Excited to show off something that we've been working on: the Bitcoin Note. The Bitcoin Note is a cash instrument that is backed by Bitcoin via multisig. Each note is printed with beautiful, currency-grade elements that use secure printing techniques typically reserved for government documents like microtext, raised print and foil. More importantly, each note includes a secure NFC chip which is where a multisig lives that allows you to claim the Bitcoin at any time.
We were heavily inspired by OG Bitcoin physical money like Casascius coins, however, we wanted to created a design whereby (1) anyone can spend, gift and share the Bitcoin for years to come without having to worry a sophisticated attacker who extracts a private key from under a label or scratch off and (2) trust was minimized on that part of the printer (us).
This lead us to the design we landed on for the Bitcoin Note
1) An NFC chip readable by nearly all modern smartphones
2) A two part multisig where (1) we write an encrypted private key to the note (and don't keep a copy and (2) you write a user key to the note in plaintext and then load the note
3) We only release the decryption key when someone cuts the note and reports this via an authenticated and encrypted way to our server
4) The multisig reverts to only your key after a printed expiration date on the note
5) You can re-key the user key on the note you receive if you want to hold it for a long time
We believe that the result of this design achieves the goal of Bitcoin that's incredibly easy to use - like cash - but still preserves the important quality of self-custody. Take a look at http://bitcoinnote.com/ to learn more and reserve a spot in line for our release later this summer.
Am I missing something about how cutting notes works, or am I correct in saying that cutting notes relies on a centralized single-company-controlled server being both online and releasing a decryption key?
This entire release seems a little bit light on technical details so it's not clear to me exactly what notes are doing when they're transferred, but it does seem like on first glance there are a lot of red flags here. I would love to see a more detailed technical breakdown on that website that isn't just promotional material.
----
Even ignoring the centralization angle, all of the verification advice I'm seeing boils down to "scan each note and cut it when you receive it." And if everyone is going to do that, what's the point of using a physical note instead of an app? The promo images and descriptions clearly expect that this is going to be used like cash so that technical burdens are lessened for people who aren't good with more traditional cryptocurrency transaction methods.
But if non-technical users use it like cash, they're not going to scan anything. And if you think you can teach them to scan every bill in their wallet with a phone, then... why not just teach them to use the phone?
> Am I missing something about how cutting notes works, or am I correct in saying that cutting notes relies on a centralized single-company-controlled server being both online and releasing a decryption key?
That's correct.
> Even ignoring the centralization angle, all of the verification advice I'm seeing boils down to "scan each note and cut it when you receive it." And if everyone is going to do that, what's the point of using a physical note instead of an app? The promo images and descriptions clearly expect that this is going to be used like cash so that technical burdens are lessened for people who aren't good with more traditional cryptocurrency transaction methods.
Not quite; rather than cutting the note you could re-key it and store it. Or, if you are planning to use the note immediately or near term in commerce, you might have sufficient confidence that our re-key service won't shut down (but yes, this obviously implies some trust if you hold notes without re-keying of claiming).
> But if non-technical users use it like cash, they're not going to scan anything. And if you think you can teach them to scan every bill in their wallet with a phone, then... why not just teach them to use the phone?
Because with a phone alone they need to store their keys locally. With re-keyed notes (or notes from family members who have re-keyed them), they can immediately store notes in a safe place without the problem of phone hacks or loss.
> Or, if you are planning to use the note immediately or near term in commerce, you might have sufficient confidence that our re-key service won't shut down (but yes, this obviously implies some trust if you hold notes without re-keying of claiming).
Does this mean that your private servers have the ability to re-key notes? What prevents someone from scanning the chip or storing the user key that they generated, handing the note to someone else, and then walking around the corner and immediately using the scanned information to re-key it?
Without understanding more about the technical details, this feels like unless a user is using an app to re-key immediately at the time of transfer that it's significantly less secure than normal cash. I guess I'm not completely clear on what you're doing with user keys.
---
> Because with a phone alone they need to store their keys locally.
But they have to do that here too, or is the assertion that they don't need to back up the user key necessarily and that it's not secret? Is the user key just plain-text readable?
If the user key is accessible from the chip just via scanning (not cutting), and isn't a user-defined secret that only they know (which seems like would require some form of backup), then does that mean an attacker can just walk past my wallet with a reasonably powerful RFID reader and then rekey every single one of my bills?
> Without understanding more about the technical details, this feels like unless a user is using an app to re-key immediately at the time of transfer that it's significantly less secure than normal cash.
We will have a security overview doc up soon, we ran out of time to have it ready today. Long story short, there are pending key rotation states and the latest holder can always re-key the note again. But it is indeed distinct from cash; we can't just state a note has value like governments do, by fiat.
We have to provide users with sufficient information to assess the veracity of that claim relative to the functions of Bitcoin and the information we provide on the note.
> But they have to do that here too, or is the assertion that they don't need to back up the user key necessarily?
Not necessarily; in the condition where a user is confident they are the only ones that can claim, they can place the notes in a safe the same way they might printed Bitcoin keys or Opendimes (I would recommend a fireproof safe).
> We will have a security overview doc up soon, we ran out of time to have it ready today.
I mean this respectfully - why would you release a cryptographic method of transferring money - without going into detail of how it actually works? That's kinda the entire point of cryptocurrency, that we have a way to be mathematically confident the money is safe - but you didn't tell us the math. Especially on HN were a lot of the audience is technical enough to want to and be able to verify it to some degree.
I see you have patent US10896412B2, which honestly I have to ask how this is any different from any other hardware wallet?
> A physical cryptocurrency may comprise a physical medium and an attached processor.
I read some of the details (admittedly not all) and I'm still unsure how this is different from any other hardware wallet. AFAIK this is just a hardware wallet that exposes it's public key, then exposes it's private key when you cut the wire? Then we still need your signature to transfer the crypto, which is so double spend is prevented?
Also, if your servers go down or you're hacked or rm -rf dir/ * happens, will all the notes become unusable? Are we relying on you to maintain servers indefinitely?
> I mean this respectfully - why would you release a cryptographic method of transferring money - without going into detail of how it actually works? That's kinda the entire point of cryptocurrency, that we have a way to be mathematically confident the money is safe - but you didn't tell us the math. Especially on HN were a lot of the audience is technical enough to want to and be able to verify it to some degree.
As noted, the app will be open source as will the (brief) Bitcoin script for audit. For the sake of simplicity 2-of-2 multisig that downgrades to 1-of-2 multisig over time should capture the essence of how these notes work.
> Also, if your servers go down or you're hacked or rm -rf dir/ * happens, will all the notes become unusable? Are we relying on you to maintain servers indefinitely?
Nope. Users can always claim funds after the expiration date of January 3rd 2029 using the user key stored on the note.
> For the sake of simplicity 2-of-2 multisig that downgrades to 1-of-2 multisig over time should capture the essence of how these notes work.
> Users can always claim funds after the expiration date of January 3rd 2029 using the user key stored on the note.
Interesting, thank you. That does seem more reasonable to me. Best of luck with your project.
>Nope. Users can always claim funds after the expiration date of January 3rd 2029 using the user key stored on the note.
Wait what? If your service gets hacked or goes away, the funds will be usable seven years from now? How is this statement different from “You’ll find out whether or tech stack works years from now “?
This kind of "smart-contracts" can be made and tested today on the Bitcoin network. Instead of picking a block-height of 7-9 years in the future, you could pick one on the next 20 minutes....
The code (if not put in a Taproot transaction) is "naked" visible on the blockchain, so no "trust" is needed.
Yes, that makes more sense, I was mischaracterizing it. 1-of-1 is more appropriate (although the notion of a 1-of-1 multisig is a little odd at face value until one digs in).
> This kind of impulsivity is exactly what I don't want from people dealing with money.
You're going to be really disappointed to hear how most fintech startups, and non-startups, and non-fintech software companies, and non-startup companies, operate then.
Yeah its bad, but lets not act like the bar was ever high to begin with.
I'm not saying that's the bar across all companies, that's ridiculous. I'm saying my bar is someone has to prove they are competent for me to trust them with my money.
And given how many crypto scams there have been, one's bar should be higher than your normal startup, unless you don't care about losing money put into it.
It's the same way I don't let a friend borrow money if he's generally irresponsible or burned me in the past just because he guarantees he can double it by the end of the month.
I don't know if you're implying this, but it seems like you think because every company has to start somewhere it means they inherently deserve trust and little criticism to help them along?
They are trying to build a physical/digital bearer instrument. Not a company, pure cash in your pocket. Of course the standards for security are higher.
Does "cutting" a note mean taking scissors to cut it physically? Can you cut it in the corner or it has to be "across" a sensor boundary somehow breaking connectivity?
Can you tear the note apart and have it work too, if you don't have scissors on hand for example?
Maybe you can sell a kit that comes with the notes and a special cutter, like a cigar cutter with a box
Cash is the most popular peer to peer payment medium. By far.
Most people don’t think about its implicit properties but it’s low trust, instant, final, anonymous, and works offline. If you care about transactions per second it outpaces Visa by a country mile.
That there is no onchain record of your transaction, instant settlement, and the receiving party can’t see your balance are nice enhancements for Bitcoin in certain types of transactions.
Further, most currencies be it yen or dollars, operate mostly electronically but still have a cash form. Now Bitcoin does too.
I assume this is a technical limitation rather than a business decision to sell more notes. But I do wonder (as someone who doesn't quite understand cryptography and multisig beyond the basics of how Bitcoin works), barring a protocol update, is it technically impossible to have reusable notes or was this a trade-off/design decision? If it is possible, is the trade-off it requiring an on-chain transaction to update the multisig every time the note change hands?
This looks like a cool gift, but the necessity of destroying the note to move it, or otherwise trust the giver didn't copy the key, makes it a bad currency (I understand that cold-storage is the aimed use-case, not currency). My first thought on the landing page was that the keys were inaccessible to the holder without destroying the note for moving it to a known address (which would be somewhat alike trading in US dollars for gold, back in the day). I.e., that you could trust the note holds it's denomination as long as it is not cut. That would make it a proper offline and trustless currency. Is there a future where such notes will exist and does it require a major protocol update?
> I assume this is a technical limitation rather than a business decision to sell more notes. But I do wonder (as someone who doesn't quite understand cryptography and multisig beyond the basics of how Bitcoin works), barring a protocol update, is it technically impossible to have reusable notes or was this a trade-off/design decision? If it is possible, is the trade-off it requiring an on-chain transaction to update the multisig every time the note change hands?
This is a trade-off; we could issue notes that never expire and do not require cutting to claim (and could be reloaded), however, this would require perpetual trust that we remain in existence without a fallback. Creating an expiration date mirrors how real money wears out after use. Our intent here isn't to sell more notes; in a medium-confidence scenario our hope is that after a long life in circulation the final holder of the notes re-keys them and puts them in a safe place until 2029 at which point they claim without cutting the notes (and retain them as collectable artifacts with no Bitcoin value thereafter). Our goal is not to sell more notes because they are cut/expired, but rather because we have new designs and denominations.
