for inter
-
library loan, and for the title and summary to be made
available to outside organisations.

Signature:.......
........................ Date:................................






iv


A
CKNOWLEDGEMENTS


I would like to acknowledge the assistance of my supervisor, Professor Thomas Chen
for his continual guidance and support throughout this work. I would also like to take
this opportunity to thank the staff of the Department of Computer Science, for their
assistance, valuable comments and encouragement.

Finally, I would like to thank my wife, my kids and other members of the family for
their encouragements and true caring f
rom the start till the end.

















v


Contents


Chapter 1: Introduction

................................
................................
................................
.............

1

1.1 Overview

................................
................................
................................
...........................

1

1.2 How Bitcoin Works

................................
................................
................................
...........

5

1.3
Cryptography for Anonymity and Security


................................
................................
......

8

1.3.1 Hashing in Bitcoin


................................
................................
................................
...

11

1.3.
2

Addresses

in Bitcoin


................................
................................
...............................

11

1.4
Bitcoin Mining


................................
................................
................................
................

12

1.5
Bitcoin Future


................................
................................
................................
................

16

Chapter 2:
Project Objectives

................................
................................
.........................

20

2.1 Main Objectives


................................
................................
................................
.............

21

2
.2
Research Que
s
tions

................................
................................
................................
........

22

Chapter 3:
Literature Review

................................
................................
................................
..

24

3
.1
Anonymity

................................
................................
................................
......................

24

3
.2
Maintaining Anonymity with Bitcoin

................................
................................
..............

25

3
.3
Why Digital Currency is better than Fiat Money


................................
...........................

26

3
.4
Bitc
oin
Anonymity and Crime

................................
................................
.........................

27

Chapter
4
:
Project Background
................................
................................
................................

29

4
.1
Types of Virtual Currencies

................................
................................
.............................

29

4
.
1
.1
Closed Virtual Currency


................................
................................
..........................

29

4
.
1
.
2

Virtual
C
urrency with
U
nidirectional
F
low


................................
.............................

30

4
.
1
.
3

Virtual
C
urrency with
B
idirectional
Fl
ow


................................
................................

31

4
.
2

The Appeals of the
Bitcoin System


................................
................................
................

34

4
.
3

Weaknesses of Bitcoin System


................................
................................
......................

37

Chapter 5:
Analysis of Anonymity

................................
................................
...........................

41

5
.1
Egocentric Analysis


................................
................................
................................
........

41

5
.2
Software that Interacts with Bitcoin


................................
................................
..............

44

5
.
2
.1
Bitcoin Client Applications


................................
................................
......................

45

5
.3
Mitigation


................................
................................
................................
......................

49

5.4
Bitcoin
Wallets


................................
................................
................................
...............

50

vi


5
.
4
.1
Types of

Bitcoin

Wallets

................................
................................
..........................

52

Chapter 6:
Inferen
c
es drawn by Interviews on Bitcoin Anonymity

................................
.......

54

6.1
Chapter Overview

................................
................................
................................
...........

54

6.2
Bitcoin is Anonymous; how Anonymous is it?


................................
...............................

5
5

6.
3

Bitcoin’s Transparency
................................
................................
................................
....

5
7

6.
4

Future of Bitcoin Anonymity


................................
................................
..........................

5
8

Chapter
7
:
Discussion

and Future Work
................................
................................
..................

62

7
.1
Discussion


................................
................................
................................
......................

62

7
.2
Future Work


................................
................................
................................
...................

65

Chapter
8
: Conclusion

................................
................................
................................
..............

67

References

................................
................................
................................
................................

6
9

Appendix A

................................
................................
................................
...............................

76

Appendix B

................................
................................
................................
...............................

77

Appendix C

................................
................................
................................
...............................

78
















vii



List of Figures

Figure 1:
Transaction in Bitcoin

................................
................................
...................

5

Figure 2:
The Shared Public
transaction log

................................
................................

8

Figure
3
:
Bitcoin mining setup

................................
................................
....................

13

Figure
4
:
Mining profitability over time

................................
................................
......

15

Figure
5
:
A mining rig made up of 41 Icarus
FPGAs

................................
.................

16

Figure
6
:
Bitcoin verses the U.S. Dollar on
March 15
th

2013

................................
.....

19

Figure
7
:
How buying of tokens and other
virtual currencies work

............................

30

Figure
8
:
The
farmville game that generates revenues from features purchased with
virtual money

................................
................................
................................
...............

32

Figure
9
:
The registration of Linden Dollars by users with time

................................

33

Figure
10
:
the thief’s egocentric user network

................................
............................

42

Figure
1
1
:
An

interesting sub
-
network connecting the thief to the victim

...................

43

Figure
1
2
:
MultiBit application (screenshot)

................................
..............................

45

Figure
1
3
:
Armory Client (screenshot)
................................
................................
........

46

Figure
1
4
:
Electrum

(screenshot)

................................
................................
................

48

Figure
1
5
:
Bitcoin Wallet (screenshot)
................................
................................
........

49

Figure
1
6
:
armory wallet
(screen shot)

................................
................................
.......

52

Figure
1
7
:
Coinbase. Web Wallet (screenshot)

................................
...........................

53










1


Chapter 1:

Introduction


1.
1

Overview


Bitcoin, an open source project using cryptographic software and peer
-
to
-
peer
(p2p) technology, was introduced to the
world in 2008. It depends on digital
signatures to ascertain ownership. A history of transactions helps the system to
prevent double spending. A proof
-
of
-
work system helps to set the history of
transactions which is shared using a peer
-
to
-
peer (p2p) netwo
rk (Dimi, 2012) [
1
8
].
Although Bitcoin originated from outside of the traditional banking systems, it is
placed as a global payment system that is distributed (Nakamoto, 200
9
)

[
4
7
]
. At about
the same time that Bitcoin was introduced, a crisis tore its way
through the modern
banking system of the United States, rapidly spreading into a world crisi
s. Many
governments bailed out

their banks all over the world so as to restore trust while
safeguarding against the problems from tremendous cascading failures in b
anking
systems elsewhere. These global developments prompted Manuel Castells, a well
-
known sociologist to start the Aftermath Project. The Aftermath Project is a research
program for intellectuals who believe that the crisis was not only a financial crisis

but
a social one as well. Many European countries like Italy, Portugal and Spain continue
to experience problems in government finances. The development of Bitcoin is timely
because it comes during a period of financial unrest. Additionally, money and ban
king
continue to be the subject of the on
-
going global finance debate.

2


Bitcoins are computer files. They are similar to a text or music file and may be
destroyed or lost just like cash. They are stored in an entrusted online service or on a
personal compu
ter. Bitcoins may be used to buy either virtual or real goods or
services. Spending Bitcoins is simply sending the Bitcoin files from user 1 to user 2.
This is the same principle as sending emails over the internet. Individual transactions
using Bitcoins a
re encrypted, logged by a system running on a great number of
computers in a decentralized manner. Bitcoins are only transferred between users
when the transaction has been approved by another user on Bitcoin’s peer
-
to
-
peer
network. These transactions are
decentralized and occur without the need for a
government, payment network, regulator, bank or third party entity. The Bitcoin
currency operates on different platforms and client applications (wallets). The Bitcoin
wallet is an application that allows the
user to transact with other people from any
place in the world. The Bitcoin Wallet gives the user ownership of addresses in
Bitcoin that the user may utilize to receive Bitcoins from other user(s). In addition, it
enables the user to be send coins. As is t
he case for email messages, the user may
receive Bitcoins when they are offline. All wallets are compatible and can send or
receive money from each other. Examples include Bitcoin
-
Qt
; MultiBit; Armory;
Electrum and Bitcoin Wallet. In addition, there are th
ree categories of wallets based
on the manner employed to send or receive the Bitcoins. These categories are mobile
wallets, software wallets and web wallets.

