If you'll excuse me, I have to go to the bank. I just realized that I left a million dollars in the pockets of the jeans that I just washed. I suppose I should dry them out and deposit them, along with the $100,000 I just found fallen between then cushions of my couch.
If you want to start an online financial services business, the first thing to do is start researching the legal requirements for doing so, both where your business is located and where most of your likely customers will be. Not looking at them doesn't mean the rules don't apply, it's just grossly—potentially criminally—negligent.
In fact, that's the case for anyone starting almost any business. You need to examine the legal and regulatory environment in which you'll be operating as the very first step of your due diligence. Anything else is negligent.
Who’d have thought that there might be an incentive for operators in a totally unregulated market to take people’s assets and run? Or that self-regulation would be so lacking in a market that purposefully concocts information asymmetries that benefit money creators/the tech-savvy…. or that the Bitcoin system was only recreating and replicating all the bad incentives we know and love in our current system, which are now being curbed by intensified post-crisis regulation?
Irony of irony, Bitcoin Magazine concludes that since it is unfortunately the case that many bitcoin businesses must use escrow accounts to hold people’s bitcoin, the only solution to the problem is moving towards a quint-party agreement to manage unauthorised liability creation in the system...
But you mustn’t confuse this with some sort of recommendation to forge a Federal Bitcoin Reserve system. It’s a “Five Parties Model” system. Entirely different...
All in all, it would be NOTHING like the Federal Reserve System we have already arrived at thanks to decades of collective trial and error, and acquired wisdom from the countless bank collapses and system crises that have come before us.
Except, of course it would be exactly like the Fed. And where it wasn’t yet exactly like the Fed, it would soon be, because exactly the same human processes, incentives and behaviours would govern its evolution and development.
Proving the point yet again that there is nothing new under the sun, and that bitcoin is more of a replication of the old unregulated past, under a new technological order, which society collectively refined and regulated until it created the system-stabilising framework we know today, than a golden era of finance no-one had yet been smart enough to discover beforehand.
B: Oh yeah? Well look at all the shenanigans that happen at the re-entry points to the conventional financial system! Checkmate, hard-moneyists.
I hear this a lot, but I think it's really only true with a massive asterix next to it. Can you explain how bitcoin will work, for instance, in a retail model? It seems like the transactions take a long (relatively) time to verify, which leaves two options:
1. The customer waits (not really a possibility - maybe for bar tabs it's sort of ok?)
2. The vendor purchases some level of security or risk management that allows transactions to occur instantly with a minimum amount of doublespend. And there's your transaction fee. Maybe it will be less than the credit card fee?
Am I wrong? I haven't been able to have anyone explain this to me.
This is considered safe because even though there are various tricks you can pull with no confirmations, the hashpower needed to do any of them is so great that you would make far more money turning that hashpower towards legitimate mining than by scamming retailers.
With Bitcoin value, block rewards, and hashrates as they are now, this means that anything less expensive then a car or a boat is okay to complete immediately. Waiting up to an hour for a couple of confirmations for a purchase of $10k or higher doesn't sound like too big of a deal.
Thanks for answering, appreciate it - stuff like this is surprisingly difficult to google for.
The heart of the Bitcoin system is the block confirmation system. Once a transaction has been accepted into a block and that block becomes part of the official blockchain, it becomes essentially impossible to perform any kind of scam or attack on that transaction, such as spending those coins somewhere else. Only one spend of a particular quantity of bitcoins can be in the blockchain at once, so any attempt to spend them again will be rejected.
The trouble is that this is relatively slow. Getting one confirmation on a transaction takes probably like 5 minutes on average, and could vary depending essentially on the luck of the mining network at that moment. Using 6 confirmation is the official recommendation, and this may be expected to take about 1hr.
It isn't necessary to use the official recommendation, though. It's always hard to attack the system, and the 6 confirmation point is where it becomes essentially impossible for even major governments to attack the system, but such strong security is not necessary on all transactions. So the question becomes, how hard do we need to make it for a particular transaction?
To guess at that, we have to look at attacks. I mentioned earlier completing the physical transaction after the initial arrival of a Bitcoin transaction through the P2P Bitcoin network, before any blocks confirming it come in. To do a double-spend in that scenario, you would put 2 transactions spending the same coins on the network, and arrange for one to hit the vendor's system, while the other went out to the rest of the network and would be included in the next block. That's tough to arrange though - who knows what nodes the vendor is connected to, and it's impossible to know which miner will produce the next block. To have a solid chance at pulling this attack off, you would have to run a very powerful miner yourself, solve a block with a transaction spending some of your coins before another miner solved a block, then hold back that block, and perform your transaction at the target vendor between when you solved that block that you are holding and when another miner does.