> This looks like a cool gift, but the necessity of destroying the note to move it, or otherwise trust the giver didn't copy the key, makes it a bad currency (I understand that cold-storage is the aimed use-case, not currency). My first thought on the landing page was that the keys were inaccessible to the holder without destroying the note for moving it to a known address (which would be somewhat alike trading in US dollars for gold, back in the day). I.e., that you could trust the note holds it's denomination as long as it is not cut. That would make it a proper offline and trustless currency. Is there a future where such notes will exist and does it require a major protocol update?
If there is anything beyond zero trust that we exist in some form into the future, the goal is that the recipient can re-key a note from an untrusted giver without cutting the note. In a medium trust world you can assume that a note hold value without scanning it so long as the expiration date is not past. But this requires several things -- (1) trusting that we will continue to exist and facilitate key rotation and (2) that the previous holder carried out some validation and is somewhat trustworthy -- e.g. potentially a bank or large retailer. For low value notes this doesn't seem completely unreasonable, but I appreciate why no one would treat the notes that way without some track record. Given a theoretical new chip which doesn't exist there are some additional possibilities here.
Decirculating old currencies can either happen intentionally or unintentionally.
Intentionally decirculating old currencies is called demurrage. Think Swiss bank notes. They tend to recall old notes every 30 years when they issue a new generation of notes. They are currently on generation nine and just recalled generation eight. Bitcoin Note is on generation one.
While it is somewhat common in centralized printed currencies like the franc or the pound it is an important feature of decentralized printed currencies to help dirciculate old notes as there is no central mechanism to cull old notes. One wants to put economic pressure to dicirculate old notes for a variety of reasons but perhaps one of the most important ones is because chips become less secure over time. (Analogously one wants to put economic pressure on miners to upgrade to the latest bitcoin network (such as when taproot came out).)
It's important to note, the Bitcoin stored on the note doesn't "disappear" after 2029 - but rather the multi-sig on the note reverts from 2-of-2 to 1-of-2 so the value can be claimed - in effect turning the note into something more like a claimable voucher or gift card. It contains value, you just generally wouldn't circulate it after then.
At that point in time the note downgrades to a 1-of-2 multisig where only the user key on the note is needed to create a transaction. Cutting the note isn't required/is irrelevant as the second encrypted key has no function at that time.
> Because with a phone alone they need to store their keys locally. With re-keyed notes (or notes from family members who have re-keyed them), they can immediately store notes in a safe place without the problem of phone hacks or loss.
In a safe place, like a wallet? This seems dramatic unnecessary. You can lose cash. And it’s measurable how much easier it is to lose paper money compared to a phone.
Hard cash went electronic. Why would electronic cash go hard?
Because it's easier to understand and safely custody than private keys for the billions of people who know how to use cash but haven't encountered Bitcoin yet.
The re-keying seems like a hassle to get grandparents to do - wouldn't it be better if the cash value is linked to a generated wallet that is locked behind a very strong key? That way the cash becomes the physical representation of X amount if BTC with "real" backing?
Yes; you are effectively requesting sending from the original 2-of-2 multisig to a new 2-of-2 multisig in the re-key procedure. The user broadcasts the transactions and pays the fees. For all transfers we're recommending using the lowest fee tier possible as given the fact that the notes are intended to be long-lived, rushing to load or re-key them doesn't make a ton of sense.
Gifting cold storage is the main case we see here. Namely to someone who might throw out a printed private key. We spoke with many Bitcoiners who know that friends and family lost coins they gave them in the early days simply because a printed private key doesn't have much gravitas.
What advantage does this have over a thick, pretty foil envelope with nice embossing telling people what the printed code/long barcode/micro-SD card inside is for?
The psychology of cash and how people hold and spend it is unique from any other physical financial instruments. They keep it safer and spend less than they would with credit cards or debit cards.
A completely foreign object with a printed key might be kept safe -- but it isn't intuitive to do so. We heard multiple stories of people gifting Bitcoin at events like weddings only for private keys to be tossed out with cards.
How can people hold on onto their birth certificate? The infrastructure is already in place for that, so the problem is that they didn’t understand that that piece of paper was worth money.
Handing over a monopoly bill will have the same fate. You can’t keep it in your wallet and it can be lost easily.
Either way this is a ridiculous project and would probably best be served by the concept of “gift card” instead, given your explanation.
Sorry, I don't follow any of your reasoning here. Monopoly money is a low cost print with little detail on standard paper. People don't throw away foreign currency simply because they don't know what it's worth. I'd recommend taking a look at the psychology of cash to understand my point better.
Are you sure? If I find a single bill from a random country I assume the worth isn't a whole lot. Such bills get stashed in the souvenir box which may or may not be thrown out at any point when space runs out.
> I don't follow any of your reasoning here
I don't think the birth certificate analogy is that hard to follow. It's easier to hold onto a US-letter-sized document than it is to save a single bill that you should not place in a wallet.
Except apparently you need to be online to send them the info after you cut the note. So its not really cold storage. What if their company shuts down?
You can do cold storage by securing seeds on metal, such as titanium, or any robust material you like.
Is this because you have a time-locked transaction to move the funds from the P2MS to a P2PKH? How does that work when it's "re-keyed"? Wouldn't each re-key move to a new P2MS and have a transaction fee associated with it as well as have a second transaction for the HTLC transaction?
How are you doing time-lock encryption in this instance? Is it based off of a separate blockchain contract or is it one of the more traditional methods?
The time lock lets you optimistically circulate the note prior to the expiration date as even if previous holders know the user key they cannot use it to claim the Bitcoin alone.
So, it's paper money, but one that won't survive heat or strong electrical fields, and that you need to use with your phone. And will lose all value if the central repository goes under. And is not recyclable or efficiently burnable.
>So, it's paper money, but one that won't survive heat or strong electrical fields, and that you need to use with your phone. And will lose all value if the central repository goes under. And is not recyclable or efficiently burnable.
Literally none of this is true.
There's so many comments in this thread that pagination is now turned on so apologies if you didn't catch some of the explanation elsewhere.
It's a synthetic polymer (not paper) that can survive heat and strong electrical fields that can (but doesn't need to be) be validated with a computer, maintains its value if the issuing party goes under (see the key rotation comments in this thread) and is recyclable.
Burnable? Actually yes, at a high enough temperature (higher than linen) but it would first melt. We have previously experimented with "burn proof" polymers but found this wasn't an important metric to optimize for given the huge tradeoffs those materials come with and which our colleagues who make Hong Kong, Canadian, and Australian dollars also reached.
Wow it's crazy how literally none of that is on the website or supported by any evidence from the link. It's almost like you did a bad job and are now blaming everyone who noticed.
Even with all that being said, taking you at face value, it's bringing bitcoin into yet another format you can lose, and with its own tidy expiration date. Oh and let's not forget the extensive discussion of cutting or otherwise rendering the note useless on redemption. Are we supposed to believe this is an art piece or a serious monetary instrument. Traditional cash happens to be both and I can buy donuts with traditional cash, sans phone no less
Scroll down to the “Bitcoin bearer instruments that you want to hold” section. Read the subsections under “resilient” and “key rotation” which it appears you may have missed before posting your first comment.
Anytime one is communicating a new concept there is a trade off between under and over communication. In this instance I believe it’s important to note the notes are synthetic and function without centralization - and a point of pride the face value adds a fairly unique ability for fungible cold storage not requiring a phone - not a concept one usually thinks of as possible with hardware wallets.
On the other hand properties relating to their resilience to “strong electrical fields” or “efficient burning” characteristics did not come up as concerns by other customers during development, nor as other metrics on which various other physical currencies benchmark, but I will note that as an area we could clarify in the future.
I think people in this thread are taking this a bit too seriously.
To me this just looks like a novelty item, more akin to an art piece than a serious technology intended to be used on a daily basis. You gotta admit it looks pretty cool.
Thanks for the feedback. Ideally we would have opened up sales right away rather than a waiting list (we have the notes manufactured), but we are waiting to wrap up a few key pieces like the mobile apps.
We highlight the low serial notes as we know numismatists like to collect this sort of thing.
> we are waiting to wrap up a few key pieces like the mobile apps
Interesting approach but this Show HN got some decent attention. Are mobile apps even necessary? Doesn't waiting for them blow the attention you're getting via HN today?
We're going to showcase the physical notes in person at Consensus, which is arguably the last major Bitcoin conference of the year (certainly for US market).
We've found that having notes in person helps folks to understand the concept more easily.
This made me wonder, money has been around for a long time, so it's hard to ask about a specific event, but say the first minting of USD, was there ... a line to get it? Did the fed just dump huge sacks of the stuff at post offices with a note saying "you can use this instead of doubloons"?
Guess I am just curious if the same kind of effect was observed, I suppose banks would have been trying to "secure their spot" for some first release of $CURRENCY notes/coins? Hard to imagine Joe Homesteader lining up at 9AM.
I can’t speak to real life but if you want to read an enjoyable depiction of how society might react to novel currencies, check out Going Postal and Making Money by Terry Pratchett.
The biggest challenge we have with stablecoins is justifying why when US Dollars are ubiquitous and "free".
I think there are some good arguments for stablecoins in markets that desire dollars, but they are hard to get -- or for high denomination notes, however, we suspect there would be additional regulatory challenges here.
In maybe the far future, when a larger proportion of the population holds digital assets, I see a potential functional value in having this type of note - it's harder to digitally fake these notes, and "burning" might be harder than just ripping up the piece of paper.
To gift Bitcoin to people who are not used to using wallets. To have small amounts of Bitcoin not tied your phone or other online device in the case of destruction/hacking/etc. To allow for immediate settlement of a Bitcoin transaction.
That press release does not name any actual laws which were violated. You might do better to link to the ruling itself[0]; it's hardly less biased than the DoJ's statement, but it is at least more specific about the charges. The government's argument was quite expansive in claiming novel exclusive powers for the federal government, but even so their success hinged on (besides a very sympathetic court and favorable jury instructions) the fact that the Liberty Dollars were not just any private currency but actual metal coins incorporating some phrases and imagery vaguely similar to official US coins. The key elements were the visual similarity for the charge of counterfeiting (they're round like most coins, and likewise silver in color, and contain design inspired by US history—though not any from actual US currency), and the constitutional prohibition on states minting metal coins, despite the fact that the defendant was a private individual and not acting on behalf of any state.
There is no particular reason to think the same issues would apply to "minting" a private currency which did not consist of metallic coins or incorporate any "patriotic" imagery.
> Von NotHaus designed the Liberty Dollar currency in 1998 and the Liberty coins were marked with the dollar sign ($); the words dollar, USA, Liberty, Trust in God (instead of In God We Trust)
So that is not a great example, as it is currency designed to confuse people into thinking they are real dollars.
2.
The USA is just one set of laws. Over the pond in the UK, it is fine.