The first Bitcoin transaction was done in January 2009. By June 2011, more
than 6.5 million Bitco
ins were in circulation courtesy of about 10,000 users. Media
attention has fueled the currency’s growth in market price as compared to other
currencies. One Bitcoin traded for more than US$30 on the popular Bitcoin exchanges
during its peak. However, the
untraceability of Bitcoins has generated concern
3


regarding their potential to cause harm through money laundering, tax evasion and
illegal transactions. The decentralized nature of the Bitcoin system has implications
on the ability of authorities to contro
l and monitor the way the currency flows. These
implications are not yet fully understood.

Many users use Bitcoin for political, philosophical as well as pragmatic
reasons. Most of Bitcoin’s more technologically savvy users agree that anonymity is
not one
of the system’s major attractions. However, there are varying opinions
regarding the system’s extent of anonymity. According to a member of the system’s
developmental team, Jeff Garzik, it would not be wise to try and perform major illicit
transactions thr
ough Bitcoin. This is because of the statistical analysis techniques used
by law enforcement in the field. However, before this work, there was no analysis of
anonymity in the Bitcoin system that was available publicly to ascertain or refute the
claims. Ad
ditionally, many other Bitcoin users do not believe this claim.
Wikileaks,
the whistleblower organization recently let its Twitter followers know that it had
begun accepting donations through Bitcoin. Wikileaks then proceeded to describe a
safer method of
donating Bitcoins by generating a one
-
time public
-
key (Dimi, 2012)
[
1
8
].
One would then pose the question: is it doable to relate a donation with other
transactions performed by the same user on Bitcoin? Is it possible to identify
Bitcoin’s

transactions by using external information? The level of anonymity here
remains unclear.

Bitcoin uses various technological measures to ensure the security of its
transactions. This is done through a “cryptographic Proof” system. This system allows
users

to transact directly with each other without the need for a third party to
authorize the dealings. Each Bitcoin transaction utilizes a public key encryption to
maintain the privacy of the transacting parties. The transaction rides on a public key
4


encrypti
on. This ensures the privacy of the transacting parties. The public key
encryption creates two keys that are mathematically related. The payee retains one
private key (which acts as a private key or password). This private key is used to
access the payer’s

account. Funds can only be retrieved by a person with the private
key associate with that account. The payer utilizes their own public key to locate the
account of the payer. On the other hand, the account of the payer can only be accessed
(and its funds
extracted) by a user who has the private key associated with that
account. The payer utilizes their own private key top

and also to

allow the Bitcoins to
be extracted from their account. All approved transactions are then broadcast to the
entire community
of Bitcoin users. Public encryption is as very complex system.
Creating a fake Bitcoin transaction would necessitate the work of a system with
greater processing power than the whole Bitcoin network combined. Public
encryption ensures the security of Bitc
oin transactions. Bitcoin utilizes a “distributed
peer to peer timestamp server” that is widely
-

published to verify that double
spending of Bitcoins has not occurred. A time stamp makes a record of the exact time
that a transaction occurs or a Bitcoin cre
ated. According to Plassaras (2013), all
timestamps are aggregated into one “master list” which details all transactions
involving any given Bitcoin file [
5
2
]. This is similar to a “block chain”. Each Bitcon’s
block chains are available to all users in the

network. These block chains are updated
after every transaction [
5
2
]. Block chains comprise of a great deal of data on previous
transactions. However, the time stamp enforces the security against the forgery at a
block chain. In this regard, the timestamp

is a very crucial component of the security
of the Bitcoin system.

As is always the case with most new technologies, people may not initially
have to embrace Bitcoin in order for the system to be trusted. The challenge,
5


therefore, would be to make the Bi
tcoin service as user
-
friendly as possible without
prior knowledge of hashes as addresses. There is need for research and awareness
regarding Bitcoin if it is to become a widely accepted currency. This paper examines
the Bitcoin currency system in terms of

its functionality, security and anonymity.

1.
2

How Bitcoin
W
orks

Bitcoin depends on a record of public transactions. Upon using a Bitcoin, the
user transfers ownership to a new owner and signifies this by signing a transfer
statement. The new owner is id
entified in the public through a cryptographic key
(Güring, Philipp & Grigg, 2011)
[
28
].
When the transaction occurs, the Bitcoin
recipient publishes it to a global Bitcoin network, giving undeniable evidence that a
Bitcoin has been spent. This will notify

other users to accept that particular Bitcoin
from the new user only (Browdie, 2012) [
9
]. Therefore, these electronic coins are a
series of digital signatures. All transactions bear a hash of the immediate previous
transaction and a public
-
key belonging t
o the new owner. The new owner signs on the
public
-
key and adds it to the coin’s end [
47
]. The diagram below illustrates the chain.


Fig
ure
1
:

Transaction in Bitcoin

6



From the raw data as detailed in appendix A, we can obtain the transaction’s
hash and
its size in kb. Also recorded in the transaction is the number of outputs and
inputs (vin_sz and vout_sz). Any transaction may have Bitcoins from more than one
source and given to more than one recipient. As shown in the transaction, the public
key belongi
ng to user 1 is placed at the bottom. The user should have the public
-
key if
they are to be allowed to add the transaction. The value of the transaction (50.014000
BTC) is placed in the value field. The nonce’s value is stored as “n”. In this particular
tr
ansaction, a user is receiving Bitcoins for generating the block. Looking at the “in”
portion shows the hash and the “coinbase”. This is the signature equivalent to the
signature of “user 0” for the generation input.


This mechanism cannot prevent double s
pending on its own. This is because a
trusted authority central to the operation would have to verify the transactions.
However, this invalidates Bitcoin’s goal because it places one authority in charge of
the whole network (Koss, 2011)
[
38
].
The duty of v
erification should be distributed,
achieved via the transaction record. There must be only a single transaction record to
be shared among all of the network’s nodes. Most of the users must be in agreement
regarding the history’s validity. This provides eno
ugh proof that a Bitcoin has not
been traded previously [
47
].

The new Bitcoin user needs to choose a specific wallet that is then installed
into the computer of mobile device. Once the user has installed the wallet, the first
Bitcoin address is generated.
More addresses may be created whenever needed. To get
paid by affiliates or friends and vice versa, the user may disclose one of the addresses
to them. In exchange, the friends or affiliates may give the user their addresses as
well. This payment system ma
y be compared to how email works. At this point, the
7


user then gets Bitcoins and keeps them safe. However, it is important that the users
understand the technical bit of how Bitcoin works. More importantly, the user should
understand the technical terms us
ed in the transaction. The block chain, for example,
is a public transaction log that is shared between different users. The entire Bitcoin
system relies on this log. All transactions that are confirmed as spending Bitcoins may
be verified through the tran
saction log. Cryptography is used to reinforce the
chronological order and the integrity of the block chain. The transaction may be
expressed as a transfer of value between two Bitcoin addresses. A transaction gets
included in the block chain. Through the
Bitcoin wallets, a private key for every
single Bitcoin address is maintained. A private key is a secret piece of data. Private
keys are utilized when signing transactions. This helps to maintain mathematical
proof that the Bitcoins have originated from th
e owner of the address. This digital
signature ensures that transactions may not be altered once they have been issued. All
transactions are broadcasted between the Bitcoin Users and confirmed within a few
minutes in the network. This process is known as “
mining”.

