Challenges for cryptocurrencies

Large unsolved problems with cryptocurrencies

While cryptocurrencies do some things very well, there are several hard unsolved problems with cryptocurrencies. Here’s a description of some of them.

This is a work in progress and I’ll add more items as I go.

Privacy and fungibility

Bitcoin, like most cryptocurrencies, uses a public ledger where all transactions and addresses are public. We might say that Bitcoin is pseudo-anonymous: while you can see all transactions and addresses you don’t know who owns an address. But if you know someone’s address, for example they sent money to you, you can then trace all past and future transactions moving through that address.1

1It’s possible to for example build a list of the Bitcoin addresses with the most coins and to monitor them to see when they send or receive coins.

There are also companies like Chainalysis that work to track your cryptocurrency assets and to analyze your financial activity.

After the merchant receives a payment from John, the merchant can see that John has sent 13 BTC to another address and that John still has 40 - 1 - 13 = 26 BTC on the original address.
John appears to be quite rich.
It’s possible to trace coins further back in history. Here we see that John’s coins come from a hacked exchange, whose address is known. It might mean John is the hacker or, more probably, that John has received tainted coins (coins associated with illegal behavior).

You can explore the Bitcoin blockchain, and see all transactions and addresses, on a blockchain explorer.2

2Tired of the moniker “privacy coins” given to coins that protect your privacy, some have started referring to cryptocurrencies with a transparent blockchain as “surveillance coins”.

I personally don’t like either of them. They feel too tribal to me, like slurs used to belittle “the others”.

In an attempt to make Bitcoin more private “mixing” services such as CoinJoin can be used. They work by mixing together your coins with the coins of others, in an attempt to obscure where the coins are coming from.

A mixing service makes several addresses send to each other, in order to obfuscate the history. Although not shown here, because it would be messy, all addresses and amounts are still visible.

They’re not perfect because you can still have a transaction graph, and you might be able to figure out where the coins originated from anyway. Another approach is used by the shielded transactions of ZCash, where all information is hidden.

Shielded transactions hide both addresses and amount of transactions, but normal transactions still have their details visible.

Both mixing and the shielded transactions in ZCash has a major problem: people need to actively choose to use them. This is annoying for users but it’s also bad for privacy (you can always try to match inputs and outputs even with a perfect black box mixer). It also raises suspicion and people might ask why you’re trying to hide your coins.

With this privacy scheme governments can still blacklist certain addresses, which might in the long run break fungibility as coins associated with those addresses become worth less than others.3

3As noted in the chapter What is money? fungibility is a core property of money. This is why it’s wrong to label cryptocurrencies trying to address this problem as “privacy coins”—the issue goes beyond privacy.

Monero tries to solve this by hiding amounts and obscuring addresses for all transactions.

This is how the Monero blockchain appears to an observer. Each input is hidden among other transactions, but we cannot tell which one is real and which are fake. Receiving addresses are protected by stealth addresses and all amounts are also hidden.
The merchant who receives the transaction can see which of the inputs is the correct one, the amount and a tag saying who the payment is from. (Alternatively the merchant could’ve given John a unique address and skip the transcation tagging.)

You can still verify the proof-of-work and even the coin supply on Monero, although verifying the coin supply isn’t as simple as on a transparent blockchain. For more technical details on Monero I recommend “Mastering Monero” written by SerHack.

There are other ideas of how to improve privacy and fungibility for cryptocurrencies, and cryptocurrencies of the future might work differently to what I’ve described here. There are weaknesses to the solutions we’ve seen so far and they also come with disadvantages. For example transactions in Monero are larger than transactions in Bitcoin, making Monero even more difficult to scale. But research is ongoing and I’m hopeful.