> as it is currency designed to confuse people into thinking they are real dollars
That was the government's argument. The defendant clearly disagreed. Arguably they were closer to "real dollars" (defined by the Coinage Act of 1792 to consist of 416 grains, or about 0.95 ounces, of standard silver) than anything the government has minted recently. A bit better, even.
The dollar sign and the word "dollar" are not unique to US currency and in fact predate the US entirely. Likewise for the word "liberty" or the phrase "trust in God"—if anything that last would probably be deemed a blatant violation of the separation of Church and State if the government actually put it on their currency. These are just generic elements common to many currencies and US culture. Even the initials "USA" don't actually imply any endorsement by the US government; you can find them on just about everything these days. The intent was patriotism, not confusion. The same would have been true if they had spelled out "United States of America" like the official coins, though of course they didn't do that.
Any actual confusion can more readily be blamed on the US Mint for making their coins too generic than on NORFED for making theirs too similar. At least NORFED put their name in their design; the US Mint did not.
The argument is not that "the dollar" is some kind of uniquely American concept, but that there is a legal object called the US dollar. There are laws applying to that object, including that you can't make a fake version of it.
The fact that the liberty dollar happened to cost more than a real dollar doesn't make it not a counterfeit; it makes its manufacturer a fool.
The Liberty Dollar was not a "fake version" of the US Dollar. It wasn't even a "fake version" of the Federal Reserve Notes (nominally denominated in US Dollars, but trading at a far lower value) which make up the vast majority of circulating currency and which too many people incorrectly refer to as the US Dollar.
> The fact that the liberty dollar happened to cost more than a real dollar doesn't make it not a counterfeit…
No, the fact that it was never intended as a counterfeit is what makes it not a counterfeit.
The cost in materials is comparable to a real US Dollar (not to be confused with a Federal Reserve Note); the full cost could actually be lower due to technological advancements.
There are, in the US, no laws against printing a private currency. There are laws forbidding you from calling your currency "dollars" or looking similar enough to US currency.
My thoughts exactly. What percentage of the world population is really bothered by centralized currency, banks and credit cards? Crypto is a solution searching for a problem.
Not just that, but Bitcoin acceptance is already pretty thin. There would be a subset of people who accept bitcoin who would accept this in person. I see this only being used to buy beer at Bitcoin meetups.
That said if they can find an initial group of super enthusiasts it might go well. Maybe Nayib Bukele would be interested in the technology to license it to El Salvador.
Sounds like survivors bias in a few words. Presumably the folks who had no market fit never got anywhere near an exit? I'm not sure I'd use this metric as a guide telling me to ignore the market.
Note: I have very little exposure to the crypto ecosystem.
I either don't understand the specifics of the keying or it doesn't make sense.
There's some kind of private key. Makes sense. But there appears to be some kind of second key. At some point the note will "expire" and only the person who owns the second key can redeem the Bitcoin?
If I understand right, either the person who physically holds the note can update the key (in which case what purpose does it serve) or the key needs to be transferred along with physical possession of the note (in which case what purpose does the product serve).
Also what does it mean for the note to be "cut"? Like with scissors?
Is this product just intended for hardcore crypto folks or is it intended for regular people too?
> Also what does it mean for the note to be "cut"? Like with scissors?
Yes, exactly. There is a spot indicated on the note to cut it. This "tampers" the associated chip which can be reported back to us so that we release the encryption key to decrypt the local key.
> Is this product just intended for hardcore crypto folks or is it intended for regular people too?
Regular people too! The UX of our app will simplify a big part of this by indicating to folks the state of a note and their options with respect to claiming Bitcoin.
Once the tamper circuit it tripped you cannot reverse it. But sure, one could try to carefully do this and pass off a note to someone who doesn't verify it electronically.
The construction of the multisig is such that (1) the key we generate and store encrypted on the note can never access the funds alone -- and we don't store it because we don't want to be custodians and (2) the end users load the notes, we never touch BTC.
I think you need a better explanation of the multisig procedure and how you are not a central authority, capable of spending the bitcoin, etc. I've seen multiple comments here confused by this.
3. What are the steps to receive it, including verification.
4. Convince me I won't lose my funds by accident.
5. Convince me I won't lose my funds by hack of protocol.
6. Convince me I won't lose funds if a hacker gains access to your centralized system.
7. What happens if I lose the note(s)?
8. Processing fees.
9. Can I give someone a note and avoid the Bitcoin transaction fee? (I am guessing yes as nothing needs to happen on the chain. But if I receive a note can I be sure I won't be swindled).
Frankly it seems weird you even need this pointed out to you.
If I wasn't giving you the benefit of the doubt, it really smells like your typical crypto scam to trick people that don't understand the technology fully into giving you money.
Thanks for the kind words -- it was incredibly fun to go through the design process of something like cash since we're all intimately familiar with the end product.
It was a pleasure to work with an actual banknote designer, Tom Badley, to accomplish this.
I like the "portrait" layout of the currency, compared to "landscape" for regular currency.¹ It makes it clear that there's something unusual about this money, a feature that I'd always taken for granted but suddenly is different.
¹Does anyone know of a country use portrait layout?
Does anyone remember Bitbills? They did something sorta similar to this very early in the BTC revolution. Instead of all of this advanced multisig tech, instead they put the public key and address in a QR code on the outside and the private key in a QR code held inside the bill. They were likely much more vulnerable to attacks, but they died because they were too early not because of that.
I feel ridiculous in taking this seriously, but it’s got me curious.
One thing that people seem to be missing: you could take the note, pay for something, then that person pays for something else and so on down the line until a person cuts the note to put it in their wallet for online use. That seems to sufficiently anonymize the transactions again, but maybe I’m wrong.
Depending on where in the lifecycle the note is, it's either a 2-of-2 multisig transaction or 1-of-2 multisig transaction, using only the user key in the latter case.
This feels like a Rick and Morty episode to me. They just reinvented cash money, with extra steps.
Only, without the oversight of a central bank.. Without the means to keep the exchange rate in check. They can't change the rate of interest or anything else.
So far with crypto the only use cases seems to be criminal. To buy illegal stuff and for ransomware. Maybe it could be useful in countries where the currency is devalued like some in South-America. But then all the extra steps seem to be a big hurdle to me.
It's a non-sovereign store of value (potentially). It's not meant to substitute completely for fiat credit for day to day commerce or transactions, just to be used a store of value to hedge currency debasement which is coming due to so much sovereign debt. It's gold in a more transmittable form.
You spend and transact mostly in fiat, you borrow in fiat. You save some percent of your earnings in more finite stores of value (you and everyone else already do this so the concept is not controversial).
As long as Federal reserve keeps tightening monetary conditions, nothing will beat cash. The argument is though that they cannot continue down this path as the amount of debt in the system will result in everything breaking as a result of this tightening.
Also, you do realize this point of view "muh down YTD" is a meme comment yes? Stare at any 6month period of any chart and you can make any argument you want. Are stocks not inflation hedges generally? Yet they are down YTD too. In the period of monetary expansion from 2020 through 2021, did not BTC do just fine hedging this monetary expansion? Even in Wiemar Germany, gold did not go up in a straight line, it was extremely volatile. BTC is more volatile than almost anything else that still long term has worked to hedge expansion of liquidity. BTC moves in line with growth or contraction of liquidity better than anything else. Just look at the charts.
Additionally, my point is this is the framework. It can also be a failed experiment. But there is no scenarios where a finite asset can replace fiat currency. There is theoretical basis for same asset to replace other forms of scarce stores of value. In principle, BTC is a SoV asset, not a transaction currency or unit of account by virtue of its technical fundamentals (un-inflatable supply, expensive to transact, slow).
Because some portion of cost of living will expand with it..housing prices, other financial assets and therefore wealth of those investing in them, and in the future, costs of commodities and other consumption items as investors drain the stored energy in these "liquidity capacitors" and the money flows into the real economy.
"mitigate the potential negative effects of" I guess..
>How is it a hedge if it moves in line with liquidity?
I don't know what you're asking? Liquidity expansion inflates assets, and BTC inflates more than almost anything, especially over a multi-year time frame.
It hedges just holding cash. It hedges the opportunity cost of not investing while invest-able assets are going up in value, and wages on a relative basis are not.
>Why is expansion of liquidity is something one would need to hedge against?
Sort of a philosophical question lol. Maybe you don't. If one wants to invest at all (why though?) this is a framework for thinking about that process.
What the everloving fuck are you talking about? Bitcoin is deflationary to the point that nearly everyone uses it as an "investment" vehicle, not to actually transfer money. Do you even know what inflation is?
Its price inflates. Prior to 2021 when people talk of the Federal reserve keeping rates low, general price inflation was low, but there was "inflation" in asset prices. This is what I'm referring to. Monetary inflation existed and it flowed into financial assets.
Without looking at details too much, it's seems significantly different than paper claims on a separate physical asset held by a custodian 3rd party subject to counter-party risk.
The control of the BTC is maintained with possession of the private key stored in the bearer asset cash.
Holding gold certificates does not enforce any fundamental claim or control of the actual asset the backs the paper; possession of the physical gold does. You need to trust somehow that the holder will exchange the gold for the paper in the future, as well as actually have the gold at that time.
Well, here you need to trust that their app will exist next year. And perhaps also that something will happen when you cut the notes, but I'm not sure I got that part...
I don't know if it exactly like gold certificates, but it sounds pretty close to "I'll pay you with cashews" to me. It's not terrible - I bet a many people exchange goods like this every day.
I'm curious about those numbers for both cases myself, but I know that only one of them you can actually get the numbers from (although only the number of coins in wallets, not coins belonging to users, as a user can have many wallets), the other one is completely in the dark as no one can really say who has what.
Since we can't know the numbers for fiat, we can at least try to understand it for Bitcoin. As far as I can tell, sources seem to point towards the number being closer to ~2% of wallets hold ~70% of all Bitcoin.
If this is a better/worse distribution than fiat, we will never know.
I used dash to buy food for people in Venezuela during the height of the Maduro conflict (still ongoing really but this is while it kicked off) when all other methods had failed.
It was farmer that turned his farm into direct sales, used an Uber like service to deliver and used DASH as point of sale and store of value...is what I did illegal??
There are a ton of uses cases out there where blockchain tech can provide a faster better solution, not every single case but it's there.
Even the 'criminal' side is nothing compared to the USD and how it's used. That same argue applies even stronger to fiat currencies.
A bankless note isn't a new idea, ops solution is novel and well thought out and there are markets that it solves pain points.
I am not sure the alternative (traditional banking) is so co2 neutral. As far as I know they all have plenty of huge buildings with hundreds of people wasting their time & resources working for them.
Don't get me wrong I am sure bitcoin is worse in terms of power usage, but not every crypto is automatically worse than what we have right now.
You can see it as an idiotic PoW for all those people working in those banks.
It's easy to make it renewable with benefits to us. The solar panel on a bank building is giving energy to people.
And I'm not saying that the current banking system is perfect (it actually optimizes itself quite well) but it has much more features while Bitcoin/crypto doesn't have real solutions for huge issues.