Mining is a consensus system that is distributed. This system is used to
confirm transactions that are in waiting. This is done by including them in the block
chain. The chronological order in the block chain is enforced by the system. In
addition
, the system also protects the network’s neutrality, while allowing a consensus
regarding the state of the system to be established between different computers on the
network. Before the transactions are confirmed, they are packed into a block which
contai
ns strict cryptographic rules that must be verified by the network. These rules
prevent blocks that have been previously stacked from being modified. This is
because any alteration done on previous blocks would invalidate the subsequent
blocks. In addition
, mining creates an equivalent competitive lottery that prevents any
8


user from adding new blocks into the block chain consecutively. This ensures that no
user has the power to control anything already included into the block chain or alter
parts of the blo
ck chain with the intention of rolling back what they have already
spent.


Fig
ure

2: The Shared Public transaction log


1.
3

Cryptography for Anonymity and
S
ecurity


Bitcoin employs cryptography to safeguard the security and anonymity of
transactions.
Cryptography helps to achieve this in different ways. For example, the
hash function transforms input data into a form which is irreversible and
unpredictable. The SHA
-
256 has a 32 bytes hash

(Santos,
2013)

[
5
7
]
. Any changes
even of the slightest nature on the input data cause its hash to change unpredictably.
This simply means that nobody can create a separate block that bears the same hash as
another. Bitcoin employs several hashing functions such as RIPEMD
-
160

and SHA
-
256 as well as the Elliptic Curve DSA which is used to perform signatures. A major
question for research on the cryptography of Bitcoin would be how one may be able
to ascertain if one user was authorized to transfer some amount of Bitcoins to ano
ther.
9


For example, how could the researcher tell that “Joel was authorized to transfer 100
Bitcoins to Risper”
[5
7
]
. Bitcoin users would know this answer as: Joel provides his
signature on the transaction with his private key and then publishes his signatur
e for
verification by the Bitcoin network using his public key

(Santos,
2013)

[5
7
]
. Joel’s
signature is performed on the elliptical curve known as secp256kl (key.h): the
screenshot of the elliptical curve is provided below:


However, Bitcoin does not sign

the entire transaction chain (this would be too
expensive); however, Bitcoins provides a signature for the cryptographic hash of the
message. In script .ccp (see the screenshot below):


This is an SHA
-
256 double application:

10




This, however, exposes some weaknesses which may be exploited using
quantum computers to break the elliptic curve chosen or solving the discrete
logarithm code. Another way that Bitcoin cryptography may be exploited is by
breaking the cryptographic hash fu
nction underlying. In this case, a known signature
belonging to the user being attacked is obtained. The next step is to generate a second
input transaction that gets the same hash value. This enables a replay of the previous
signature.


This attack is de
pendent on the serialized transaction processed by Bitcoin.
Because there is a scripting system which allows for complex transactions to be
created, an attacker may be able to construct an input. However, this approach would
not work on addresses for singl
e use because a signature would not be available for
replay. This implies that in order to break the algorithm used to make the signature, a
selective forgery or one which is stronger, is required. This also implies that arbitrary
transactions can be forge
d for entry into the system. This would be a complete system
break. For an attack through signature replay, some protection may be acquired by
utilized client
-
side checks to ensure that the same signature is not employed for two
different transactions.

11


1.3
.1
Hashing in Bitcoin


Hashing is used in Bitcoin as a measure to ensure that a user cannot resend
B
itcoins he really doesn’t own as many instances as he likes, creating several
branches of the transaction. Bitcoin prevents this by using the precautionary
security
measure of certifying a transaction chain through the solution of a mathematically
difficult problem. Once a transaction has been confirmed by being included into a
block, clients will prefer a transaction chain that has the greatest computational

cost
attached to it. This invalidates spending on other branches. This i
s

a major strength of
the cryptography of the Bitcoin system.


1.3.2
Addresses in Bitcoin


Bitcoin users generate private and public key
-
pairs which enable them to make
signatures. In

essence, Bitcoin users publish a “fingerprint”, which is a RIPEMD
-
160
hash as an identifier for places one may send
B
itcoins to (util.h). This is shown in the
screenshot below:



Unlike is the case for other systems like PGP, Bitcoin does not have a
dist
ribution mechanism for public keys. The RIPEMD
-
160 hash is the standard for a
public key. This means that if collision is discovered in this public key space,
someone may be able to spend Bitcoins from another person’s address. However, this
scenario for a
ttack is mitigated by the fact that Bitcoin users are enabled and
12


encouraged to utilize multiple addresses for their wallet. For the Bitcoin system, it is
apparent that many various primitives are employed together to show the specific
Bitcoin protocol. Th
is implies that if one primitive is compromised, other parts of the
system are not necessarily affected

(Yang 2013) [
6
3
]
.


1.
4

Bitcoin
M
ining


There are different ways through which Bitcoin users can obtain Bitcoins. The
first way is through purchasing
them by exchanging them with real cash such as the
Euro or the Dollar. Just like in a traditional money exchange market, the value of a
Bitcoin is regarded in relation to that of the currency being used to buy the Bitcoin.
Another way through which Bitcoin

users can obtain Bitcoins is through exchange of
goods or services just as real money works. The third option is through a process
referred to as “mining”. Mining is the process that allows Bitcoin users to obtain
Bitcoins rather than through purchasing t
hem. A user uses the computational power of
his or her computer to generate Bitcoins. The computer in this context is used to
generate a solution to a complicated computer algorithm. Every ten minutes, the user
with the correct answer (number) is awarded B
itcoins. Bitcoin mining may be
defined as the process of using computers to work out mathematical codes online to
earn Bitcoins. It has been compared to playing the lottery but the difference is that one
will always win. The hunts program for blocks and g
ets Bitcoins upon finding one.
The majority of people who are mining, the harder it becomes to generate Bitcoins
(Felten, 2013) [
22
]. Appendix B and C show the extent of Bitcoin mining and the
distribution among pools. Fig
ure

3

shows a Bitcoin mining setup
.

13



Fig
ure
3
:

Bitcoin mining setup (tumbler.com, n.d.)


However, Bitcoin Mining is a time consuming and arduous process. In
addition, computers that are able to perform the Bitcoin mining procedures are highly
specialized. The typical office computer would

need approximately five to ten years
to obtain any Bitcoins. The costs accruing from the use of electricity would outweigh
the value of any Bitcoins generated. Additionally, the number of Bitcoins that can be
generated through mining is strictly controlle
d. At the moment, solving a mining
algorithm generates 50 Bitcoins however, that number is halved after every 210,000
blocks are created

[11]
. This usually takes approximately four years. To avoid
inflation, the Bitcoin software slows down the process of B
itcoin generation over
time. This ensures that the number of Bitcoins in circulation will never exceed 21
million

[
22
]
. This means that the number of Bitcoins in circulation has a finite limit.
Bitcoin mining will come to a stop around 2025. This estimatio
n is based on the
current rate of growth of Bitcoin mining. By limiting this growth systematically, the
14


Bitcoin software ensures that there will never be artificially prompted deflation
o
r
inflation of the value of a Bitcoin. In order for a record of every
thing done within the
system to be maintained, there is a ledger called the “Block Chain”. This is a shared
database of all the successful transactions within the system. All transactions are
broadcast into the Bitcoin network and all connected users obtai
n a copy of the block
chain. Bitcoin miners verify these transactions and proceed to add groups of
transactions known as blocks to the block chain. This process is completed every ten
minutes. Anyone can become a Bitcoin miner. The Bitcoin mining software
is ready
for download. All the user has to do is to contribute raw computing power. For every
block solved, the user obtains an agree amount of Bitcoins. The more processing
power the Bitcoin miner has, the greater the ability to mine
B
itcoins. Some of the
software available for mining include: 50Miner; BTCMiner; BFGMiner; Bit Moose;
Poclbm
-
mod; Poclbm; CGMiner; RPC Miner; DiabloMiner; Phoenix miner;
MacMiner bfgminer, cpuminer and poclbm; Ufasoft miner; Cpu Miner; Remote
miner; Pyminer
-

Python miner; Flash
-
Player Bitcoin Miner and Open Source Miner
Board. Miners have maximized the ability of their hardware to ensure that their
minding

ability is also maximized.