That's a window of a could of minutes, maybe, and it could take days or weeks or longer for your miner to solve a block that puts you in the position to do this. The timing is very tough to pull off at a physical store, then. And to do all of this, you have to be running your own independent miner, which is powerful enough to have a reasonable chance at solving a block in the next couple of weeks. But just running that miner as a normal miner means you're likely to get the mined block reward, currently 25 bitcoins, currently worth $12,500, just for solving that block. Why pull the funny business with transactions for, say, a $10 sandwich when you just made over 1000 times that money by doing nothing?
So because of this, completing physical transactions after only a receipt of the Bitcoin transaction is a risk, but given the high difficulty and low reward to the attacker, and low loss amount to the business, it seems like a very acceptable risk to make the purchase process more convenient to the normal customers.
As for bitcoin, to my knowledge this is pretty much analoguous to "transaction confirmation", which typically happens in 10 minutes. So it's actually much much faster than credit card payments.
What are you going to do, provide a detailed transaction history to the retailer proving that "your bitcoin transactions always are legit?" Kind of removes the last of the "anonymity" afforded by Bitcoin.
So the idea is that if you're a regular retail store, accepting unconfirmed transactions is fine. Unless a big exploit becomes known, any fraud you might happen to see certianly won't any higher than the credit card chargebacks you're getting now. If you're selling your house, you probably want to wait for a few block confirmations.
Not to mention there are other crypto-currencies with significantly faster block clearing times, and cryptocoin to cryptocoin exchanges are significantly easier to run than bitcoin to fiat exchanges.
So it really seems like all of this is only a minor inconvenience for bitcoin if anything. And there's certainly no reason to ever have to trust someone because "they've been legit in the past", that's an approximation of trust that previous systems have had to rely on but exactly what bitcoin avoids.
You really expect every mom and pop store to accept Bitcoins when they have to be as technically literate as the posters of HN?
What? You really think a small business has zero credit card fraud? You're wrong. Not to mention when you get hit with a chargeback, you get charged a fee that is usually higher than the amount stolen from you to begin with.
The credit card companies push fraud liability down to the merchant in the current system.
Bitcoin probably is less susceptible to PoS fraud than credit cards are, from a merchant standpoint. Consumer of course is a different story.
I see you've never run a small business that accepts credit cards before. They are far more than 0 risk.
Secondly, why would a business turn down any means by which a customer wants to pay? Have you ever run a business? Do you typically turn down cash payments? Bitcoin is cash.
Just in case he's not making it clear from the description of what actually doing that would involve, mining a block is a big deal. You're talking about winning the lottery in competition with 35 million other gigahash/sec worth of mining power. If the worst you want to do with that block is defraud a mom and pop store that accepts bitcoin you're positing a scenario something on the order of a multimillion dollar operation in order to undertake such an attempt. If you're going to do that, you're not going to try to defraud the corner store for a snickers bar.
Also, if that's genuinely not enough;
Plenty of 60 second block confirm altcoin chains out there, no reason to use bitcoin if you absolutely insist on some way to address the double spend "problem".
The other and less costly way is all about node connectivity. If you are going to execute a double spend all you 'need' to do is broadcast two txs spending the same output at the same time--one going to the merchant the other spending it back to yourself--and cross your fingers and hope the double spend gets put in a block. Now, you can increase the probability (e.g. shielding the merchant's node from your double spend) of success but it's not a sure bet. And the higher the node connectivity of the network (i.e. how many nodes are each node connected to) the harder this attack becomes.
There has been some work in this area, especially in pursuit of the efficacy of double spend attacks in light of some minor changes to the protocol which (I think) were rolled into core with the most release 0.9.0. It's about .09% probability of success.
But there is a trusted 3rd party (the issuing bank) that gives an instant reply as to whether the purchaser's account has enough funds (or credit) to make the purchase, and assumes much of the risk if they are wrong and the purchaser is uncollectible.
Maybe they don't need to take 2-5% of each transaction to provide this service, but it does seem like a pure, anonymous bitcoin transaction can not provide this service to a retailer.
Which is too long when waiting at a counter in a retail scenario. Imagine if every customer had to wait around for 10 minutes to verify the transaction, it would be chaos in a busy retail situation (even 1 minute is way too long), which is the point being raised by the GP comment.
