Challenges for cryptocurrencies

Large unsolved problems with cryptocurrencies

Published March 17, 2020Updated May 7, 2021

I have not failed. I’ve just found 10,000 ways that won’t work.
Thomas A. Edison

While cryptocurrencies do some things very well, there are several hard unsolved problems with cryptocurrencies. For example:

Adoption
Privacy and fungibility
Scalability
Energy usage

Which I’ll describe in more detail in this chapter.

Adoption

While this analogy might sound strange, money has an important similarity to social networks like Facebook, Twitter or Reddit: almost all their value come from them being used by others.

This is called the network effect, and Wikipedia has a succinct way to describe it:

When a network effect is present, the value of a product or service increases according to the number of others using it.
Wikipedia

You can have the best website in the world—beautiful, lightning fast and with all the features you could ever need—but if nobody’s using it it’s a worthless social network. Conversely you can have a shitty website, but it doesn’t matter as long as many people use it. A beautiful example of such a site is Twitter, which has an absolutely atrocious user interface, but it’s hugely valuable because so many people are invested in the platform.

The network effect is directly correlated to the functions of money: a medium of exchange, a unit of account and a store of value. If more people use a currency, the better it’ll function as money, and the fewer that use it the worse it’ll be.

Low adoption means it’s difficult to both accept and pay with cryptocurrencies. It even compromises censorship-resistance, as you’re forced through exchanges that can censor you instead of being able to spend cryptocurrencies directly. You might also partially attribute market immaturity to low adoption, as smaller markets are easier to manipulate and are more volatile.

As you might see, there’s a circular reasoning here:

I don’t pay with cryptocurrencies because nobody accepts them.

and

I don’t accept cryptocurrencies because nobody pays with them.

This is a tough cycle to break, which explains why cryptocurrencies—despite their many strengths—aren’t used more than they are.

For these reasons I think the lack of adoption is the biggest problem cryptocurrencies face—both in difficulty and in importance—and it’s much larger than the other issues we’ll see later in this chapter.

Privacy and fungibility

Bitcoin, like most cryptocurrencies, uses a public ledger where all transactions and addresses are public. We might say that Bitcoin is pseudo-anonymous: while you can see all transactions and addresses, you don’t know who owns an address. But if you know someone’s address, for example if they sent money to you, you can then trace all past and future transactions moving through that address:¹

Paying someone with allows you to see their funds. — After the merchant receives a payment from John, the merchant can see that John has sent 13 BTC to another address, out of an initial 40 BTC.
John appears to be quite rich.

You can trace coins back in history. — It’s possible to trace coins further back in history. Here we see that John’s coins come from a hacked exchange, whose address is known. It might mean John is the hacker or, more probably, that John has received *tainted* coins (coins associated with illegal behavior).

You can explore the Bitcoin blockchain, and see all transactions and addresses, on a blockchain explorer.²

In an attempt to make Bitcoin more private “mixing” services such as CoinJoin can be used. They work by mixing together your coins with the coins of others, in an attempt to obscure where the coins are coming from:

Obfuscation by mixing coins with other addresses. — A mixing service makes several addresses send to each other, in order to obfuscate the history. Although not shown here, because it would be too messy, all addresses and amounts are still visible.

They’re not perfect because you can still have a transaction graph, and you might be able to figure out where the coins originated from anyway.

Another approach is used by the shielded transactions of ZCash, where all information is hidden by zero-knowledge-proofs:

ZCash shielded transactions obfuscate everything. — Shielded transactions hide both addresses and amount of transactions, but normal transactions still have their details visible.

Both mixing and the shielded transactions in ZCash has a major problem: people need to actively choose to use them. This is annoying for users but it’s also bad for privacy (you can always try to match inputs and outputs even with a perfect black box mixer). It also raises suspicion and people might ask why you’re trying to hide your coins.

With this privacy scheme governments can still blacklist certain addresses, which might in the long run break fungibility as coins associated with those addresses become worth less than others.

Monero tries to solve this by hiding amounts and obscuring addresses for all transactions:

A Monero transaction comes from one of several possible addresses. — This is how the Monero blockchain appears to an observer. Each input is hidden among other transactions using *ring signatures*, but we cannot tell which one is real and which are fake. Receiving addresses are protected by *stealth addresses* and all amounts are also hidden.

The receiver of a transaction can see which is the correct one. — The merchant who receives the transaction can see which of the inputs is the correct one, the amount and a tag saying who the payment is from. (Alternatively the merchant could’ve given John a unique address and skip the transcation tagging.)

You can still verify the proof-of-work and even the coin supply on Monero, although verifying the coin supply isn’t as simple as on a transparent blockchain. For more technical details on Monero I recommend “Mastering Monero” or “Zero to Monero”.

There are other ideas of how to improve privacy and fungibility for cryptocurrencies, and cryptocurrencies of the future might work differently to what I’ve described here. There are weaknesses to the solutions we’ve seen so far, and they also come with disadvantages. For example, transactions in Monero are larger than transactions in Bitcoin, making Monero even more difficult to scale. But research is ongoing and I’m hopeful.

Scalability

Perhaps, the most famous technical issue cryptocurrencies face is how to scale them and to increase transaction throughput. This is the big drawback with a decentralized system compared to a centralized system; they’re just so much less efficient.