In 2009 at the beginning of the growth of Bitcoin, the difficulty level for

mining was relatively low. Anyone could download mining software and proceed
with the mining with only their CPU. However, with time, one had to have the GPU, a
set of dedicated graphics chips, previously only reserved for gaming. Graphics cards
from ATI
or Nvidia offered a great boost to other chips

[
41
]
.




15




Fig
ure
4
: Mining profitability over time. Source: Liu, (2013)[
41
]


The value of Bitcoins mined has also been on the decline as shown on
Figure 4

above.

With the increased electricity bills due to
the transition of mining into a more
difficult process, experts had to come up with even more dedicated hardware for
mining. This was the beginning of the FPGA (field
-
programmable gate array)

[11]
.
These are add
-
on cards which perform better than GPUs in m
ining, while being more
economical. Better energy efficiency meant that miners would enjoy higher profits.


16



Fig
ure

5
: A mining rig made up of 41 Icarus
FPGAs

[
49
]


As shown in figure
5
, FPGAs were preferred to the less energy efficient
GPUs. Even more
competition in the mining area prompted the development of the
Application
-
Specific Integrated Circuit (ASIC). This was a chip built only for mining.
The chip is way smaller than its predecessors and, therefore, uses less power.


1.
5

Bitcoin
F
uture


Propon
ents of the Bitcoin system agree that it has the potential to solve the
problems associated with real or fiat
-
money if widely accepted. Critics of the system,
however, argue that the biggest hurdle to the success of Bitcoin is that it is a difficult
concep
t for the average person to understand (Rouviere, 2013)
[
5
5
]
. However, as with
most new technologies, people do not have to initially accept Bitcoin in order to be
trusted. The challenge, therefore, would be to make the Bitcoin service as user
-
friendly as possible without prior knowledge of hashes as addresses. In
the face of
government restrictions, according to an interview conducted by Brad Jackson at
Francis Cianfrocca
-
an expert in the digital currency field
-
, Bitcoin may survive only
if there is widespread acceptance by the public (Jackson, 2013) [
33
].

17


The at
traction of Bitcoin is hinged on more than just the anonymity that it
provides its users with

as well as t
he security that it offers against the tradi
tional
forms of counterfeiting.
The Bitcoin system is designed to be scarce and consequently
immune to inf
lation or deflation.
T
here are no limitations to the number of
possibilities that digital currencies provide to modern day business. This means that it
is almost impossible to predict the future of the Bitcoin currency system. However,
analysts have predic
ted that as markets improve on quality of their products, they will
do the same thing for money.

Much of what is available online regarding Bitcoins involves the perceived
danger of the relative anonymity and the dangers of irreversibility of transactions
.
Researchers have claimed that
B
itcoins may be used for criminal dealings such as
money laundering and buying of drugs. This is because it becomes very difficult to
establish the person who buys the drugs through the Bitcoin network due to
anonymity. Howe
ver, the developers of the Bitcoin program would claim that this
fear
-
mongering has led to the stalling of rational development of the Bitcoin system.
They claim that ordinary cash is also highly anonymous. This is because money, once
stolen is difficult t
o recover.

In a
ddition, a cash transaction can
not readily be traced to the source. Another
fear that has been raised regarding the Bitcoin system is that the Bitcoin software
community is headed by young people who lack the kind of discipline that is requi
red
to run a currency system. However, this is not the case. The Bitcoin structure is
headed by a group of rational and sober people who for a management team that was
modeled on that of the Linux Foundation. The Bitcoin Foundation, just like the Linux
Fou
ndation, is funded by way of grants which are made by companies like the Mt.
Gox Exchange, CoinLab and Bitinstant. These companies provide these grants
18


because they depend on the continued maintenance and stability of the open
-
source
code underlying.

Bitco
in can add value to the lives of ordinary people. As witnessed by several
developing countries, the mismanagement of currency by governments often leads to
depletion of family savings, capital controls and inflation. In Argentina, for example,
citizens are

desperately att
empting to convert their pesos i
nto stores of value which
cannot

be
devalued

by the government. One of the option
s

that some of them have
adopted is Bitcoin. Argentineans are using “old Android phones” to obtain and
exchange Bitcoins even though the government has pla
ced a restriction on
transactions

in U.S. dollars. Although these people do not know much about the
un
derlying technology of Bitcoin, they recognize alternative currencies. This implies
that although the Bitcoin system has been referred to as being complicated to
understand, the example of Argentina proves that users may still use the currency
without havi
ng to understand the technicalities involved in the system. However,
Bitcoin developers and software developers agree that it might take
some time

before
the Bitcoin system is converted fully into a simplified system that can be understood
by the layman.

T
he system that developers

of

Bitcoins is

stable and secure even though the
surrounding infrastructure has components that may not be so secu
re. Bitcoin experts
assert that
, the user is the best form of security for their Bitcoins. This is because no
softwa
re is perfect and immune to corruption or attack. In addition, security
vulnerabilities arise from time to time even in the Bitcoin client.

19



Fig
ure

6
: Bitcoin verses the U.S. Dollar on
March 15
th

2013.

Greenberg (2013) [
26
]

According to Freeman (n.d),
there is an oncoming attack on Bitcoin which is
inevitable. This judgment is based on the background of digital money and the kind of
reception it has had in the past. In 1996, a similar currency known as E
-
gold was one
of the first examples of digital mon
ey invented

[24]
. It received amazing growth and
great attention. People saw E
-
gold as a means to free
up
the mone
tary system
.
Governments saw this as a threat to their control over the fiat currency and, therefore,
created negative controversy around the
venture. Freeman (n.d) predicts that the
Bitcoin currency exchangers will be the first to be attacked. However, due to the fact
that Bitcoin is decentralized and easily accessible, it will outlast the attacks against it.
The “peer
-
to
-
peer” nature of Bitcoi
n places it in good stead as a trusted form of
currency (
Nakamoto, 2011) [
48
]
. This is because the confidence created is maintained
by the people. This is likely to create a good future for the currency if people can
begin to have confidence in it.


20


Chapter
2
:

Project Objectives




The Bitcoin system is a digital currency that was launched in 2009. This
means the system is still relatively new to most people. Like for all teams who
develop complex systems, the Bitcoin community is in the process of s
implifying the
use of the currency as much as possible. This is because at its current state, the system
may appear a bit complex for some people. Considering the fact that many people
have to be able to understand a monetary system so as to attempt using
it, the Bitcoin
system has to overcome the problem of appearing too technical (
Grinberg, 2012) [
27
]
.
In the meantime, researchers are, therefore, presented with the task of illuminating the
Bitcoin technology in terms of its strengths and weaknesses. The a
nonymity of the
Bitcoin System has been the cause for debate in the recent past. Experts have been
divided on the extent to which the system is anonymous as well as on the safety that
cryptography offers.

Other causes for concern are t
he vulnerability of
the system to
use for illegal exploits such as drug trafficking and money laundering.