Fraud, scams, money laundry, investment tools, sepa, bank account recovery, global market regulations, sanctions Support etc.
And it does all of that with billions and billions of assets.
While Bitcoin consumes energy.
In an utopian society we don't need banks and no PoW crypto but that's not what is critical now.
Besides aluminum smelter, due to high energy costs there are other critical industry affected as well: paper making and glass making. Bottles for example.
> Only, without the oversight of a central bank.. Without the means to keep the exchange rate in check. They can't change the rate of interest or anything else.
You seem to have nailed the use case well. This is exactly why'd someone use something like this.
I'm not saying it's a good idea (nor a bad one), just that those things are "features" in the eyes of the cryptocurrency users and proponents, not bugs.
I don't know. The people I know that said "I really want my currency to have an unchecked exchange rate, that would do a lot for me" is 0. I also don't feel that's an honest representation of why anyone has gotten into btc (although I am sure some claim that's why they did it)
Libertarian maxis seem to think that negative externalities won't affect them personally.
In lieu of an elected government and sane central bank, monetary policy will be controlled by a cartel of your locality's most powerful gangs and paramilitaries.
There's a reason the example quoted is always Star Trek and not Somalia.
The one I know who actually want to use Bitcoin et al and/or work in the space (not outside "investors" who just want to earn as much money as soon as possible), don't consider the exchange rate important at all and couldn't care less about it, as Bitcoin is not for exchanging it to USD/EUR/whatever.
But presumably they care if bitcoin is still exchangeable to something (maybe goods and services?). The exchange rate to currencies determines the exchange rate to everything else. If they don’t care about exchanging bitcoin for currencies or goods or services then what is the purpose of BTC? Both currency and store of value use cases depend on exchangability.
There is a concept called Bitcoin maximalism that means, in my understanding, that the whole world would switch to BTC so that the exchange rates to other currencies wouldn’t matter anymore.
It’s easy to get paid in BTC if you land a crypto job, but it’s the groceries part that I can’t really imagine yet.
That's not an accurate description of BTC maximalism.
Usually a BTC maximalist means that within the context of crypto, they are BTC only and aggressively and passionately reject every other crypto token. This is what you call call a common maximalist stance.
Out of that group, a small minority is a believer in "hyperbitcoinization". This is an event where BTC becomes the dominant asset class, at the expense of gold, bonds, etc, with a market cap prediction for BTC ranging from 10-100T.
Even people with that (unlikely) hope, do not claim any currency replacement, only an asset shift.
So given the trilemma then, it sounds like Bitcoin maximalism means fixed exchange rates (since all countries use BTC), and free flow of capital (since that's the BTC ideal), which means no country can set independent monetary policy.
So you essentially have the Eurozone problems but across the entire world. Seems like many countries would try to avoid picking that side of the trilemma.
But even maximalists care to be able to use bitcoin to buy goods and services (eg be able to spend it). Since other currencies are also capable of being exchanged for good and services then the exchange rate to other currencies determines how much goods btc can buy (or there will be an arbitrage opportunity).
But even in a purely BTC universe, wouldn’t the relative value of goods/services stay the same? You’d still need more BTC, the same way you need more fiat today.
One of the few avenues for entertainment remaining on social media are watching BTC maxis and ETH bagholders argue that the other is completely useless.
"for the crypto enthusiasts, the problem with the legacy financial markets wasn't that they were manipulated, it's that they weren't in on it." (reproduced here from memory)
> Someone enlighten me on the merits of this idea.
Currency that can't be manipulated or devalued by the state or central banks. In other words: eliminates the potential for exactly what's taking place worldwide right now.
With inflation at the rate it's at, I can't help but laugh at "crypto is so volatile!" That argument made sense in the endless bull markets - but these days? What's not volatile? I-Bonds?
The idea that the US Dollar is the eternal pinnacle of stability always seemed naive in principle, but now its clearly naive in practice.
Yes, because tying deflation and inflation to the rate of 'how quickly do we mine gold' is a brilliant way to run an economy.
Don't open enough gold mines? Here comes the deflationary spiral of death to strangle the economy. Too many gold mines? Inflation, inflation, inflation.
Can we do anything to dampen either one? Nope.
> 2. Use it as a geopolitical weapon.
Sure as hell beats getting involved in an actual shooting war.
This was exactly the history of the American economy in the 19th century. Rapid episodes of deflation would regularly bankrupt farmers, who couldn't sell their crops for enough to repay their loans.
I'm not really sure why people opine about not using the gold standard.
Especially crypo-enthusiasts or even libertarians (I consider my self tangent to both these groups).
Gold is terrible for the following reasons.
* Supply is unknown so your market cap value is volatile to any sudden prospected windfall. This one is ESPECIALLY bad if you are a central government. Why would a central bank want to be beholden (with respect to purchasing power) to some random gold find that devalues the currency unexpectedly? (see wiki article about Mansa Musa who just went around destroying local economies because he just literally threw his gold around.)
* Gold is not very divisible, in that there are real costs to trying to divide the mint.
* Gold comes with high storage/security costs (especially if it is your currency back).
* Gold isn't really that transferable, the stuff is a pain in the ass to actually move around.
Gold has two things going for it.
1. It has manufacturing uses that provide real world value
2. Through out time people have a perception that it should have value. This perception spans across cultures and geography.
There's no opining about it. It was the best solution at the time and removing it eliminated the last remaining dam preventing absolute corruption of our money by the state.
The collapse of the Bretton-Woods system was really bad. It got so bad that Nixon had to temporarily suspend exchange of notes for gold. It eventually dragged all currencies into a death-spiral. You can read all about it in the history books. Why should it be repeated?
The Austrian school of economics radically simplifies economic theory to an absurd degree (I assume that's what you're signalling you follow given your statements). It treats empirical evidence as heresy. The only driving force behind all of their conspiracy theories and racist/anti-semitic dog-whistling is a belief that governments are evil and all inflation is bad. It's really reductive and anti-intellectual.
Inflation isn't inherently bad and not all inflation is the same.
In terms of geopolitics the collapse of the Bretton-Woods system has had many benefits. Much of the world eventually recovered by the mid-80s by the economic crises of the late-60s. Also in the history books.
War and debt are bedfellows. Everyone knows this. Also well known are the economic consequences of creating such debt by going to war. It turns out mostly authoritarian psychopaths will go to war or make crypto-currencies official currencies despite the economic consequences and impacts it would have on their citizens.
Because fiat enables them to be as much. If you can print money, you don't need public consent to go blow people out of the water, nor to justify obscene spending on the military. Every war the U.S. has been involved in since Vietnam has been a banker war, not a state war.
What's reductive and anti-intellectual is deluding people into believing that giving the government (or even worse, "economists" or central bankers) authority over their wealth is, somehow, going to multiply or protect it when we have ample examples to the contrary.
To your point, governments historically are evil and inflation is bad (it's arguably an inherent property of government as you're giving absolute power to the unproductive class). The idea that it's not (MMT) is the rationalization of a failed economic strategy that's put everyone's well-being in the crosshairs.
The idea that any of that is untrue is a result of unrelenting propaganda and indoctrination (or, in certain cases, someone who has directly benefited from the scheme). Any way you shake it, to think that what's happening isn't the result of malfeasance is denial, wholesale.
Mayer Rothschild codified the potential for this way of thinking with his Economic Inductance theory:
> Currency, or deposit loan accounts, has the required appearance of power that could be used to induce people into surrendering their real wealth in exchange for a promise of greater wealth (interests). When applied gradually, the public adapts to its presence and learns to tolerate its encroachment on their lives until the pressure (psychological via economic) becomes too great and they crack up, depending on their resilience capacity.
Flip on the television if you need insight into what people do when they "crack up."
It sounds to me like you believe in conspiracy theories about finance and banking and the threatening powers that control them. I suppose you also take Ezra Pound's later obscenities about global finance and the reasons for war to heart. And therein lies the problem with the goldbug: the path to fascism.
All inflation is bad is a highly reductive argument. It is much more complicated than that and most economic models indicate that a certain amount of inflation is a good thing for overall growth. This is why, in the US, the Federal Reserve targets 2% inflation. There are a lot of positive effects to inflation and trying to control it so that it grows moderately is a good thing. There are decades of research as to why this is the case even though I suspect it won't sway you I suggest you try reading it if you are seriously interested in educating yourself about what you're talking about.
Do I believe the current economic conditions are the result of a scheme among elite bankers? No. A conspiracy involving more than two people is not sustainable and not a conspiracy. Financial regulation is managed in most Western countries by democratic representation. In the US they created the Federal Reserve system. If you want to see what they get up to they publish their board meeting notes, research, reports, results of votes, etc. It's open information.
If Americans have a problem with the system they're free to vote for representation that will introduce laws that will change the way the Federal Reserve is run... although in my experience very few people even know what the Fed does or that they have a website.
I don't need the thought experiments of a long-dead banker who didn't live to see the formation of the Federal Reserve. The quote you're citing is antiquated. Banks today don't make money on deposits like they did in this Rothschild's day and people aren't worried about runs on a bank's reserves anymore.
Although if they're invested in crypto via Tether or any other stable coin they ought to be.
I'd offer a less technical criticism on the economic and monetary system you defend.
At the end of the day, now matter what happens, somehow the system always calibrates to ensure that the typical human being is a wage slave for life. Spectacular improvements in productivity and technology are somehow never returned to the worker, the system then just increases the cost of living, or creates new jobs, many of no real purpose.
It's a system to both maximize work and consumption, which is as anti-economical as it gets. It's also a system that crashes when it doesn't grow. It's also a system that completely ignores every externality and wrecks everything in its path.
But yes, I'm sure you're right that from within this system, everything you say is technically correct.
> For we are opposed around the world by a monolithic and ruthless conspiracy that relies primarily on covert means for expanding its sphere of influence--on infiltration instead of invasion, on subversion instead of elections, on intimidation instead of free choice, on guerrillas by night instead of armies by day. It is a system which has conscripted vast human and material resources into the building of a tightly knit, highly efficient machine that combines military, diplomatic, intelligence, economic, scientific and political operations.
> It sounds to me like you believe in conspiracy theories about finance and banking[...]
Yeah, dude.
> Do I believe the current economic conditions are the result of a scheme among elite bankers? No.
You're their ideal customer.
> A conspiracy involving more than two people is not sustainable and not a conspiracy.
You, like many people, highly underestimate the role of hierarchy in a conspiracy. The people at the top don't have to tell you it's a conspiracy or explain why they're having you do what you're doing. They just say "hey, manager, go do this" (who wants to keep their job and will do something, even if it's irrational) and then that edict trickles down till you get to a lower-level worker who's only concern is "will I get my paycheck?"
It's why it's possible and why it works. Most people are timid cattle that are deathly afraid of their "superiors" and this logic enables psychopathic behavior quite well. Couple that with folks like yourself who are desperate to explain away evil in the world and you have a pretty kick ass machine for corruption.
Decide for yourself. Mayer Rothschild died 100 years before the creation of the Federal Reserve. Banking in his time was extremely different.