The merchant might have to wait weeks to actually receive payment from a credit card company, but at least they know they will eventually get paid, as Visa or whoever is a trusted entity. Bitcoin is 'trustless', so if the customer can leave as soon as they like, the merchant might confirm the transaction in 10 minutes, or they might not get paid at all.
With bitcoin, you actually have to use real security to secure your possessions. There is no local police force preventing a break in or a credit card company which will absorb fraudulent charges, or a bank that will flag and freeze questionable withdraws. In a crypto currency world, the wealth will have a tendency to flow not to the most business savy or politically connected but to the most secure (in some dimensions we see that the same thing happens with global wealth, both in terms of countries and currencies.)
The flip side of that is, stolen bitcoins may fall under a legal classification of stolen property and be retrievable through legal systems -- or at the least blacklisted and non spendable through sources that fall under those jurisdictions. That outcome, I think, is the most important thing to watch, above any other hypothetical bitcoin regulation or banning. If I was an active bitcoin startup I would build a system to identify and classify bitcoins as safe, stolen, unknown, or questionable.
Think of the current implementation of bitcoin as crypto currency alpha build 2 or 3. It is slightly amusing that people would risk so much of their own capital to participate in an alpha test, but also necessary in order to truly stress test the system.
shenanigans that happen at the re-entry points to the conventional financial system
Those shenanigans aren't exclusive to exchanges. Exchanges are currently the epicenter of shenanigans because they're just high volume and operate on bitcoin as if it wasn't just a different asset in the conventional financial system.
People that are neither true believers nor in a specifically bitcoin focused business operate as normal. Bitcoin is just internet fun bucks that have to be liquidated. So the Bitcoin transactions get treated the same as any other transaction, as a result they carry the benefits of the processes created around conventional transactions.
In your recent post (http://ftalphaville.ft.com/2014/03/03/1787992/magic-the-unde...), which I found via Brad DeLong’s web site, you described Bitcoin as "totally unregulated" and "completely unregulated" a number of times. Such characterizations are completely erroneous, and you should probably correct your post.
Unfortunately, many people are under the impression that Bitcoin is unregulated because its various proponents (such as Marc Andreessen, the Bitcoin Foundation, etc.) have done an excellent job convincing the world that it’s so new and supposedly novel that no regulations could possibly apply. That’s not even close to true. In the United States, numerous Bank Secrecy Act statutes, 18 U.S.C. § 1960, and a state money transmission framework involving 47 different state laws all apply. The problem is that the state laws are hugely problematic, the regulators are bumbling fools, the entrepreneurs and their venture capitalist backers are exceptionally cunning in their efforts to evade regulatory scrutiny, while the press utterly refuses to write about what is actually going on. My company is the plaintiff in two federal lawsuits over the issue, one of which has set the record for the most-delayed, non-stayed motion to dismiss in California federal judicial history (764 days and counting):
If you’re interested in the issues, I would suggest that you read my recent comment letter to the Consumer Financial Protection Bureau, which can be found here:
You may also find this article on my personal web site about Mt. Gox specifically and the role of Iowa’s state regulators of interest:
Feel free to let me know if you have any questions.
I.E. Regulate the companies that are engaging in currency like transactions on top of the bitcoin ledger, but don't be too quick to attempt to regulate bitcoin itself.
As far as regulation goes what does one have to do with the other? I would answer yes to your question and also answer yes if someone asked if I could accept that a printing press that could be used to print currency should not be regulated as a currency. However as soon as you use the currency making tools to make currency then that currency should be regulated as a currency.
please don't rebut with a public good argument.
Since you anticipate one, why not preemptively respond to the best examples of one that you can think of rather than begging internet strangers to be nice to you?
Second of all, the question posed here was both presumptuous and awfully vague. I'm not about to go on the record in response to that kind of question other than to reject it. I'm sorry if that makes me come off as prickly--I have to put other considerations ahead of public perception.
His answer to "Can we agree?" is wrong?
If you disagree with the points put forth disemminate them and offer a rebuttal. Do you think that the presented cryptographic solution is one that is equivalent to money? if so why? I'm sure if I wanted to argue so I could think of some parallels or arguments to illustrate the point (possibly using the example of the current credit or financial systems, though I think I would personally disagree with those arguments). If not and you take exception to some other point raised state what that is.
Your response as it is provides 1 bit of information and that is only as to your opinion on a matter and is thus semantically useless.