The significance of this debate is that it is critical to examine the Bitcoin
system as a potential common currency for the future. It is, therefore, important to
expos
e any shortcomings that may be inherent in the system and to highlight th
e

strengths. The proponents of the Bitcoin system expect opposition from governments
based on these factors. Therefore, it is important for adequate research to be
conducted on this t
opic pending any action for or against. This project aims at
21


shedding light on the Bitcoin digital system of payment and how it works. The author
will attempt to illustrate how transactions are performed in the decentralized Bitcoin
system as well as the e
xtent to which the system is anonymous and secure (
Lee, 2013;
Broderick, 2013) [
39
], [8]
. This will be achieved largely through a review of literature
and an evaluation of the background of digital money in general and Bitcoin in
particular [
8
].


2.1 Main
O
bjectives

This project has various goals. However, perhaps the all
-
encompassing objective
of this project is to amass knowledge around the Bitcoin project, its shortcomings and
strengths as well as the potential it bears as a currency system. To do this,

a
review of
literature provides
a
doc
umented research and insights into

the Bitcoin project. This
includes some of the discoveries that have been made regarding the system as well as
the developments and current usage of the digital currency.


Like all mo
netary systems, the Bitcoin system is not without its challenges. These
have been highlighted. Key among the factors considered in the literature review is
the issue of anonymity and security. To understand how the system works and the
virtues that it is b
ased on, the properties of effective currencies are evaluated and
explained in detail. This provides a background on money which is critical in
evaluating the Bitcoin currency. In short, in order to know how to evaluate the Bitcoin
currency, it is importan
t to establish the criteria against which the system may be
referenced.

In addition, the researcher seeks to establish an existing gap in the effectiveness,
stability and safety of fiat money.
This is because understanding t
he existing gaps will
help one to understand what is expected of a currency if it is to supplement or even
22


replace fiat money. This process entails enumerating the advantages and the
disadvantages of the Bitcoin currency. Several components of the system s
uch as the
various types of wallets are examined to enable a deeper understanding of the Bitcoin
system. In light of the previous challenges faced through the current monetary system
such as the financial crisis, the significance of this project is highly
amplified. The
main objectives of this project may be enumerated as aiming to:



Review and elaborate on the cryptographic algorithms utilized in the Bitcoin
system.



Demonstrate how Bitcoin mining and spending works.



Evaluate the anonymity and its strength i
n Bitcoin.



Evaluate the Bitcoin system’s security weaknesses.


2.2 Research
Q
uestions


Anonymity is not one of the major design goals of the Bitcoin system;
however, many people still refer to it as being anonymous. Despite it not being a
major goal of th
e initial designs of Bitcoin, anonymity has risen as one of the most
significant topics of the system. This is because it is viewed as having a bearing on
the future of the currency and its stability.

In order to approach the issue of anonymity with more u
nderstanding, several
other components of Bitcoin have to be explored in detail. By answering certain
pertinent questions, this research will have met its objectives. In this
project
, the
author will attempt to answer the following research questions:



How
does the Bitcoin system work?



Is the Bitcoin digital system fully anonymous? If not, to what extent is it
anonymous?

23




How protected is the system against
cyber
attackers and theft?



What security measures
are in place to keep cyber
-
attacks

at bay?


It is
expected that even though the Bitcoin system holds a lot of promise for the
future, there are some challenges that have to be overcome. The anonymity of the
system is also not expected to be absolute. Through the review of literature, the paper
attempts to

provide the ground work for the examination of the above research
questions in the context of the laid down objectives of the research.


















24


Chapter
3
:

Literature Review


3.1 Anonymity


Anonymity is a quality that draws people to the world of

digital currency. If
digital currency is to achieve widespread adoption, providers of digital currency must
prove their reliability and trustworthiness. This may only be achieved through
offering secure marketplaces, calm extensive value fluctuations as w
ell as easing the
doubts of prospective users. Although the ability to remain anonymous is a major
attraction for the users, this should change if the currency is to receive wide
acceptance. According to Santos (2013), users do not realize that the anonymi
ty of
Bitcoin is relative and not absolute

[
5
7
]. All Bitcoin transactions are recorded
publicly. This implies that public metadata is readily available. User pseudonyms are
also now verifiable. However, Santos (2013) believes that all this is not enough.
To
begin with, identity information which is reliable is essential for any infrastructure
used for the management of goods, currency or services

[5
7
]. This means that online
ID verification should be adopted. This is because it enables companies to achieve

real
-
time authentification of potential customers, while offering the efficiency and
scalability required for a global company. However, such rules and practices need a
wider form adoption.

A major issue that may hamper Bitcoin is that the digital money industry does
not do enough to stop money laundering. Bitcoin
-
like industries, however, may assist
25


in this by drafting guidelines to secure and shape the digital currency industry.
Without a s
afe infrastructure, there will be no digital currency that will achieve
adoption on a wide scale.


3.2 Maintaining
A
nonymity with Bitcoin

According to Jules (2013), a Bitcoin user may move their cash into Bitcoins
while protecting their identity. This is a
s evidenced by the proliferation of the
Silkroad. The Silkroad is only available through the TOR network and the Bitcoin
currency. The site is used for drug

business and is run using the
onion world. This is a
shadow internet which is maintained by the TOR

network

[34]
. Users can browse the
internet anonymously and their identities cannot be discovered after the fact.
However, Jules (2013) asserts that Bitcoin is not entirely anonymous. According to
Jules (2013), a fully anonymous digital currency is eCache

[34]
. He further argues
that addresses in a transaction are available to everyone and that although the
addresses are in form of arbitrary numbers, if an address can be tied to an identity
using any means, the owner of the address as well as their transac
tions may be
unearthed. This information on the identity may be obtained from network analysis,
Googling of the address or surveillance. This implies that a Bitcoin user is not entirely
anonymous while undertaking transactions in the Bitcoin network. Netwo
rk analysis
may enable the revelation of the exchange service from which a user bought their
B
itcoins from. This is because
B
itcoins carry traces of the user’s original transaction
even after making purchases at the Silkroad. Converting fiat currency into
Bitcoins
breaks the link between the user and what they intend to use the
B
itcoins for. Western
Union, PayPal and Dwolla as well as any other payment system leave a paper trail

[8]
.

26


However, running the TOR software anonymi
z
es

all online activity for Bitcoin
users. In addition, TOR also sets up accounts while enabling communication with
Bitcoin exchangers. Users can also remain anonymous by getting a wallet to store
their Bitcoins.


3.3 Why
D
igital
C
urrency is
better

than
F
iat

M
oney

Scholars and experts assert that digital currency performs functions of
currency better than government
-
backed, fiat money. Currency serves three major
functions [
5
2
]. Firstly, it is a store of value. This implies that it is used to Store value
for

current earnings to be used in future spending. Secondly, it is a unit of account as
well as a measure of relative worth. Thirdly, currency is a medium of exchange.
Firstly, as a store of value, digital money works better than fiat money. The
independence

of Bitcoins from government intervention places it as s superior store of
value than the conventional fiat money. Digital currency in general and Bitcoin in
specific is reliable and stable enough to enable effective operation. It is unwise to
store value
in any means that is susceptible to corruption, external influence or
collapse. Traditional currency systems are trusted because they are often backed
-
up
by governments. This gives people the confidence of using such systems because they
perceive the gover
nment backing as security that it is not easy for them to lose their
savings. However, government backing is often referred to as a double
-
edged sword.
This is because irresponsible governments have often tampered with the sanctity of
national currency, to

the detriment of the users. Electronic currencies like Bitcoin do
not lend themselves to governmental interruptions and influence.