Monetary policy in the US is federally regulated by the Federal Reserve. Their meeting minutes, votes, etc are all public information. We all benefit from this regulation. Because of it, banks are forced to disclose their finances as part of their SEC filings. Ever notice how they claim to care about the environment and the Paris Agreements and yet their investments in oil and gas have increased in the last couple of years?
Some people have because regulation does work some times.
You don't understand how Bitcoin works, and that's okay, but you need to do your homework before you make foolish comments like this.
Bitcoin's supply is regulated via a timed algorithm, meaning, it doles out an increasingly diminished amount of Bitcoin on a pre-timed cycle that will end in ~2140. In order to get that Bitcoin, "miners" need to perform work (via calculation of a nonce which as an auto-adjusting difficulty of computation—the "proof of work") that can't be faked or manipulated.
The beauty of that is that, unlike a central bank, no one can go and change a variable in a database to say "omg we have more money now!"
Looking at how Bitcoin's price has fluctuated over the years, it should be pretty obvious by now that manipulating, inflating, and devaluing a currency doesn't only happen through releasing new notes. Bitcoin isn't immune from manipulation just because the supply is pre-decided.
Bitcoin's price has fluctuated because of the same market dynamics that play out everywhere.
Most people are panicky and hair-triggered, very few are patient. Especially with a new technology that has the potential to make outsized returns early on, of course, you're going to get a lot of gamblers entering and exiting the market.
This is why you see dips when headlines like "China bans mining!" or "Crypto is doomed, look at Luna!" are printed. It conflates things and uses people's ignorance against them (not unlike traditional financial markets/instruments).
Correct, and all of that stuff is subject to manipulation, often by powerful actors behind the scenes or by grifters playing off of people's insecurities, fear of missing out, etc...
Controlling the supply of a coin does not mean the coin's actual value can't be manipulated by dedicated actors, and in the case of cryptocurrency, the "mystique" of the tech behind it, the ease of creating new systems on top of it that are complicated for ordinary users to understand, and the general fear people have of missing out on a speculative investment (as well as the general fear they have that they might be in a speculative bubble) make coins like Bitcoin particularly vulnerable to specific kinds of social manipulation, scams, and phishing, all of which end up affecting the price of the coin.
The fed can't release new Bitcoins, sure, but in exchange, now random celebrities on Twitter can cause sell-offs and spikes in value; random Discord groups can pump coins so they can sell off and make a profit before they crash. You haven't gotten rid of currency manipulation, you've just changed who's doing it.
> The fed can't release new Bitcoins, sure, but in exchange, now random celebrities on Twitter can cause sell-offs and spikes in value; random Discord groups can pump coins so they can sell off and make a profit before they crash.
This is why anything that isn't Bitcoin is referred to as a shitcoin, and why the conflating of Bitcoin with everything else is so problematic. The former is designed to prevent that manipulation, the latter leverages it.
Then we get back to looking at Bitcoin's price chart, and I still think looking at the level of volatility in Bitcoin's price over time shows that it is not really immune from the kind of manipulation you're saying it resists.
I mean, if nothing else, shitcoins crashing/spiking regularly cause Bitcoin's price to adjust as well. Tera isn't Bitcoin, but that didn't make Bitcoin immune from volatility when Tera's price crashed; the manipulation techniques that work on shitcoins seem to fairly regularly have knock-on effects on Bitcoin as well.
I don't buy that social manipulation has no influence on Bitcoin.
The focus on price relative to USD is too short-term of thinking. The reason I hold the opinion I do is related to scale. A system like Bitcoin if adopted at a standard-level (i.e., long-term prospects) would not see fluctuations in price because it wouldn't be able to—the market would naturally stabilize as people would be able to use it to pay bills, buy groceries, and the sheer scale of the market couldn't be dictated by a single "whale." Technically that can happen today, but there's a massive psychological gap that needs to be crossed.
I'm curious how you expect Bitcoin to obsolete every single alternative currency/value-store we have today including longstanding systems like gold, when you're telling me that Bitcoin's price stabilizing is reliant on it being the only possible currency that people can use.
> I'm curious how you expect Bitcoin to obsolete every single alternative currency
I didn't say that.
> you're telling me that Bitcoin's price stabilizing is reliant on it being the only possible currency that people can use
Nor did I say that.
---
Obsoletion of the incumbent options will come through a few means:
1. Hyperinflation (where I think we're headed). Basically, what happened in Germany in the 1920s. Instead of a Rentenmark, though, we'll get CBDCs which are a hyper-limited, state-issued digital currency that's used as a political weapon. They'll give it to people for "free" to encourage adoption (because they can mint as much as they want) but not tell them that it expires or can't be used for certain purchases the regime disagrees with. This will create a financial caste system where free/wealthy people use Bitcoin and the proletariat use the CBDC (i.e, they become slaves of the state). I think this is most likely as state power will fight to the death to not give up control of money (that's their only control against the people) but they will tolerate an "elite" class that can bribe their way out of control.
2. Natural transition. As more options for accepting Bitcoin (e.g., if Square/Block add lightning payments to their terminals, circumventing Visa/MC/etc.) become available and people understand it, they'll be incentivized to use it via discounts, perks, etc. Think early days of "order online" and how a lot of people scuffed at that.
It would be unfortunate then if there was a large amount of evidence that Bitcoin's price was partially tied to the stock market's health, and that global volatility and market issues in general affected the value of cryptocurrency just like they affect the price/value of everything else.
> 2. Natural transition
I think this is what a lot of us are getting at; Bitcoin as it stands is worse at transactions then pretty much every other currency and platform today. It's not competitive with those platforms for most people. That's not to say that it has no usecase at all, but for mass-market adoption and for the average person's use-case, Bitcoin is an awful transaction method.
So when people tell me that I need to think long term, I'm curious how they expect to get to the long term given that in the short term Bitcoin is basically awful for mass-market usage and isn't going to be adopted by ordinary people for ordinary transactions until after its fundamental problems like volatility are solved. So it all feels pretty circular.
You're telling me that stabilization requires increased use. In your words, "a system like Bitcoin if adopted at a standard-level (i.e., long-term prospects) would not see fluctuations in price because it wouldn't be able to".
I am telling you that Bitcoin won't get increased use if it doesn't (at least) stabilize. So it doesn't really matter whether Bitcoin would have fluctuations at that point, because nobody who's not a speculative investor, dedicated to the cause, or an extremely niche user wants to deal with the fluctuations in order to use it as a currency today.
The effect of those concepts are the same, and pretty much no end user cares about the difference.
And it's worse than just that the currency pair BTC/USD is manipulable. USD prices have a loose mapping to actual value, the relationship between BTC/USD isn't just arbitrary numbers. It's not just that the exchange rate between BTC and USD is changing, independent of the USD the actual market value represented by a Bitcoin is changing.
In other words, you do not need to manipulate the supply of a currency in order to manipulate the amount of purchasing power or value that each "unit" of that currency represents.
Bitcoin proponents often try to bring up supply manipulation like it's some kind of unique category, but it's really not. Currency manipulation does not require control of the supply.
The purchasing power of a Bitcoin changes. That's the only thing an end-user cares about.
Do you think that people care about inflation because there are more dollars in existence? No, they care because they can't make the same level of purchases with the dollars they're holding.
Bitcoin's price relative to the dollar indicates what you can buy with it; when that price changes it's no comfort to people that technically the same number of coins exist. They care about what the coin is worth, and Bitcoin's worth can be manipulated regardless of what its supply is.
If Tether collapses, you can certainly expect a panic in all cryptocurrency markets, but it has no direct means of manipulating Bitcoin.
Only 6.02% of their reserves are held in "digital tokens," the rest are held in traditional assets and cash: https://tether.to/en/transparency/#reports (scroll down to "Reserves Breakdown").
- "you can certainly expect a panic in all cryptocurrency markets"
- "but it has no direct means of manipulating Bitcoin."
How do square these two parts of the sentence? The ability to cause a panic in the Bitcoin space on command by crashing another cryptocurrency sounds a lot like manipulation to me.
As an end user, why should I care about a technicality over how exactly someone is manipulating a currency that I own? Why does it matter whether manipulation is direct or indirect?
If the claim is that Bitcoin is only immune to specifically direct manipulation (where direct is a narrow sub-category of manipulation techniques), then... sure, maybe that's true, but it's also not that impressive and doesn't change all that much about the end-user's risks, since the more general forms of currency manipulation still seem to be entirely possible.
> You can cause panic in traditional finance markets, too. It's the exact same principle at play.
I don't think that's being debated, people are just pointing out that Bitcoin's price can be still be manipulated by powerful actors.
Bitcoin's price, yes, but not the actual currency itself. That will be the major psychological void to fill in for people: thinking about Bitcoin as a currency, not an investment or gambling device.
I expect that to take decades as the government/media are and will continue to attack Bitcoin and influence public opinion as it directly interferes with their business model.
> Bitcoin's price, yes, but not the actual currency itself.
Again, as a user, who the heck cares? The Bitcoin in your wallet changes how much it's worth, it's the same outcome as normal currency manipulation. If the effects are the same, and the changes to the value of the currency are the same, then the specific details about how that effect was caused don't matter to end users.
Second:
> That will be the major psychological void to fill in for people: thinking about Bitcoin as a currency, not an investment or gambling device.
I just finished talking to someone a day ago on this very site who argued with me for ages that Bitcoin was a store of value and shouldn't be thought of a currency and accused me of not understanding the history of the coin because I pointed out correctly that many early proponents of Bitcoin were pushing it as a currency for regular everyday transactions.
And I am so not willing to have the same exact conversation a second time just with the the details and direction swapped out. All of these arguments always being with, "hah, people should research Bitcoin more before criticizing it", even though everyone in the community who says that is constantly making contradictory claims while arguing that they represent some kind of community consensus or coordinated effort.
But to summarize the problems with the specific claim being made this time around:
Bitcoin is bad at everyday transactions for a dozen reasons that have been already explored in depth over and over again in the past and that are easy to research. If your goal is to make an everyday transactable currency, Bitcoin is a bad choice for that, for obvious reasons -- even without getting into the technical reasons why a deflationary asset is in general a bad fit for transactions, all you need to do is look at the history of Bitcoin's price; that's not a chart that indicates a healthy currency intended to be used for normal purchases. Honestly, the characterization of Bitcoin as a rarely-transferred store of value is a stronger argument, and even that isn't a particularly strong argument.
First BTC has to do better than USD at transactions. It clearly isn't there now, and I'm not sure I see a path where it achieves that. USD will continue to exist as long as the US Government does, and if that falls, then, well, I've got other problems more pressing.
Stock markets aren’t manipulated at the technology level either - it’s large flows of capital, insider trading, pumping dumping, and other shady business.
Direct or not, in that scenario the Bitcoin price is still being artificially increased for the benefit of a private malevolent actor.
If you want to call that something other than manipulation, then :shrug:, more power to you. But my main takeaway is still going to be that banannaise's original comment seems to be mostly accurate.
