The FTX/SBF debacle was the largest theft ever pulled off without the aid or agency of a government. It is deeply ironic that the heisted assets were of a kind invented with the objective of making theft impossible.
The problem that Bitcoin and all the cryptocurrencies that have since elbowed for places in the same niche are designed to solve was summarized thus in Bitcoin’s founding manifesto:
Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes. The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make nonreversible payments for nonreversible services. With the possibility of reversal, the need for trust spreads. Merchants must be wary of their customers, hassling them for more information than they would otherwise need. A certain percentage of fraud is accepted as unavoidable. These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party. [emphasis added]
Bitcoin’s “high concept” was to replace the “current electronic payment [with one] based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party”. The implementation of the concept is rather complicated, but the two central elements are simple.
First, the only way to alter the ownership of a bitcoin or any other unit of cryptocurrency is to authorize the transaction with a “private key”, which looks like the output of random typing, as it pretty much is. In the Bitcoin system, for instance, a key consists of 32 bytes of data, usually produced by a random number generator. A simple method would be to flip a coin 256 times, recording “heads” as 1 and “tails” as 0. For a glimpse of fancier methods, see “How to generate your very own Bitcoin private key”.
Second, the record of ownership isn’t held in a single electronic location. Any sufficiently powerful computer can copy the Bitcoin database (called the “blockchain”). A verification system (too elaborate to describe here) ensures that an up-to-date consensus database always exists. Purported transactions based on a non-consensus copy (such as one in which an account is credited with holding more coins than it really owns) won’t pass verification.
Taken together, these features elevate the degree of difficulty for fake transactions to an insanely high level (at least until and unless quantum computing becomes an everyday reality). On the other side of the satoshi (1/100,000,000th of a bitcoin), the risk of loss is elevated, too. Without his private key, an owner of cryptocurrency can do nothing with it, and, just as keys are unguessable, so also are they unrecoverable. The is no “Lost My Password” button. You can read tales of vanished virtual fortunes here.
Since memorizing a private key is a feat reserved for idiots savants, the key has to be recorded somewhere. The safest method is a “cold wallet” unconnected to the Internet. A common technique is to store the key on an encrypted flash drive that is kept inside a fire-proof safe, except when it is exhumed and attached to a computer for the purpose of authorizing a transaction.
Since cold wallets require extra effort, many cryptocurrency holders make use of Internet-connected “hot wallets”. Someone with access to a hot wallet can copy the keys that it holds. FTX customers’ wallets were held by FTX. The customers trusted Samuel Bankman-Fried and his cronies to use the keys only for authorized transactions. Instead, their assets were transferred sub rosa to a hedge fund operated by the SBF cabal. The hedge fund invested the loot unsuccessfully until too little remained to execute customers’ legitimate transactions.
FTX wasn’t anything so grand as a Ponzi scheme. It was simple theft: not even sophisticated theft. Nonetheless, as Andrew McCarthy observes, it is being treated by many commentators, notably by progressives eager to expand the reach of the Administrative State, as a peculiarly crypto crime, one that demonstrates the urgency of greatly expanding the regulation of cryptocurrencies or perhaps outlawing them altogether, as has largely happened in the communist-controlled regions of China.
I’ve never bought so much as one satoshi and probably never will. It’s quite possible that cryptocurrencies, which are in essence a privately operated medium of exchange, supply an illusory demand. If so, they will fade away under the pressure of market forces. If not, stifling them through government action can be justified only by a strong case. FTX, an ordinary crime that violated a raft of existing laws, isn’t that case.
Comments