As a measure of value and unit of account, electronic currencies provide a
measure of relative

worth that is almost intuitiv
e

w
ithout this measure of relative
27


value. The users of a currency may have to spend a lot of time, resources and money
trying to establish what the real value of the currency is. For example, the value for
gold comes from its rarity. This rarity may be com
pared to the high level of difficulty
associated with the mining process which produces Bitcoins. This renders a Bitcoin
intuitively and intrinsically valuable especially considering how difficult it is to
produce the
B
itcoin. The fact that it will not be
possible to produce Bitcoins after the
year 2025 implies that Bitcoins will soon be considered very rare
-
just like gold. In
comparison with fiat money,
B
itcoins have a greater intuitive and intrinsic value as a
result of their rarity. However, the challen
ge faced by the Bitcoin system is that it
must be accepted and recognized as a legitimate currency by its users first if any of its
advantages are to take effect.

As a medium of exchange, if accepted widely by users, Bitcoins would be
superior to fiat curr
ency. This is because Bitcoins require lower transaction costs than
conventional fiat money. Bitcoins allow one to transact regardless of their location or
whether the parties to the transaction know each other. Although payment systems
like PayPal also en
joy such advantages, the Bitcoin system and other digital
currencies overcome costs associated with transacting and exchanging one form of
currency for another. Digital currencies like Bitcoin avoid transactional fees because
they are designed to operate t
hrough the World Wide Web transnationally.


3.4 Bitcoin
A
nonymity and
C
rime

Some experts argue that
B
itcoin is not as anonymous as many people think.
They argue that transactions may be used to track someone’s real name through their
Bitcoin wallet. If the user of a Bitcoin wallet leaves a “pay with Bitcoin” option
visible on their sight, they may be trac
ked. Users who are good enough with
28


computers may also be able to explore the
B
itcoin addresses, blocks and transactions
that have been created by Bitcoin (Karame & Androulaki, 2011; Liu, 2013) [
35
], [
41
].
Users who do not want to get tracked through the t
ransactions they make in Bitcoin
should not make numerous transactions.

Bitcoin may be referred to as a “pseudo
-
anonymous” network. This is because
one can hold a Bitcoin address without having to reveal anything regarding their
identity in the
B
itcoin address. This also means that one person may hold several
Bitcoin addresses, with nothing existing top link those addresses together. However,
the level of transparency of the
B
itcoin system becomes so high if a user publishes
their
B
itcoin address
on a website. This is because the user’s information such as
previous transactions and Bitcoin balance become available and accessible to the
whole world (Liu, 2013;
Pattison, 2011
) [
41
],

[
45
]
. Interested parties are extremely
good at inferencing informati
on from movements occurring in large networks.

The pseudo
-
anonymity of the system, while being s great strength, can also be
a major weakness. According to Campbell (2013), the part anonymity of Bitcoin may
be exploited for criminal use [
12
]. This is becau
se Bitcoin may be used as a subsidy in
black
-
market enterprises. Bitcoin has been used severally on Silk Road in the
purchase of illegal drugs. The anonymity of the Bitcoin system is a double
-
edged
sword. This is because while it fosters high security leve
ls, it also has great potential
to harbor criminals. It has been reported that the hacking group known as LulzSec
prefers to donate to Bitcoin. LulzSec took responsibility for having hacked the Sony
Corporation.




29


Chapter
4
:

Project Background


4
.
1

Types
of Virtual Currenc
ies

Virtual currencies can be defined as unregulated forms of digital money which
are issued and usually managed by their developers in a virtual community where
there is wide use and acceptance by members (European Central Bank, 2012) [
2
1
].
There are two ways in which one may obtain virtual currencies. Most virtual currency
schemes require the prospective user to purchase them through fiat money at a
predetermined exchange rate. Most virtual currencies do not have commodity
-
backed
value (
Back, 2002) [
2
]. Users may increase their stock by participating in specific
activities like responding to advertisements, promotions or completing online surveys.

Many virtual currency systems exist and it can be difficult to attempt
classifying them. One

way in which they can be classified is according to their
manner of interaction with fiat (real) money in the real economy. This can be done
through two channels: a) Flow of money through currency exchanges; b) Monetary
flow with a possibility of purchasi
ng real goods or services. With this as a basis, three
types of virtual currencies can be distinctly identified:

4.1.1
Closed
V
irtual
C
urrency

These schemes have little or no connection to the actual/ real economy. They are
referred to loosely as “in
-
game only” schemes. In such schemes, users pay
subscription fees and proceed to earn virtual money depending on how well they
perform online (Cox, n
.d.) [
16
]. The user can only spend this virtual currency to
30


purchase virtual assets or services that are on offer within the virtual world.
Theoretically, this type of virtual money cannot be spent in the real world. However,
some users have devised
illegal methods to transfer such currencies to other users in
return for real money. This is prohibited in most accounts. Closed virtual currency is
only usable online. However, based on the capabilities that it can afford the user, it is
still highly valu
able. For example
,

buying clothing items online using virtual money is
equivalent to buying the same items of clothing using fiat money. This implies that
virtual money may be used to buy goods and services that are consumed win the real
world just like re
al money would.


Fig
ure
7
: How buying of tokens and other virtual currencies works. Source: Cutler
(2011)[
17
]


4.1.2
Virtual
C
urrency with
U
nidirectional
F
low

The virtual currency of this type is purchased using real money at the
predetermined exchange
rate. However, it cannot be reconverted to real money
therefore earning the term “unidirectional”. An example of this is Facebook credits.
(Ivan, 2011) [
32
]. Facebook credits may be purchased using real money to enable the
user to enjoy some of the
added
f
eatures that
is not available to the non
-
payer
, o
nce
31


real money is converted into Facebook credits. The credits may be converted into
another form of virtual money depending on the virtual platform and the exchange
rate between the virtual currencies. Howe
ver, the initial unidirectional currency (such
as Facebook Credits) cannot be converted back into real money

[32]
.


4.1.3

Virtual
C
urrency with
B
idirectional
F
low

This type of virtual currency scheme allows users to put and sell the virtual
currency as per

the exchange rate. This type of virtual money is similar in most
regards to real money. This scheme allows the users to buy and sell both real and
virtual goods and services. Virtual currencies with bidirectional flow may be
converted both ways. This mean
s that once the virtual currency is purchased at the
current exchange rate, conversion of real money to virtual currency occurs. If the user
of the virtual currency wishes to reconvert the virtual currency to real currency, that
may also be done.

The devel
opment of digital currency is tied to the growth of the internet and
other global networks (Krieger, 2013) [
37
]. That means that there is no digital
currency that has been around for a long time. Microsoft points and Facebook credit
are two examples of dig
ital currency which are tied closely to fiat money. When users
purchase them, they are able to buy products within the given service. For example,
the Farmville game (see figure
8
), played within Facebook generated revenue worth
$597.5 million in 2010. Thi
s was achieved through micro transactions where
Facebook took a 30% cut of all purchases made using Facebook credits [22]. Other
systems include “Second life” game which made $1.5 million in 2007 in transactions
using a virtual currency known as Linden Dol
lars.


32



Figure 8: The farmville game that generates revenues from features purchased with
virtual money. [
17
]


The Figure
9

showing the registration of Linden dollar users from 2010
indicates that there are a significant number of people using virtual money. This not
only demonstrates the high activity level present online but also ushers in other
electronic currencies. Many a
gree that if all the virtual worlds accepted one unifying
digital currency, the currency would have a high likelihood of success. This is
because there would be a ready market waiting to use it. With support from
community and game creators, user confidenc
e would be easily available.

However, in markets where the quantity of virtual currency one holds is reliant
on effort or skill, this would not be possible. In the online game World of Warcraft
which features multiplayer properties, players earn currency
(in
-
game gold)
depending on the number of hours invested playing the game (Buterin, 2012) [
11
].