How does the suit relate to your experience with FaceCash?
Everyone who lost money in this knew the risks. Nobody is calling for accountability beyond the guy that actually is accountable. How refreshing is that? How refreshing is it to actually have a name of the person who fucked up, instead of a stream of pseudonymous apologetic soundbites from banks/regulators/politicians?
Not to mention the fact this whole problem is completely self contained. There is no talk of rescuing MtGox with tax money, or the need for a "national debate" on how to run this shit in the future. If you didn't run MtGox or have money in MtGox or don't outright choose to be involve yourself in some other way then you can go to bed at night and sleep well knowing it is absolutely not your problem.
This, friends, is one example of the many long forgotten benefits of private trade.
I think you'd find the debate would have been entirely different if the scale of it wasn't such that most people, if asked, would go "MtGox? What's that?"
This is why there are bailouts of the finance sector. A bank loses this kind of money, they get it back for free.
But that doesn't stop this old sore being rolled out regularly. Who need the truth when you've got Truthiness on your side, eh?
as already stated, the economic impacts were larger than the money owed, and the abstract impacts are untold and likely substantial.
the 'too big to fail' paradigm was novel, and a clear abuse of their position. Most of us are upset at the fact that corporations literally held the idea of 'global financial well-being' hostage.
"Save us, if not only to save yourselves." is not anything that any corporation should ever or ever be able to say, especially to the government of an entire nation.
This sounds very truthy, but there was no market rate on the interest on loans to insolvent banks that was less than infinity%. The reason the government loaned them money was because they were completely uncreditworthy, and at those rates, they could have (and did) just invest the money in treasuries and take the favorable difference in the interest rate as a gift.
Simultaneously, we started a massive program of buying all of their shit debt at par.
Banks supply capital to firms, the government bailed them out (and the automakers) because no one else was willing to supply capital to get the economy rolling.
Where did he other half go? Not mentioned in the article. Also, that investment was paid back in grossly inflated dollars, thanks to QE.
In the US, banks are regulated by the Federal Reserve. They have the authority to close and liquidate a bank. They have no authority to bailout a bank. That authority is the responsibility of Congress.
I'm pretty sure it's the same in other countries with a regulated banking sector. The UK parliament decided to bailout their banks, the German senate chose not to.
That's way too simple a statement for the US banking system. Banks in the US are regulated by the Federal Reserve, by the Federal Deposit Insurance Corporation, by the Office of Foreign Assets Control and a few others.
FDIC insured accounts are liabilities on a bank's balance sheet.
(I made the mistake of talking when I shouldn't have, I wasn't trying to mislead)
Is the understanding of the financial crisis really this poor? Paulson literally forced the banks to take TARP. The CEO of BofA and other banks that didn't need it spent a lot of time in the media complaining about it.
He also forced the retail banks to merge with and absorb the losses of the investment banks.
He wasn't able to do this because of direct permission, but because the Fed has so much power that everybody just has to listen to what they say.
Yes. One of the great tricks of this disaster (as in most financial crises) is that the powers that be were able to convince to public that there was some single enemy that caused this problem, in this case the "banks", completely ignoring the banks' customers and clients (businesses small and large, mortgage brokers, house-flippers, home-buyers, honest investors, fraudsters, sovereign nations) or the fact that the banks consists of hundreds of thousands of actors working and thinking independently.
This crisis was so much more complicated than "The banks were too greedy". But that's as deep as most people care to get.
That said, the quantitative easing programs are basically bailouts, just not as overt as opening up the public treasury.
The meeting minutes came out in an FOIA request and lawsuit:
> Ben, Sheila, John, Tim and I have asked you here ..
> If a capital fusion is not appealing, you should be aware that your regulator will require it in any circumstance.
I hope you know that the FED is not a independent institution, but owned by the banks themselves?
Another thing to keep in mind, the people who got the bailouts are a subset of the people who claim unfettered capitalism will cure all ills.
Indeed, other exchanges and other Bitcoin businesses don't appear to suffer from the gross incompetence that brought down MtGox.
> Another thing to keep in mind, the people who got the bailouts are a subset of the people who claim unfettered capitalism will cure all ills.
Is that so? In that case they are paying the same kind of lip service to that point as a kleptocratic dictator on his private jet is to socialism.
Iceland did it by stiffing creditors. That's a short-run gain, long-term pain solution.