> But my main takeaway is still going to be that banannaise's original comment seems to be mostly accurate.
I'd highly recommend taking the time to rethink that position. The systems being implemented now will permanently enslave you. Bitcoin is the only escape. And no, I'm not being hyperbolic.
> The systems being implemented now will permanently enslave you.
Recognizing that there are significant problems with current financial systems does not automatically imply that Bitcoin in specific is a reasonable or feasible alternative to those systems.
Candy bars are unhealthy for me, and I can recognize that, but that doesn't mean I'm obligated to eat dirt. In other words, it's not enough for Bitcoin proponents to point out that traditional fiat systems have problems, they need to prove that Bitcoin meaningfully solves those problems or improves upon them. All of you've done so far in this thread is argue about how narrowly people should apply the word "manipulation", you haven't demonstrated that banannaise's original comment is wrong in a way that ordinary currency users would care about.
I think most of the real-world evidence we have shows that Bitcoin and other cryptocurrencies are just as manipulable as existing systems regardless of whether or not they have a fixed supply, and in fact are currently somehow impossibly managing to be regularly manipulated to an even higher degree than existing fiat systems.
In this particular instance, yes. With this specific use case, there isn't. But adoption of Bitcoin in general is a net positive (I think of something like these notes being a gateway drug to self-custody).
In 2011, you could buy coffee and pizza w/ BTC (at non-conformist boutique shops but still). Now, not even those stores would accept it as a method of payment, and you'd be stupid to spend it on goods and services anyway, because BTC's value is wrapped up in the idea that it's a 'digital asset' instead of a currency.
Except when someone who can program better than you can pick that money right out of your pocket (or so called "smart" contracts.)
I identify as a hacker, and I don't think all things should be programmable. Votes should not be programmable or hackable. I'm almost certain that at certain point money shouldn't be either, given how rife the abuse can be.
Isn't moving money around with APIs just moving money around by sending messages, which is what we can do already by sending a check in the mail?
How many hundreds of billions or even trillions of dollars of market cap is dedicated to providing: bank accounts, transfer services, security brokerage, options trading, credit default swaps, and other derivatives. You can easily implement the entire functionality of the entire global banking system on the blockchain. Rather than require hundreds of thousands of specialized bankers, you can do it with miners running nodes in the block chain. This is a huge efficiency improvement and allows for a more democratized system. You can think this is cool, or stupid, or dangerous, or all three. But if you aren't interested in the tech, why bother commenting on it?
Money needs to be reinvented since politics has hijacked it and used it as a tool to deliver policy (at the expense of money's functions). I think it's evil to harvest the wallets of poor people for scraps, pile it together and give it to the richest, which is effectively what inflation is.
> So far with crypto the only use cases seems to be criminal. To buy illegal stuff and for ransomware.
Given that E2EE encrypted messaging apps such as Signal give criminals, extremists and scammers a hiding place such that the messages are totally unreadable by anyone else, does that mean we should tell Google and Amazon to ban Signal off of their servers because they are enabling such a communication service that benefits these criminals, extremists and scammers?
Also how does one 'hide' their transactions on a transparent ledger for everyone to see and trace even if they do use it for ransomware or illegal stuff? Is that why regulators haven't banned those cryptocurrencies yet and instead have targeted privacy-coins in new regulations requiring exchanges to de-list them? [0]
Seems like Stripe [1], Moneygram [2], Checkout.com [3] etc still seem to see that some of them have a use case. Perhaps that explains why they also waited for regulations before proceeding to use them [0].
>So far with crypto the only use cases seems to be criminal. To buy illegal stuff and for ransomware.
This just keeps getting trotted out again and again on HN as if it were a dying circus horse, but with no real merit. Even analysis by companies that spend all day, every day tracking cryptocurrency use and transactions estimate that only something like 2% of them are criminal. Even if we add in fraudulent/criminal funds that were laundered well enough to hide their origin and purpose from these tracking services, the percentage is still almost certainly a small minority.
Add to that a couple things: First, that not all "criminal" transactions are morally wrong just because they're illegal. No doubt there are anti-Putin Russians right now trying to get their money out of country with crypto and breaking a law or two. Are they scum?
Secondly, yes, there are many, many normal people using crypto for many things. I personally know many who do this, for work payments, difficult transactions because of some regulatory bullshit, remittances and even in one case as payment for contemporary dance services while living overseas. Anecdotes, but I have no doubt that they're extremely widespread, because my friend circle isn't one of crypto bros and money launderers. It's of ordinary people.
How fucking tedious to see a so-called hacker site shit so much and with so much categorically dismissive ignorance on something many of its readers emotionally dislike.
I was reading an email exchange from Atari employees in 1984. There was one comment.. computers are not useful for anything but playing games. It's all marketing fluff.
Here we are 40 years later communicating with computers. I wonder if in 40 years someone will read your comment and wonder how clueless some were in this era.
They laughed at Columbus and they were right!
Columbus said "I think the earth is like half the size everyone else says it is and I'm going to sail around it" and everyone with reputable mathematicians said "Nope"
If America didn't exist, and Columbus was relying on his plan, they all would have starved to death roughly where the East Coast is
> I wonder if in 40 years someone will read your comment and wonder how clueless some were in this era.
Hindsight is 20/20, so of course someone will still make that mistake 40 years down the road. We can barely predict with any meaningful accuracy what will happen next year. The idea that we can predict 40 years out is the very height of hubris.
I was really happy with my Kong cash (earlier project by same creators) and handed it out as gifts. It really does look and feel like money from the future. The wallets associated with my bills becomes unlocked october of this year, but I don't suppose the ERC20 Kong token is worth much atm.
I thinking locking up mBTC makes a lot more sense - any reason you went with creating your own token the first time around ? Has BTC caught up with ETH in some matters of programmability ?
Thank you, the Kong Cash notes were a labor of love and are now very limited in availability -- glad you got some! With Kong we wanted to create a completely new cryptocash from the ground up with Kong with the idea "what if a cryptocurrency started physical first". It was really a demonstration of the usefulness of secure element chips that generate their own keys -- work we've continued with Kong Land.
Unfortunately the chips we use for Kong Cash rely on the P256 curve rather than secp256k1. With Ethereum and the EVM we could bridge this via smart contract, however, Bitcoin script is too limited to achieve the same result (imo with good reason).
We landed on a very different chip configuration for Bitcoin which has the tradeoff of some centralized elements, but also allows the user to introduce their own entropy (unlike the chip we used in Kong Cash which in theory has very good entropy, but still relies on claims from the manufacturer). The timelock concept from Kong, however, works incredibly well for the Bitcoin Note as a failsafe for conditions where we disappear or refuse to service notes.
I'm going to go full science fiction here: if someone were to let off an EMP (so beloved by 1990s action movies) would any of these notes within range irreversibly lose access to the associated crypto?
Yes, probably. I would also recommend carrying the notes in an EMF protected wallet.
We have considered a feature which explicitly lets you back up the user keys from notes so that you have this as a fallback claim, but this might also encourage people to just "mine" notes in the hope that someone doesn't re-key. Given there is nothing we can do to prevent this...we might build it.
I feel like bitcoin isn't energy intensive and environmentally impactful enough for my liking, if only there was a way to add non-recyclable plastic products into the equation too
These bills look really cool, and if the tech is actually decentralized and secure, I could see myself using them.
Can you share with us some of the technical details, though?
First, exactly what is the mechanism by which the user key is rotated? Does that require a transaction to be added to the blockchain whenever the note is transferred from one owner to another? Does the new key need to be kept on a paper wallet or separate device?
Also, when your website says that the decryption key is released when the note is cut—exactly how does that work? Does it require an interaction with your servers? And what is the mechanic by which expiration is enforced?
And finally, your say that there is no requirement to trust your company. But you somehow have access to the encryption key yourselves. As far as anyone knows, you also kept a record of the encrypted multisig key before you distributed each note.
Why should anyone trust that you are not keeping copies of all the information needed to access the bitcoin stored on the note? Can you step through how exactly you are blocked from accessing the bitcoin yourselves?
> First, exactly what is the mechanism by which the user key is rotated? Does that require a transaction to be added to the blockchain whenever the note is transferred from one owner to another? Does the new key need to be kept on a paper wallet or separate device?
Yes, for re-keying you need to carry out an on-chain action. The new key is stored on the note. I could imagine scenarios where people don't re-key a note every time, e.g. they expect to spend it in a short time period.
> Also, when your website says that the decryption key is released when the note is cut—exactly how does that work? Does it require an interaction with your servers? And what is the mechanic by which expiration is enforced?
Exactly, our servers are required here. The expiration is baked into the multisig on Bitcoin.
> And finally, your say that there is no requirement to trust your company. But you somehow have access to the encryption key yourselves. As far as anyone knows, you also kept a record of the encrypted multisig key before you distributed each note.
> Why should anyone trust that you are not keeping copies of all the information needed to access the bitcoin stored on the note? Can you step through how exactly you are blocked from accessing the bitcoin yourselves?
This is good to highlight -- we could be lying and we could keep the encrypted private keys (again, for a clear statement here regarding custodianship: we don't). But in the case of the multisig the encrypted key only ever allows for access to the funds in conjunction with the user key. There is no scenario where it can claim funds alone.
Thanks for your explanation. Some follow-up questions:
> Yes, for re-keying you need to carry out an on-chain action. The new key is stored on the note. I could imagine scenarios where people don't re-key a note every time, e.g. they expect to spend it in a short time period.
So, would this require the full balance of the note effectively to be “spent” and sent to a new multisig UTXO? Wouldn’t you also need access to the decryption key from your server in order sign with both signatures? And who pays the TX fee? Is all the key rotation work done on your servers?
Also, in order to rotate the key, a user would surely need a separate networked device able to interact with the note. I imagine one would also need to install your specific app as well.
Would there be an open protocol by which a person could perform key rotation if you go out of business and shut down your servers? If your servers go down, I can’t think of how there would be any way for a user to rotate the user key.
How are you paying to keep the lights on so that these notes keep working though expiration? You all need a revenue source, but there isn’t anything on your website that indicates how you would make money.
> So, would this require the full balance of the note effectively to be “spent” and sent to a new multisig UTXO? Wouldn’t you also need access to the decryption key from your server in order sign with both signatures? And who pays the TX fee? Is all the key rotation work done on your servers?
> Also, in order to rotate the key, a user would surely need a separate networked device able to interact with the note. I imagine one would also need to install your specific app as well.
Effectively yes -- working on preparing the security overview here, but we need to be in the loop on the re-key procedure. We will open source that app so that in theory you do not need to rely on that, however, you will need to communicate with our server in this case.
> Would there be an open protocol by which a person could perform key rotation if you go out of business and shut down your servers? If your servers go down, I can’t think of how there would be any way for a user to rotate the user key.
This is a great idea, however, it would require us to select another entity to hold the encryption keys (probably not unreasonable). Currently if there is no way to rotate the keys in this case.