33



Fig
ure

9
: The registration of Linden Dollars by users with time
[
49
]

In the current e
-
commerce market, PayPal dominates due to the consumer trust
it has gained by guaranteeing its users against fraud. Digital currencies have not been
successful because of a number of reasons. Services like Pecunix and Gold money
were tied t
o the gold standard rather than fiat currency. This was unpopular with users
because they could not tell what the value of what they had corresponded to. Digicash
laid too much emphasis on anonymity, which was not a priority for most users.

One would ask,
what is the advantage of a decentralized method of banking?
A decentralized method of banking removes the middle
-
man from transactions thus
reducing the fees paid because of middleman services. Additionally, the government
would not be able to manipulate t
he supply of money so as to achieve its
macroeconomic goals which according to many, they should not be entrusted with.

The lack of security in fiat currency, therefore, necessitates a shift to digital
currency. Fiat money can be easily manipulated and cou
nterfeited. The high number
of online transactions indicate
s

that the world should change the way it

i
s doing
business (Santarelli, 2013)
[
5
6
]
. Theoretically at least, digital currency would favor
34


international business because it would not be tied to a
country’s government
(
Courtney, 2013) [
15
]
.

This
project

seeks to examine Bitcoin as a modern digital currency. It is
important to realize that Bitcoin is unregulated and apolitical with no likelihood of
tampering to change its supply. Bitcoin’s management

network keeps records so as to
prevent fraud as well as double spending (Becker Breuker, Böhm, Rauer, Heide, &
Holler, 2011) [
4
]. In addition, the currency exists outside boundaries of countries and
it is impossible to tax. Its success would see one unif
ied global currency. Bitcoins do
not inherent worth. Just like paper money, they rely on broad acceptance by users for
them to maintain their worth [
50
]. As this paper shows, the Bitcoin system of
payments is a revolutionary idea which lays the foundation
for a radical departure
from the current economic system.


4.
2

The
A
ppeals of the Bitcoin
S
ystem

Despite having taken three decades of intensive research on e
-
cash, the
cryptographic community’s efforts seem to have been adversely affected by the
success of Bitcoin. Nakamoto, a previously unheard of individual may have well
outsmarted the ingenuity of

all other cryptographers combined [
47
]. However, Bitcoin
is far from perfect and has some well
-
known problems. One then would ask, what
makes Bitcoin so successful?

i)

Decentralization

Bitcoin’s architecture is completely distributed and does not have a sing
le
trusted entity. This is to mean that Bitcoin assumes the honesty of most of the nodes
in its network, resorting to a majority vote set
-
up to avoid double spending and to
enhance dispute resolution. Other e
-
cash schemes, however, employ a centralized
35


ban
k which is trusted to issue e
-
cash and to detect double spending. This appeals to
individuals who prefer a freely
-
traded currency that is not controlled by any
government, authorities or banks (Wile, 2013)
[
62
]
. These individuals, regrettably,
may be drug
-
dealers and underground economy proponents. Just like in distributed
internet, a decentralized system ensures that no one, however benevolent, can fall
prey to temptation or be forced by government to subvert Bitcoin for their own benefit
(
BitPay,

Inc., 20
12) [
5
]
.

ii)

Incentives and the economic system

Bitcoin has an ingeniously designed eco
-
system that guarantees that users are
given economic incentives so that they can participate. New Bitcoins are generated in
a distributed manner and at a rate that can be p
redicted. “Bitcoin Miners” provide
solutions to computational puzzles so that new Bitcoins can be generated. This
process is closely connected to the ascertainment of previous transactions.
Additionally, miners may collect transaction fees because of their

effort of
ascertaining transactions. This provides users economic incentives and motivations to
spare computing cycles to verify Bitcoin transactions and generate new Bitcoins.

iii)

Predictable money supply

Bitcoin ensures that new coins are minted at a rate t
hat is fixed. This means
that the larger Bitcoin’s community and total computational resource allocated to coin
generation is, the more complex the computational puzzle turns out to be. This
provides early adopters with strong incentives. This means that t
he earlier one is in
the game, the cheaper the cost of Bitcoins minted.

iv)

Divisibility and fungability


One of Bitcoin’s appeals is the ease in dividing and recombining coins for the
creation of any denomination possible. However, this is an Achilles’ heel o
f e
-
cash
36


systems that are strongly anonymous. This is because denominations have to be
standardized so as to be unlinkable, making computational costs for e
-
cash
transactions to be linear in amount. However, in Bitcoin, the linkage is inherent. This
preven
ts double spending.

v)

Openness, versatility and vibrancy

Bitcoin’s completely distributed design partly makes it remarkably flexible.
The project has an open
-
source nature that motivates the development of new
applications while spurring new businesses. Its
flexibility and openness causes the
rich extended ecosystem that surrounds it to flourish. For example, users who require
guarantees for better anonymity can be catered for by mixer services. Payment
processor services now provide gadgets that vendors can
embed in webpages to be
able to receive Bitcoin payments as well as regular currency.

vi)

Scripting

One of the more salient and innovative features of Bitcoin is that users (both
payers and payees) can embed scripts to their Bitcoin transactions. Theoretically, this
feature allows one to realize rich semantics and contracts on transactions through
script
s. These include escrow, deposits, dispute resolution and assurance contracts. It
is expected that in the future, there will be richer versions of financial contracts and
that mechanisms will be created around Bitcoin though these features.

vii)

Transactional i
rreversibility


Transactions in Bitcoin have quick irreversibility. This creates a niche market
in which vendors are wary of charge
-
backs and credit
-
card fraud. Vendors who sell
their products overseas prefer not to conduct business with customers from cou
ntries
where credit
-
card fraud is rampant. Bitcoin offers protection to such individuals
through its irreversibility of transactions.

37


viii)

Low fees


Bitcoin verifier’s market has very low transaction fees (these are chosen by the
payer and are optional). This i
s especially an advantage in micropayments where
transaction fees are normally dominant. Additionally, international money transfers
do not require additional costs due to disintermediation.

ix)

Implementations are readily available.


As compared to other e
-
ca
sh systems, Bitcoin provides readily available
implementations which are not only used in a desktop computer but for mobile
phones as well. Additionally, behind the maintenance of the open
-
source project is a
vibrant community which provides healthy develo
pments.


4.
3

Weaknesses of Bitcoin

System


One of the most observable problems of digital currencies is that they have
major weak links. The first major weak link lies in currency exchangers who convert
real cash to e
-
currency and then e
-
currency back to cash. These exchangers are
vulnerable to “au
thorities”, who target these exchangers, leading to the failure of the
system. This is what happened to E
-
gold, one of the first digital currencies. The
“authorities” either regulate these currency exchangers or shut them down completely.
The developers of

digital currencies have often tried unsuccessfully to eliminate this
weak link to make the currencies stable.

The other major weak link is the lack of a verifiable form of backing and defense. Just
like Bitcoins, a System like Pecunix is excellent. Howev
er, these two Systems have
not achieved meaningful size to earn the defensibility that would make them strong as
currencies. Perhaps an even bigger, but often overlooked, problem with Bitcoin and
other digital currencies is the Wide lack of understanding o
f individual liberty and
38


property rights. Bitcoin requires a powerful network of people who regard property
rights highly and are willing to defend them. These people would develop a form of
“territory” where the backing of the e
-
currency would be stored a
s well as defended.
Bitcoin has faced many challenges in the attempt to address these issues. According to
Barok (2011), the ultimate territory exists in the minds of individuals and in the
actions of the masses who know, understand and appreciate liberty
and personal
rights. This is described as a state of individual awareness or “self
-
rule” or “autarchy”
[
3
].

Bitcoin has several other weaknesses as listed below.

1.