With regards to Canada, there are specific laws that have inhibited a housing crisis, but we don't know if we have avoided anything yet. Our housing in major centres is as frothy as the peaks of almost anywhere else in the world who suffered a bust. It's too early to say.
Customers lose that kind of money, they get it back for free. Socialising losses is an annoyingly common theme in ‘capitalist’ countries; unfortunately, it is politically infeasible not to bail out failed banks.
This is a bit naive isn't it? Imagine contacting FINCEN, or whatever other appropriate regulatory agencies at the time of MtGox's founding when Bitcoin was a novelty and worth practically nothing. Imagine trying to explain to them what a "Bitcoin" is. Imagine being thrown out of their offices "Go away kid. Grown-ups are working here." Even if you did find some reasonable solution, compliance would have probably made the proposition unprofitable. Bitcoin might never have got off the ground if your advice were followed rigorously.
OTOH, it is certainly unforgivable for Kerpales to have continued in shooting from the hip after becoming a millionaire; and after MtGox was raking in the kind of fees that would have supported hiring legal staff, building a robust trading engine, and implementing some sane practices for data protection.
Much of the financial regulation that exists that would apply to MtGox has nothing to do with Bitcoin per se, it has to do with keeping customer accounts denominated in fiat currency and disbursing funds at customer direction from those accounts to accounts of other customers.
I lost over $5000 USD (in fiat) on Mt. Gox and I want my money. Seeing stories like this just raise more questions that I wish didn't have to be asked.
At least the reddit discussions I've been directed to have been very unscientific— more pseudo-scientific in that they dump a bunch of data and throw around some technical terms. Though there may be some selection bias since people are probably more likely to ask me for my opinion on the more questionable work.
Total novice. Clearly didn't talk to his lawyer first.
there's one hell of a difference between a large financial organisation or an exchange and some half arsed startup who hacked up a web site in PHP that just happens to handle something that represents a currency. The former at least probably has a QA team, knows industry regulations and best practices and designs their architecture properly. Oh and they have cumulative experience and a designated location you can visit with burning torches and pitchforks when they steal your money. I'm ignoring regulation as I've worked in the compliance industry and it's entirely about working around it.
Not joking and I'm sure that this is going to stand on a few toes but some of the stuff I've seen on HN is verging on criminal. So many immature poorly thought out and damn right dangerous products being thrown out. Lots of people are sitting on ticking bombs like this.
Nobody is saying that traditional financial institutions are perfect, but at least they are regulated and at least there are checks and balances in place. By and large the examples people roll out of these institutions behaving badly are examples of the regulators and legal frameworks working the way they are supposed to.
Knight capital were in a risky business and they blew it. It happens. But they're the exception, not the rule. In the wonderful world of Bitcoin, the goings on at MtGox looks like the rule, not the exception.
Excuse me, you must have forgotten about a certain global financial meltdown in 2008?
Knight capital was a cock up in a high risk trading env. They paid for that.
HSBC was money laundering which is basically the entire purpose of a bank.
NatWest was a process cock up.
However no money went "oops we lost it" and was never seen again. At most, even with HSBC consumer withdrawal limits it's a minor inconvenience for a couple of days.
Much like mobile phone networks, people expect 100% uptime but that's unrealistic in practice. Always keep £200 rolled up in your mattress.
This is a very strong statement.
Do you mind backing it up, or is this just meant as a glib throwaway quip?
One of the functions of banks is indeed to hide the source and destination of your money. My grocer doesn't get to know who employs me; my employer doesn't see where I spend my money.
Yes, you can achieve that with cash, without directly involving a bank. But the money is still issued by a bank.
I'm not saying that it's impossible to achieve this level of information hiding without banks, but I can see where the GP is coming from in his argument.
Seriously, that's screwed up. That being said, banks have insurance and all that jazz. So even though the state of security is not that great, it seems that you are less likely to get screwed incase of a screwup.
Edit: apparently I don't need them any more.
HSBC does still require it though.
I love it when I find $120MM under the couch. It really makes my day.
The reality however, is that it's just not all that easy to cut out the middleman. People follow the path of least resistance, and educating yourself on cold storage and paper wallets and the like just isn't that easy compared to simply trusting a third party to do it all for you. Unfortunately, in doing so you give up all the benefits of bitcoin, AND all the benefits of traditional banking with it's oversight and FDIC coverage, etc. Literally the worst of both worlds.
Is this just a symptom of the wrong-headed thinking around cloud SaaS, where data and continuity are considered to be of such low value that they can be entrusted to any number of external parties?