> How are you paying to keep the lights on so that these notes keep working though expiration? You all need a revenue source, but there isn’t anything on your website that indicates how you would make money.
One idea we have is charging a small amount to re-key the notes in addition to network fees. We have not implemented this. We do believe, however, that this would be reasonable and fund continued operation of the servers. I should also note that our hope is to amortize some of the server costs in the notes since their operation isn't particularly intensive.
> Effectively yes -- working on preparing the security overview here, but we need to be in the loop on the re-key procedure.
I’d love to see how you accomplish this. It seems tricky to be able to sign the replacement transaction without revealing the encrypted private key either to yourselves, or to the mobile app. I guess that you could have the app send the encrypted key up to your servers, where it could be decrypted locally for use and then discarded. But if you are going to do that every time the note changes hands, why not just hold onto the private key? Why mess with encryption keys?
You might just need to bite the bullet and maintain custody of the secondary key server side. Is there a particular jurisdiction you are worried about that is motivating you not to want to maintain custody of the secondary key? In the US at least my recollection is that you are a cryptocurrency custodian only if you control all the elements necessary to transfer the bitcoin—meaning you wouldn’t be a custodian because you wouldn’t have access to the user key. I may be wrong about this, though.
> I’d love to see how you accomplish this. It seems tricky to be able to sign the replacement transaction without revealing the encrypted private key either to yourselves, or to the mobile app. I guess that you could have the app send the encrypted key up to your servers, where it could be decrypted locally for use and then discarded. But if you are going to do that every time the note changes hands, why not just hold onto the private key? Why mess with encryption keys?
I had to dig back into the architecture on this part since most of this was written last year waiting on notes. In this case you are correct -- we need to decrypt the key in RAM, use it to generate the new tx along with the new user pub key and send that back for the user to broadcast.
Again, the distinction here is that we don't store it which, to your point may or may not matter from a regulatory perspective. I would agree that it would be hand waving and, indeed, false if we claimed that we never could store it at this point (or prior, at the time of creation).
If authoritarian governments want to take away cash, this gives an
incentive and mechanism for privately minted cash that will change the
dynamic. I wonder though, how to mitigate against physical forgery. I
get the feeling that this could work out much more trustable than
even the best anti-counterfeit technologies presently used for cash
currency.
> If authoritarian governments want to take away cash
If an authoritarian government is taking away cash they've already passed the step at which making/importing this kind of object is illegal
And if you can import this kind of privately minted note then you can also import foreign cash whose value people can trust without having to destroy it and for which they don't have to remember a password (for each note I imagine, it's not clear from the website how any part of it works)
There are use cases for these kind of tokens but I can't find one which is efficiently solving a problem not uniquely tailored to rich free countries
Just in case, by tokens I am (in this comment) just referring to the notes, not the concept of bitcoin in general
Thank you -- as another commenter noted we cannot act as the Secret Service to remove counterfeit notes from circulation, so the implication probably is that folks need to get into the habit of scanning notes prior to acceptance.
Either you can use the internet than you don't need that note.
You need internet to actually verify and take ownership of the value of it.
It only helps if the giver doesn't have internet.
And sure it's easier to smuggle this one note over a border than a suitcase bout you could smuggle actually anything with an offline wallet in it like USB stick, CD etc.
First the company. The fact that startups have realised a future of
cash involving different hybrid physical technologies is important.
Activity in this space shows that people take cash and its unique
social properties seriously and will invest in it.
Secondly, the advance in cash technologies generally. Super thin
"smart textiles" open up a new world for cash. If you think about it
the technology that already goes into bank notes is amazing, but it's
mostly aimed at anti-counterfeit. We had a brainstorm over here to few
months ago to talk about hybrid physical cash. Ideas like using e-ink
to display the current stored value, "paper" notes that could be
debited, zero knowledge proofs to show the bearer has funds and title
while both parties remain anonymous, ways to turn GNU Taler into
hybrid cash, "contactless cash"... and much more.
Lastly, while I am not a fan of Bitcoin for environmental reasons, I
think that visible/tangible forms of cryptocurrency are an important
piece of the jigsaw in bringing widespread acceptance and usage of
next generation cryptocurrencies, because they have important social
implications for freedom and democracy.
As it is, it may not be a success (the phone verification is already a
show-stopper for me precisely because I want digital cash that works
independently of smartphones) - but first movers lay the groundwork
for the future, so I'll be watching this.
I'm not sure if your first point is a necessity for other perhaps good ideas.
They will either not make those notes or only do one batch due to it just being a novelty in it's current state.
For me it feels like 'blind entrepreneur + we want to ship + we need to ship for more funding'.
I would even like to support weird ideas if it wouldn't promote Bitcoin usage :-(
I think your second point is more interesting: why do you think this digital to analog transition will be a thing?
Even in Zimbabwe they already have 50% smartphones and those are only getting cheaper and cheaper and will continue to flood the market.
My future imagines a smartphone only world for everything. From money, to house and car key. Germany now allows your passport or driver license on your phone.
I think it will be much more interesting how we can make smartphone theft obsolete and phone recovery easy. Like how do I regain my phone's state when I loose it while traveling.
> I think your second point is more interesting: why do you think this
digital to analog transition will be a thing?
It's not digital to analogue so much as changing forms of digital
technology. Digital technology can exist in many different ways. For
example bus tickets in Budapest used a matrix of holes punched out of
paper a grid because a brilliant Hungarian mathematician worked out a
way to make digital combinations in rows and columns allow multiple
journeys but allow an inspector to see if the passenger had punched
their ticket by adding the holes in some row and column. Like a
primitive QR code that's a digital technology.
A single function "digital banknote" that uses practically zero-cost
static patterning would hopefully operate much like a paper note, with
added anti-counterfeit benefits; I could put it in drawer for 10
years, pass it to a friend as a gift, no batteries to charge, no
network to go down, no virus or malware to corrupt it, no remote
kill-switch built in by MegaGigaCom.
Interesting. Years back, I was briefly involved with a somewhat similar project, where coins were used and the second sig was printed under a tamper-evident sticker. That way if the site disappeared there was still a way to retrieve the funds.
Can't even remember the name of it to be honest, wonder if it still exists.
I have to trust the bill is valid and that the person passing along the bill is honest. There is no central authority who will go after those that make counterfeit bills, like the FBI. There is no central bank that I can go to exchange the bill.
Those producing the bills seems like a power grab. If people were to trust in a central authority to produce the bills, then that company has a whole lot of power over a decentralized currency.
I don't think you read the website. You can verify the funds aren't spent via NFC chip and the blockchain itself. You then rotate the user key so only you can spend it after receiving the bill.
A bit cumbersome but your criticism about trust is incorrect.
If you don't trust the bill, scan it to validate the multisig, re-key the note or
cut the note to claim the Bitcoin. If you can't validate the note, don't accept it.
We don't store key material. We have 0 capability to spend any Bitcoin from the notes.
Credit cards are pretty meh for people that accept them. A % of your money disappears. The customer can say, for 60 days, "nah I didn't want that" and the money is taken away from you, no questions asked.
There was this big push in retail a few years ago to get customers to stop using credit cards. I knew it was going to fail, but merchants are looking for alternatives here.
Stores easily make up for the CC fees on volume because it is so much easier for consumers to impulse buy. In fact stores are now happily offering "buy now, pay later" deals that cost them much more in fees than CCs because it boosts volume even more than CCs. CC companies are scrambling to catch up there.
Merchants grumble because that's what merchants do, but they are coming out way ahead anyway. There was (maybe still is) a cash only restaurant/bar in Boulder back when I lived there. The food and beer were great. They probably could have done an order of magnitude more business if they charged $0.18 more per burger and took CCs. Instead they had an ATM that probably charged the customer 10%. They weren't sticking it to the man, but they sure were sticking it to their customers.
This is not a fundamental property of credit cards. It is a method of dispute resolution.
Retailers dislike dispute resolution processes that favor the consumer by default. Their alternative, for the most part, is a process wherein they simply control the whole process and can decide in favor of themselves on a whim.
> Credit cards are pretty meh for people that accept them. A % of your money disappears.
> There was this big push in retail a few years ago to get customers to stop using credit cards.
Really, says what retailers? EDIT: saw your note below about MCX. Noted.
- Your revenues go up because people are spending money they may or may not have in the future
- You don't lose out on a sale because someone is a 5c, 12c, 18c, etc. short
- You don't have to deal with physical cash (armored transportation to banks, miscounting, theft, etc.)
I personally think CC fees are egregious, but pretending they add little to no value to the extent that they aren't useful for the merchant is pretty myopic.
That seems contrary to the trend I have seen here, which is more and more stores going 'cashless', and only accepting credit cards. The cost to handle cash is more expensive than the percentage that the credit cards take.
I think the fact that it never got off the ground shows that the ask is pretty impossible... it is really hard and expensive to securely run a payment system like that.
If you aren't charging merchants fees, how do you sustain it?
Can't you instantly run the check electronically since the routing/account numbers are right there. I suppose you would need to pay for a POS terminal that does that, which might not be worth it.
In Germany I have a hard time of thinking of a place that does accept checks as payment. I did get a check a couple years ago from an insurance company that reimbursed me. But besides that I haven't ever used a check in Germany.
At this point it would be a better question to ask who DOES accept checks. In the US, most grocery stores still accept them, but I don't know of any other stores that do.
> Then you could ask how many people can easily detect fake bills?
Most people can, unless the fake is high quality. There are a ton of easily checked security features that don't require any tool or network access. These bills do not have any of those.
> But either way, checks aren't credit even if you say it is...
If you are accepting the check, you are extending short term credit to the person who gives you the check... they are promising to pay the amount at a later date, even if that later date is only the few days that it takes for a cashed check to be settled. That is credit.
These are gorgeous and the idea of physical tokens has a rich history in Bitcoin. Some users love them but others not so much.
There are two problems to solve: (1) securing the cryptographic material (aka "private key(s)") stored on the physical token; and (2) securing the cryptographic material not stored on the physical token.
I can't speak to (1), but (2) has throughout Bitcoin's history been a very hard problem to solve. Even if the token is the only place that the cryptographic material is stored in all the universe, proving that fact is practically impossible.
Unfortunately, the page is light on details and the comments haven't answered al my questions so I'll speculate a bit.
It appears that this approach goes in a slightly different direction than others with "multisig." This implies to me that both issuer and user generate private keys. This could be a 1 of 2 (either user OR issuer must sign) or 2 of 2 (both user AND issuer must sign). If 1 of 2, the note issuer can in principle always spend the money at any time. If 2 of 2 the user needs to secure the private keys or risk being locked out forever.
Either way, we're right back at the fundamental problem: how to secure those keys. If the funds can be lost through loss of user keys, then this offers little practical advantage over bill-less bitcoin. If the issuer can always sign unilaterally, then users become dependent on a trusted third party, which is exactly the problem Bitcoin was created to solve.
Based on the construction of the multisig we never have custody over the Bitcion, even if we store the encrypted key (we don't).
