Veteran cryptographer Bruce Schneier has strongly attacked “trust automation” value claims by blockchain advocates in a piece published in Wired this week called, “There’s No Good Reason to Trust Blockchain Technology.”
He also called cryptocurrencies “useless” to anyone but spectators and criminals:
“Honestly, cryptocurrencies are useless. They’re only used by speculators looking for quick riches, people who don’t like government backed currencies, and criminals who want a black-market way to exchange money.”
Schneider also took pains to distinguish public blockchains from privately-controlled distributed ledgers, which he says have been available for over half a century:
“Private blockchains are completely uninteresting….These are not anything new; they’re distributed append-only data structures with a list of individuals authorized to add to it. Consensus protocols have been studied in distributed systems for more than 60 years. Append-only data structures have been similarly well covered. They’re blockchains in name only, and—as far as I can tell—the only reason to operate one is to ride on the blockchain hype.”
Schneier’s claims here echo those of Bitcoiner and developer Jimmy Song, who has repeatedly advised businesses interested in distributed ledgers to add an encryption feature to standard database protocols already widely available from established providers.
Many “blockchain” project purveyors seeking to raise millions from investors via ICO have made extraordinary claims about how their version of a “blockchain” will revolutionize and cut costs in whatever sector by automating middle-men and replacing them with “immutable” code.
Schneier calls these cost-saving claims false:
“Blockchain enthusiasts point to more traditional forms of trust—bank processing fees, for example—as expensive. But blockchain trust is also costly; the cost is just hidden. For Bitcoin, that’s the cost of the additional bitcoin mined, the transaction fees, and the enormous environmental waste…Bitcoin has the most expensive consensus algorithm the world has ever seen, by far.”
Scheier joins a growing number of naysayers increasingly heard over the hype (thanks probably to crypto bear market). Most “blockchain” claims, says Schneier, are nonsense:
“Much has been written about blockchains and how they displace, reshape, or eliminate trust. But when you analyze both blockchain and trust, you quickly realize that there is much more hype than value. Blockchain solutions are often much worse than what they replace.”
This contention might help explain why, despite the billions invested so far by investors in the so-called “fourth industrial revolution,” few projects have come to fruition and human problems of trust remain.
To Schneier, trust cannot be left to the robots, nor sidelined by appealing catch phrases like “in code we trust,” “in math we trust,” and “in crypto we trust”:
“Trust is essential to society. As a species, humans are wired to trust one another. Society can’t function without trust, and the fact that we mostly don’t even think about it is a measure of how well trust works.”
Schneier says he published a book on trust and security in 2012 called Liars and Outliers:
“In it, I listed four very general systems our species uses to incentivize trustworthy behavior. The first two are morals and reputation. The problem is that they scale only to a certain population size….(The) third is institutions. Institutions have rules and laws that induce people to behave according to the group norm, imposing sanctions on those who do not. In a sense, laws formalize reputation….(T)he fourth is security systems…door locks and tall fences, alarm systems and guards, forensics and audit systems, and so on.”
Typically, crypto aficionados have poor trust for institutions and a strong desire to see trust become a matter of machines.
But the large number of hacks on crypto exchanges ($15 billion hacked from exchanges so far), fraudulent ICOs and crypto investment schemes, and simple problems of safely managing one’s cryptographic keys, have all tested the notion that trust is resolved, now or ever, by ‘magic Internet money’:
“When that trust turns out to be misplaced, there is no recourse. If your bitcoin exchange gets hacked, you lose all of your money. If your bitcoin wallet gets hacked, you lose all of your money. If you forget your login credentials, you lose all of your money. If there’s a bug in the code of your smart contract, you lose all of your money. If someone successfully hacks the blockchain security, you lose all of your money.
Until we all “speak code” at least, losses in the virtual world force victims to seek recourse in traditional rule-enforcing structures:
“Would you rather trust a human legal system or the details of some computer code you don’t have the expertise to audit?”
Blockchains are also unlikely to succeed in significantly leveling society, says Schneier:
“Blockchain doesn’t eliminate the need to trust human institutions. There will always be a big gap that can’t be addressed by technology alone. People still need to be in charge, and there is always a need for governance outside the system…Any blockchain system will have to coexist with other, more conventional systems.”
Like many previous political and social experiments, blockchain ‘devolves’ back to a system of leaders:
“Moreover, in any distributed trust system, there are backdoor methods for centralization to creep back in. With bitcoin, there are only a few miners of consequence. There’s one company that provides most of the mining hardware. There are only a few dominant exchanges. To the extent that most people interact with bitcoin, it is through these centralized systems. This also allows for attacks against blockchain-based systems.”
Maybe the circumspect are wise, says Schneier:
“To the extent that people don’t use bitcoin, it’s because they don’t trust bitcoin. That has nothing to do with the cryptography or the protocols. In fact, a system where you can lose your life savings if you forget your key or download a piece of malware is not particularly trustworthy. No amount of explaining how SHA-256 works to prevent double-spending will fix that.”