“I believe that Bitcoin will find its niche”
Malte Möser works as a research assistant at the chair for junior professorship for business informatics and IT security at the Westphalian Wilhelms University in Münster. The research focus is on virtual currencies. In addition to his completed bachelor’s degree in business informatics, Mr. Möser published works with Rainer Böhme and Dominic Breuker such as “An Inquiry into Money Laundering Tools in the Bitcoin Ecosystem (2013)” and “Towards Risk Scoring of Bitcoin Transactions (2014)”. At the Bitcoin Conference in Cologne 2013 he gave a lecture on “Pseudo-anonymity and anonymity – can you trace Bitcoins back?”
The interview was conducted by Felix Vögele
FV: How did you personally come across Bitcoin? Do you mine yourself?
MM: At the beginning of 2013, so relatively late, I became aware of the cryptographic currency through a specialization module on Bitcoin as part of my studies. That was the first course in Germany on the subject of Bitcoin. Since there was little literature on Bitcoin at the time, we students were each assigned a small research topic, on which we then wrote a seminar paper. I myself mainly dealt with the anonymity of Bitcoin transactions. For example, fellow students of mine wrote about alternatives to proof-of-work or analyzed the increase in hashrate using econometric methods. While working on the topics, we came into contact with the many different aspects of Bitcoin, including mining.Back then I sacrificed a bit of the life of my graphics card, and after a month and a half it had calculated me almost half a bitcoin. However, I soon gave up mining because it was no longer worthwhile due to the increase in the hashrate.
FV: Especially now, after the many hacker attacks on file sharing platforms and wallets, many users are surrendering the question: How secure is the Bitcoin system?
MM: Users are exposed to various risks when using Bitcoin, and everyone has to decide for themselves how far they want to prevent them . For example, anyone who still relies on exchanging Bitcoin for their local currency to buy bread rolls is exposed to market risk. In the past few months, the exchange rate fluctuated quite sharply. At the end of last year it climbed to over USD 1000 and then fell back to $ 400-600 for the first time. Users can hardly prevent the loss due to price fluctuations. You should not buy more Bitcoins than you are willing to lose in extreme cases. Ethereum can also be considered as one of the options. Let it be a younger crypt, but it is still suitable for various operations, more on https://cryptoine.com/ethereum-ico/.
In particular, users who do not manage their Bitcoins themselves are exposed to a counterparty risk. The best example is the hack and the subsequent bankruptcy of the Japanese exchange Mt. Gox. Most of the Bitcoin trading takes place on a few platforms, and the past has shown that many of them have been vulnerable to attack due to software bugs. There have also been cases in which platform operators have disappeared with their users’ bitcoins. I think Mt.Gox Fall has sensitized both users and providers and in the future we will have more secure offers that adhere to certain best practices and have these verified by external audits.
I manage my Bitcoins myself, I have to prevent operational risks. Regular backups, for example, protect against the loss of private keys, which of course should not be stored unencrypted on the hard drive. The development of secure wallets, such as hardware wallets, or better support for multi-signature addresses will increase the security of using Bitcoin in the future.
There are also transaction risks, for example if the amount I send contains one zero too much. Since transactions are irreversible, I depend on the recipient’s cooperation to send me back the bitcoins that have been paid too much. Better user interfaces can of course also help to avoid mistakes. Systemic risks can never be completely ruled out either, for example programming errors in the software or advances in cryptanalysis that make the protocol vulnerable. But since quite a number of developers have now read the Bitcoin source code and the development of quantum computers is still a long way off, these risks should be negligible for normal users.
FV: Together with Mr. Böhme and Mr. Breuker examined the possibility of money laundering through Bitcoin. What was your conclusion? Please give our readers a brief insight into the work.
MM: Contrary to some representations in the media, the Bitcoin system does not offer anonymity. Addresses are just pseudonyms, and as soon as I can assign an address to its owner, it is possible to find the transactions made with this address in the block chain. With various heuristics (such as multi-input transactions and change addresses) I can then also infer other addresses of the user. At many trading venues, I have to provide the operator with information about my identity so that an address is automatically assigned to identity.
There are different ways to increase my anonymity in the Bitcoin system, and one of them is the transaction anonymizers (Bitcoin Mixers) we examined. These services work as follows: I send a certain amount of bitcoins to this service, and after a mostly random period of time, the service pays me the amount minus a fee to an address I have generated again. The bitcoins that I receive have been deposited by other users, which makes it impossible to use the heuristics mentioned above.
Presumably, such services are not only used for legal purposes, as they make it quite easy to launder funds in the Bitcoin system. We have therefore examined how well these services work and have come to the conclusion that they are good enough to make classic ways of combating money laundering in Bitcoin impossible. However, they also have some disadvantages: they charge high fees of several percent of the transaction amount, the user has to trust the service that it will pay out the deposited bitcoins and of course that the service does not keep any log files and may even sell them on. We also found some patterns in the transaction graph, such as long payout chains, which can make it possible to identify mixers.
FV: Your latest publication deals with risk assessment in Bitcoin transactions. Please also give a brief insight here.
MM: From our work on money laundering in the Bitcoin system, we concluded that the traditional way of combating money laundering using know-your-customer is not applicable because it will never be possible to know the identities behind all addresses. On the other hand, it makes sense to take advantage of the fact that all transactions are publicly stored and contain a reference to the previous transactions. This enables the very controversial blacklisting of transactions in the Bitcoin community: transactions that I know were used for illegal purposes are blacklisted, i.e. they lose value. This then has to be propagated through the entire transaction graph, otherwise it would be possible to simply create a new transaction, which then has the full value again.
The problem with blacklisting is that every user is now exposed to a further risk . He could get a transaction that will be blacklisted in the future, causing him financial damage, even though he is not responsible for it himself. This means that every payee must assess the risk associated with blacklisting before accepting a transaction. As a result, each Bitcoin would now be individually priced, which would affect the fungibility, which is so important for a currency.
FV: Finally, one more question about your forecast.How will Bitcoin develop in the future?
MM: I don’t think that Bitcoin as we currently know it will establish itself as the central payment system on the Internet. The system is too inefficient and scales too poorly for that. However, the technology and the possible applications based on it are extremely exciting. I believe that Bitcoin will find its niche and that decentralized, cryptographic currencies will not be sold in the future.