According to M'barek & Myesser (2012), one of the weaknesses of Bitcoin is
that the wallet is
vulnerable to theft. If the wallet is not encrypted, it becomes
a theft target (Onies, n.d.)
[
49
]
. However, recent Bitcoin client releases
support the encryption so as to protect data in the wallet [
43
].

2.

According to Barok (2011) a coin’s history may be u
sed to link identities of
users to addresses. This may lead to an invasion of privacy because the
currency user’s affiliations become well known by the public [
3
].

3.

An attacker may place many clients which he controls into the network. He
may then use these clients to attack. A fraudulent
B
itcoin user may create
several false users which he may use to perform illegal operations in the
system such as drug
-

dealing or m
oney laundering.

4.

There is no authentication required when sending Bitcoins to an IP address. A
man
-
in
-
the
-
middle attack may be executed. Like in any online system, an
attacker may device a method through which to compromise the security of a
system. The la
ck of authentication to channel Bitcoins to a specific IP address
makes an interception by a third party easier.

39


5.

A potential attacker can see a user making a transaction. If the potential
attacker has the ability to intercept the transaction, this makes it

even easier to
do so. This implies that although the transparency of the system is an
advantage, it may also prove to be a disadvantage.

6.

There are security vulnerabilities as well as bugs in the Bitcoin system. A
newly discovered bug or vulnerability in s
ecurity may lead to a split in a block
chain. This is because the security of a subsequent block in the system chain is
reinforced by the previous block. A vulnerability at one point in the block may
lead to widespread vulnerability.

7.

Another issue with Bit
coins is that their valuation often fluctuates depending
on the demand. By 2
nd

June 2011, one Bitcoin had the value of
(
$9.9
0)
.
However, around January 2013, one
B
itcoin had the value of less than $1. This
implies that Sites that accept Bitcoins continue
to change their prices quickly.
This creates confusion when a refund for a product or service is made [
52
].
For example, if an item of clothing is bought at 1.5 BTC and returned after
seven days, experts are faced with the problem of deciding whether the i
tem
should be returned at the same price of 1.5 BTC even if the valuation of the
Bitcoin has gone up or whether it should be returned at the current valuation.
The Bitcoin community has still not arrived at a consensus on this question.

8.

Yet another problem

with Bitcoins is that of buyer protection. Once a buyer
uses Bitcoins to buy goods and the seller fails to
s
end the goods as promised,
there is nothing that can be done to undo the transaction. Experts suggest that
this problem may be sorted through a thi
rd party escrow service such as
ClearCoin. However, escrow services would be assuming the role of banks if
40


they did this. This would draw Bitcoins closer to the traditional currency. This
is something that the Bitcoin community would not favor.

9.

Unknown tec
hnical flaws: the Bitcoin system may possess unknown technical
flaws. This is because it is a fairly new system. If Bitcoins were to be adopted
widely and such a flaw unearthed, it may accord tremendous worth to the
exploiter, while completely crippling th
e Bitcoin economy.

10.

The Bitcoin system has built in deflation. The total number of
B
itcoins is
limited to 21 million. This already sets the currency up for deflation. The
value of every Bitcoin is bound to rise as more and more people adopt the
currency. Th
e system rewards early adopters. However, the question of when
to spend the Bitcoin has become more and mo
re important. This may result i
n
spending surges which may
lead

to uncontrollable and unpredictable
fluctuation.













41


Chapter
5
:

Analysis of
Anonymity


Although Bitcoin is often described as being anonymous, it is not inherently
anonymous. By using publicly available data and network analysis, the author will
perform a passive analysis. This will be achieved by looking at a case study of Bitcoi
n
theft. This case study involves a user who allegedly stole 25,000 Bitcoins. The
summary of the victim’s posts in Bitcoin forums and his transactions are as shown
below (Harrigan & Reid, 2013) [
29
].

The victim of the theft realized that he had been robbed

of his Bitcoins on
13/06/2011 and they had been sent to the address
“1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg”. Records indicate that the alleged
theft happened at 16:52:23 UTC on 13/06/2011. This was a short time after somebody
had broken into the Slush pool a
ccount of the victim and replaced the payout address
with “15iUDqk6nLmav3B1xUHPQivDpfMruVsu9f.” The Bitcoins legally belong to
“1J18yk7D353z3gRVcdbS7PV5Q8h5w6oWWG” [
29
]


5.1 Egocentric
A
nalysis

As shown in fig
10
, each vertex stands for a user and the flow of Bitcoins from
the public
-
key of a user that matches the source to the public
-
key of a user that
matches the target, is represented by a directed edge between the source and the
target. All directed edges are
colored according to their respective source vertices.
42


The network is not perfect because there exists a one
-
to
-
one mapping between the
users and public
-
keys.


Fig
ure
10
: the thief’s egocentric user network [
29
].

We only focus on the egocentric network around the thief. This is done by
including every vertex that can be reached through a path of length, ignoring
directionality and edges which are induced by the vertices included. All multiple
edges, plus edges and
loops that are not included in any biconnected component are
then removed to declutter. The red vertex is a representation of the thief while the
victim is represented by the green vertex. The green edge that joins the thief to the
victim is the theft proc
ess. There are two green edges but only one of them shows a
direct connection of the thief to the victim.

43



Fig
ure
11
: An interesting sub
-
network connecting the thief to the victim

[
29
]

Ignoring directionality, the thief and the victim are connected by
paths. If we
consider fig
ure

11

which shows a sub
-
network induced by the red, green, yellow,
purple and orange vertices, we realize that it is a cycle. By contracting all the vertices
whose respective public
-
keys belong to one user, one can attach values i
n timestamps
and Bitcoins to directed edges. It is noted that before the 25,000 BTC theft, there was
another 1 BTC theft. The victim later reported this in Bitcoin forums. Using off
-
network data, some other colored vertices can be identified. The purple ve
rtex shows
the slush
-
pool account while the orange vertex shows the computer hacker group
known as LulzSec. It can be seen that there was an attempt to link the theft with
LulzSec. However, this was not a real connection and it was created by the thief aft
er
the theft. There is a genuine link between the orange vertex and LulzSec. This was
created before the theft occurred. The thief had sent 0.31337 Bitcoins to LulzSec a
short time after the theft. However, the thief cannot be associated with LulzSec in an
y
other way. The main slush
-
pool account transferred 441.83 Bitcoins to the victim
within a 70
-
day period. Additionally, it sent 0.2 Bitcoins to the yellow vertex in a 2
-
44


day period. A day before that theft, the yellow vertex sent 0.120607 to LulzSec.
Accor
ding to Harrigan and Reid (2013) the user represented by the yellow vertex
owns at least 5 public
-
keys [
29
]:



13tst9ukW294Q7f6zRJr3VmLq6zp1C68EK



1MUpbAY7rjWxvLtUwLkARViqSdzypMgVW4



1AEW9ToWWwKoLFYSsLkPqDyHeS2feDVsVZ



1DcQvXMD87MaYcFZqHzDZyH3sAv8R5hMZe



1EWASKF
9DLUCgEFqfgrNaHzp3q4oEgjTsF

This user is a member of slush
-
pool just like the victim and a one
-
time LulzSec
donator like the thief. This donation which was done a day prior to the theft is this
user’s last known activity performed using any of his five key
s.


5.2 Software that
I
nteracts with Bitcoin


One of the programs that can be used to write applications in Java that interact
with a Bitcoin Network is BitcoinJ. BitcoinJ

is a handy open source program that can
be used for Java implementation on Bitcoin protocols. BitcoinJ allows maintenance of
a wallet and transaction by either sending or receiving without a local implementation
copy.

Armory is another open source program

that is a wallet management system