Download presentation
Presentation is loading. Please wait.
Published byMarjory Carr Modified over 8 years ago
1
Risks and Regulation in Bitcoin Tyler Moore, CS 7403, University of Tulsa Some slides adapted from Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Princeton University
2
Overview Risks in Bitcoin Digression on deanonymizing transactions Regulating Bitcoin
3
Overview Risks in Bitcoin Digression on deanonymizing transactions Regulating Bitcoin
4
Risks in Bitcoin 1. Market Risk 2. Shallow Markets Problem 3. Counterparty Risk 4. Transaction Risk 5. Operational Risk 6. Privacy-Related Risk 7. Legal and Regulatory Risk
5
1. Market Risk
6
2. Shallow Markets Problem Buying or selling large amounts of bitcoin will affect the market price Many “Bitcoin Millionaires” cannot readily convert their fortunes into hard currency
7
3. Counterparty Risk Exchanges serve as de facto banks Around half close, sometimes suddenly and without reimbursing customers (Moore and Christin, FC 2013) Digital wallet services and exchanges are frequent targets for theft of coins Some services are simply scams
8
3. Counterparty Risk Vasek & Moore, Financial Crypto 2015: http://tylermoore.ens.utulsa.edu/fc15.pdf
9
4. Transaction Risk Irreversibility of bitcoin payments creates elevated transaction risk No clear resolution mechanism when fraud or error arises Risks due to delay in clearing transactions Uncertainty over what becomes authoritative block Double-spending risk
10
5. Operational Risk Any action that undermines Bitcoin’s technical infrastructure and security assumptions Malware in wallets Operator error Vulnerabilities in bitcoin core software Distributed denial-of-service attacks
11
5. Operational Risk Vasek, Thornton & Moore, BITCOIN 2014: http://tylermoore.ens.utulsa.edu/bitcoin14ddos.pdf
12
6. Privacy Risk Risk that transactions can be linked back to the people that made them See Section 6.2 in the Princeton book We now take a brief digression into how to de- anonymize Bitcoin
13
Overview Risks in Bitcoin Digression on deanonymizing transactions Regulating Bitcoin
14
Some say Bitcoin provides anonymity “ Bitcoin is a secure and anonymous digital currency ” — WikiLeaks donations page
15
Others say it doesn’t “ Bitcoin won't hide you from the NSA's prying eyes” — Wired UK
16
What do we mean by anonymity? Literally: anonymous = without a name Bitcoin addresses are public key hashes rather than real identities Computer scientists call this pseudonymity
17
Anonymity in computer science Different interactions of the same user with the system should not be linkable to each other Anonymity = pseudonymity + unlinkability
18
Pseudonymity vs anonymity in forums Reddit: pick a long-term pseudonym vs. 4Chan: make posts with no attribution at all
19
Defining unlinkability in Bitcoin Hard to link different addresses of the same user Hard to link different transactions of the same user Hard to link sender of a payment to its recipient
22
Trivial to create new address Best practice: always receive at fresh address So, unlinkable?
23
Alice buys a teapot at Big box store 5 3 6 8 Single transaction
24
Linking addresses Shared spending is evidence of joint control Addresses can be linked transitively
25
Clustering of addresses An Analysis of Anonymity in the Bitcoin System F. Reid and M. Harrigan PASSAT 2011
26
Change addresses 5 3 6 8.5.5 Which address is change?
27
“Idioms of use” Idiosyncratic features of wallet software e.g., each address used only once as change
28
Shared spending + idioms of use A Fistful of Bitcoins: Characterizing Payments Among Men with No Names S. Meiklejohn et al. IMC 2013
29
To tag service providers: transact! A Fistful of Bitcoins: Characterizing Payments Among Men with No Names S. Meiklejohn et al. 344 transactions Mining pools Wallet services Exchanges Vendors Gambling sites
30
Shared spending + idioms of use A Fistful of Bitcoins: Characterizing Payments Among Men with No Names S. Meiklejohn et al.
31
From services to users 1. High centralization in service providers Most flows pass through one of these — in a traceable way 2. Address — identity links in forums
32
7. Legal and Regulatory Risk Law-abiding user might lose their funds if an exchange is shut down for criminal activity Uncertain tax treatment of gains/losses due to currency fluctuations Let’s talk about Bitcoin’s regulatory environment
33
Overview Risks in Bitcoin Digression on deanonymizing transactions Regulating Bitcoin
34
Bitcoin’s original vision is in tension with regulation and government control Strong cyber-libertarianism streak The decentralized design makes it harder, but by no means impossible, to regulate
35
Making the case for oversight Untraceable digital cash defeats capital controls Country can’t stop Bitcoin value from flowing in or out Government countermeasure: disconnect BTC world from financial institutions Example: China
36
Making the case for oversight Untraceable digital cash facilitates some crimes: kidnapping and extortion tax evasion sale of illegal items
38
Silk Road largest online market for illegal drugs ran as a Tor hidden service payment in Bitcoins site held BTC in escrow while goods shipped eBay-like reputation system run by “Dread Pirate Roberts” operated February 2011 to October 2013
39
Ross Ulbricht operator of Silk Road Arrested October 2013 Charged with money laundering, computer hacking, conspiracy to traffic narcotics Convicted and sentenced to life imprisonment in 2015 He tried to cover his tracks, but they connected the dots government seized 174,000 BTC auctioned them to the public
40
lessons: hard to keep real and virtual separate hard to stay anonymous for a long time Feds can “follow the money” ⇒ money becomes untouchable
41
Making the case for oversight Consumer protection When Mt. Gox collapsed, lost $300M worth of bitcoins Need orderly process to distribute assets equitably Risk of collapse motivates need to disclose risks Information asymmetries among providers are rife Irreversible bitcoin payments run counter to many protections developed for traditional methods
42
Regulatory Options for Exchanges 1. Already, US FinCEN has issued guidance requiring exchanges to register as “money- services businesses” and comply with regs 2. No consumer protection thus far for dealing with fraudulent transactions 3. FDIC-style deposit insurance and authority to wind down failing exchanges possible, but not under consideration
43
Tax treatment 2014 IRS guidance Transactions to and from virtual currencies may create taxable events Gains and losses may be ordinary income or capital income
44
Anti-Money Laundering (Section 7.6) goal of AML: stop large amounts of money from (1) crossing borders, or (2) moving from underground to legitimate economy without detection
45
Know Your Customer (KYC): (1) identify and authenticate clients, (2) evaluate risk of client, (3) watch for anomalous behavior.
46
Mandatory reporting in U.S.: Must report currency transactions over $10,000. ⇒ file “currency transaction report” Must watch for clients “structuring” transactions to avoid reporting. ⇒ file “suspicious activity report” Requirements differ by country; consult your lawyer.
47
Note well: government takes this very seriously! Bitcoin businesses have been shut down. Businesspeople have been arrested.
48
Conclusion Virtual currencies create many opportunities, but also introduce many risks As Bitcoin (or its successor) becomes more popular, regulation will inevitably take hold
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.