Bitcoin can for example only process around 3–7 transactions per second (tx/s) at max capacity, while PayPal processes on average 400 tx/s and VISA an average of 1 700 tx/s, with VISA’s peak capacity being over 24 000 tx/s. If cryptocurrencies hope to live up to their potential then there’s lots of work to do here.

But it’s not quite as bad as the numbers seem to suggest. Bitcoin operates far from the technical limits because they didn’t raise the blocksize limit, which controls how many transactions can fit in a block and essentially sets an artificial limit on transaction throughput. Bitcoin Cash, a fork of Bitcoin, has raised this limit and has more than 20 times the throughput of Bitcoin (around 150 tx/s). So, cryptocurrencies can at least be in the same playing field as PayPal.

But it’s not as easy as “just increase the blocksize”. Larger blocks have a centralizing effect, which compromises the core value proposition of a cryptocurrency, and if the network cannot handle them it may even break down.

There are a number of technical pain points that needs to be improved to scale a cryptocurrency. Here’s a list of some that I think are important:

Block propagation
When a miner finds a block it’s important that it propagates around the world to all other miners, so they can continue building on it. This should be done quickly, otherwise it’ll increase orphan rates (the risk that a block will get discarded as another one was found at the same time), which will have a centralizing effect as it harms smaller miners more than larger miners.
Blockchain size
Because full nodes must store transactions forever, it’s important that the blockchain size (containing all transactions) doesn’t outgrow the storage capacity of nodes.
As of 2020-03-04, the total blockchain size of Bitcoin is 265 GB. That’s not small, but a 1 TB SSD harddisk costs around $120 and can at the current rate store the entire BTC blockchain for almost 15 more years (it grows around 50 GB/year).
Bandwith usage
It’s important that nodes have internet connections with enough bandwidth to share transactions with each other.
Initial sync
When you first start up a node from scratch you need to download and validate the whole blockchain. This must be fast enough so that nodes are able to catch up in a reasonable amount of time.
Validation speed
Whenever a node sees blocks and transactions they must also validate them.
Miners can delay transaction validation and only validate the POW of a block and start mining it directly. This is a fair assumption as it’s very expensive to produce a valid POW for a block.

When we increase transaction throughput we also increase the burden of full nodes (those who validate and store the blockchain), it might mean that fewer people can run nodes, harming the node decentralization of the network. It’s not a problem as long as enough people can and want to run a node; exchanges, researchers, developers, payment processors, mining pools, and enthusiasts will want to as long as it’s not extremely expensive.³

Besides optimizing the standard basic structure defined by Bitcoin, there are other scaling proposals out there. Some say we should offload transactions to “layer two” networks, which will only occasionally settle back to a cryptocurrency thereby increasing transaction throughput.⁴

Others suggest we should use a completely different system, maybe giving up proof-of-work for delegated proof-of-stake or base it on the Avalanche protocol.

It may ultimately be impossible to scale a cryptocurrency so that everyone in the world uses it for their daily transactions, but I’m confident it’s possible to scale it to be useful on a global scale.

Energy usage

Do you know that it’s common to have two conflicting beliefs at the same time? You might know that eating too much candy is very bad for your health—and you really would like to lose weight—but you still eat it. Another example is how you think that cheating for an exam is wrong, but you still do it because “you had to”.

This is called cognitive dissonance and it can cause great discomfort when we have to face it. It’s also something I, as a cryptocurrency supporter and an environmentalist, struggle with.

The issue is that cryptocurrencies with proof-of-work use a lot of energy. Bitcoin uses more energy than entire countries!

Energy usage for Bitcoin and different countries. The consumption for all entries are still quite small if you compare to USA’s 3902 TWh or China’s 5564 TWh.
I used Blockchainanalytics to estimate Bitcoin’s energy consumption to 58.2 TWh, and worlddata.info to estimate energy consumption for the countries. (2020-03-11)

This is absolutely a big problem, but there are some important points we need to keep in mind:

The energy isn’t wasted
The energy is used to secure the chain, because to attack it you need to expend at least that amount of energy. If the energy usage was low, it would be easy to attack.
Unrelated to transaction throughput
Critics like to look at how much energy is spent to process a single transaction—which makes Bitcoin look extremely bad—but it’s a bit misleading since transaction throughput is an unrelated problem.
Mostly cheap and renewable energy
According to CoinShare’s research 73% of Bitcoin mining uses renewable energy, mostly in the form of cheap hydropower in China.
Energy consumption follow mining profitability
Bitcoin mining is purely profit driven; when the price of Bitcoin goes up, it becomes more profitable to mine and when the price goes down, it’s less profitable to mine. Similarly if the energy price would go up, then it’s less profitable to mine and Bitcoin would use less energy.
In fact, it’s already difficult to run a profitable mining operation, which is why most mining is based in countries with cheap energy.

There’s no other way to drastically reduce the energy usage than to replace proof-of-work with another consensus mechanism. I think this is one reason why proof-of-stake appeals to so many people, despite unsolved problems and large drawbacks.

If we’re stuck with proof-of-work, then we just have to accept that it uses a lot of energy, and we have to decide if it’s worth it. Are the use-cases valuable enough to warrant spending this much energy? Or are the skeptics right, and Bitcoin mining is just a terrible waste of energy?