> If the funds can be lost through loss of user keys, then this offers little practical advantage over bill-less bitcoin
There are several; easy key diversification across multiple wallets. Easy offline storage away from connected devices. Easy onboarding.
It would be possible to backup the user keys on the notes independent of the note, we just believe that having them function more like cash guides the user to make choices where they are far less likely to lose them -- e.g. storing in a fireproof safe, safety deposit box, etc.
Purely from a notaphilist (had to look that up) perspective, the note designs look really cool, and I think integrating an nfc chip / electronic into currency is a neat innovation.
How easy is it to attack this by cutting the specific part of the note that releases the key but making it look like it's whole? Couldn't I cut the note in half and tape it together again and fool someone who doesn't know much about it? Or couldn't I cut the specific bit with an Xacto knife, take the funds and still circulate the bill?
But then that kind of invalidates the "offline" claim, I don't think they'd make it if they needed the app? Then again, maybe you need the app but it doesn't need network access.
I'm also unclear whether being cut is truly the only way to trigger the release. Could the note be damaged in other ways to get it to think it's been cut? The website is extremely light on details.
Yeah -- similar. Open Dime is focused on securing a single key until it's tampered with; we use a multisig with timelock instead for a couple reasons; (1) the chips we use are simpler and entirely powered via NFC (2) our notes are intended for broad circulation over a long period of time.
So I guess you have to...buy the bills? Which seems odd. But if they're not super expensive relative to their denominated value it could make sense. I might pay $1-2 per $20 bill for the novelty factor.
This definitely seems more convenient than performing a 10m blockchain transaction. But what's the value prop over USD cash? Just novelty?
The toy version of this is like buying a hardware wallet with the Bitcoin in escrow. The eventual flow is more like an ATM. There one kind of already "buys" cash in the form of a service charge (often refunded by one's own bank). Cash is the most common form of peer to peer payment. Bitcoin is the best form of peer to peer money. This combines the two.
It allows for instant, anonymous settlement in regions with poor connectivity (El Salvador, Ukraine.) Lower barrier to entry for very old and very young users. Skips the complicated process of onboarding people into learning about key management - everyone already knows how to keep cash secure. Getting self-custody of Bitcoin is important but usability has always been a challenge. This attempts to solve for some of those problems, particularly in cash economies where Bitcoin adoption as a medium exchange is more popular.
Basically let's get everybody using self-custodial, multi-sig hardware wallets with really, really good privacy properties but make them not intimidating by presenting them in a skeuomorphic cash form.
I love the idea behind this! Having said that, it will take a lot to convince experienced users to trust these over on-chain transactions. The info on your website is pretty sparse - there's not nearly enough info there to work out the security properties of these notes. I'm piecing together how it works from your various comments here, but you really want to have all that info in one place. I'm sure you know this already and I'm sure you're working on the website behind the scenes, and I look forward to reading when it's done!
What's your business model? Do you plan to recoup costs by selling the physical notes, or is there some other plan?
Another person saying "trust me with your crypto". People want to make money by putting fences around it. Not really offline or secure if you have to get the decryption key from someone else's servers... Interesting idea, though users need to understand the security tradeoffs they are making by using these.
There are a number of circumstances where the notes can live "offline" without further contact with us -- the primary one we think of is gifting to non-crypto savvy family.
Our denominations are also meant to imply this -- we aren't making 1 BTC notes on purpose. The goal is to provide another tool for onboarding and holding crypto.
How does gifting to non-crypto savvy family change whether the note works offline or not? Because they don't understand it so they don't verify that it wasn't spent? Sorry I don't follow, and I'm not just trying to crap on the idea.
In that circumstance they don't need to be online. The recipient can scan the note entirely offline, get the private key, create a transaction and broadcast it to the Bitcoin network when they are online.
How can I ensure that the Bitcoin on the note isn't corrupted in some way such that it might not be accepted by certain exchanges - Bitcoin that has been through a tumbler for example. Will your mobile apps by able to perform those kinds of checks for me, or will that require me to take extra steps?
"depending on who gives you the note you might trust that they have done this for you"
There is absolutely no way I would trust that - because even if I trusted that person's integrity I would also need to trust that they themselves had the technical knowledge to reliably make that confirmation. And that they hadn't made a mistake.
There is one case, which I believe is a common one where I would argue this might not be true -- a crypto savvy family member is the first person to purchase and load the notes before gifting them to you.
But, fair point. I would always err on the side of recommending someone scan a note rather than not.
I liked BitBills. They were simple to understand, and I knew the tradeoffs and where I was reliant on trust.
I'm technical, but even after reading your website a couple times over I still can't say I understand your Notes. They're gorgeous looking, that's about all I can make out.
Cool idea, and the notes themselves look really nice. How does it work if I were to give someone one of these notes? To 'claim' the BTC (assuming they aren't passing the note around between people indefinitely) do they need the private key from the original owner of the note?
All key material for the note must be written to the note so that it is fully bearer (otherwise it's invalid and our app will reflect as such).
So, just like cash you can hand the note to someone and using the app they (1) can tap the note to see the public keys and verify it is loaded and (2) cut the note to claim (the fact that the note is cut is sent to us at which point we respond with a decryption key to unlock the second private key that lives on the note).
Functionally this like a hardware wallet. The tech keeps working long after the manufacturer disappears.
The private key associated with the note is loaded on there by the end user and can be rotated by the next person to receive the note. The issuer has no ability to claim the funds on the note. The person holding the note can always claim the funds on the note.
Each note can be scanned with one's smartphone to check value and authenticity.
We're positing the level of scrutiny matches our experience with fiat cash.
I.e. I'm very cavalier with checking the authenticity of low denomination notes when getting change at the pool for an ice cream cone and fairly rigorous when selling my hi-fi system to a stranger on classifieds - perhaps even taking time to do the "highlighter test". Counter-party matters too - It may take some time before we can spend these at Bitcoin Beach in El Salvador but they have currency (in the literal sense) with family and friends.
These notes have the same security features as traditional currency (UV watermarks, microtext, etc) but also have the embedded chip which is the real thing that matters. I don't think it's perfect but I do prefer it to regular cash which doesn't let me electronically validate it.
Ok, so you need a smartphone to be able to exchange the notes. That already makes it a non-starter for lots of people because not only do they now need something resembling cash, they also need a phone.
Anyway, interesting project, curious to see where it leads.
Agreed. Smartphone or payment terminal like a cash register. ATM's could do validation as well. Getting into the spectrum of how cash is used this doesn't have 1:1 parity with every way in which cash is used but does fill many of the same use cases and while it does need a smartphone to validate it does not need network connectivity thanks to the nature of merkle trees.
I think what wrong footed me about that is the artwork on the page linked, it shows people paying with the notes as if they are cash, there isn't a smartphone visible in the images as though a smartphone is not a requirement.
The smartphone lets one validate the funds are stored on the note.
This dynamic exists with cash too. In high trust/low value transactions we skip validation. In low trust/high value scenarios we don’t.
Technically I can make the case one needs a highlighter to spend or receive American dollars to validate the note is authentic by checking the acid content of the linen substrate. In practice I don’t when conducting peer to peer payments but would when conducting C2B payments of a certain nature.
Validation is an optional step which correlates with the trust environment and varies greatly by market. Given the nature of cryptocurrencies it’s imagined there would be stronger correlation with validation initially; then become lax as notes were commonly circulated or going through certain chokepoints like ATMs; tighten in regions were counterfeit notes were introduced. But strictly speaking? These style of notes have been deployed in marketplaces where a smartphone check wasn’t necessary or appropriate.
Aside from finding the premise questionable, I do find it incredible how US-centric this is:
> Printed on a synthetic paper that can’t easily be ripped or torn like fiat, Bitcoin notes are designed to be durable for years to come.
Several countries (Australia, New Zealand, Canada, Vietnam, Papua New Guinean, Vanuatu, and many more -- including the UK just recently) use polymer bank notes and have for decades so it seems like you were beat to the punch by several fiat currencies. Also it seems like the design is based around you tearing off part of the note when it is used, so making it hard to tear seems like a strange design choice.
The site mentions the decryption key is released when the note is "cut". Does that mean there's something enclosed in the bill, and you have to physically cut it open to extract it?
I'm guessing it means you need to destroy the note in order to redeem it which makes sense as a way of remotely "redeeming" the note with the issuer. I'm interested in how secure this process is since the entire system would hinge on it.
Regarding the multisig: Is it possible for a government to, say, point a gun at your head, and seize the bitcoin, even if the holder of the note remains safely out of their reach?
No, this is a super important question to us as we don't want to hold Bitcoin key material.
The encrypted key on the note can only be used in conjunction with the user key on the note. If we go away or our servers are seized, then in 2029 the user key on the note can access the funds without needing to decrypt the second key on the note.
While its an interesting project, aren’t we going towards a cashless society? I don’t know how its in the US, but in countries like in Sweden there are almost no places where you can pay with cash.
This is not cash though. For example you'll never be able to buy food with it, or pay your rent with it. You can't store it under your mattress for 10 years because the servers they must talk to won't be around in 10 years.
Cash in its western form has been around since the 1600’s. It’s simply a promissory note. The difference is in this case the encoding for that promise is onchain. Cash has gone through many evolutions but it started as peer to peer agreements between merchants. Now it’s peer to peer agreements between programmers. There was a bit in the middle where it was agreements between governments or banks but this is isomorphicly the same.
Correct, the thing all of those above instances have in common which Pokémon cards don’t is an explicit or implicit “promissory” feature.
“Promissory” has a specific meaning.
I can write you a contract promising you 1oz of gold to be paid at the next CES expo in Las Vegas 2023. You can hold onto that contract and redeem it at CES or swap it with a friend today for some tools and she can redeem it when she goes to CES in 2023 and the contract has reached maturity.
This is what the first forms of cash were in the west. Fungible legal contracts issued by private parties for payment at their trade shows. Later, governments and private institutions started issuing these.
The Bitcoin note works like this but the funds are escrowed in a contract-like mechanism on chain and can be accessed at maturity with a private key stored on a chip on the note. Which is a fancy way of saying it works the same but with software and the receiving party can check in real time that the note “is good for it” by confirming the funds are present in escrow.
This is hacker news, you’re a hacker, as a thought exercise how would you go and build a Pokémon cash instrument?
Coming from a very cashfull society, this comment terrifies me about Sweden. Everything can go so wrong with electronic systems in everyday usage, it sounds very limiting.
Very cool! Can you offer "partial notes" where n of m notes can be combined to spend the note? Could be interesting for people who want to leave an inheritance in an untrusted regime.
That's a super interesting idea. We've been somewhat purist about the notes being bearer by nature (not ideal, like digital Bitcoin, for fleeing from oppressive regimes), so any other entanglements challenge that notion.
That said I could imagine a run of "bond" notes instead that rely on a multisig across notes rather than redemption at a bank or with the Treasury.
The world has apparently gone full crazy, as we're now back to where we started, with the (rather big) difference that we've replaced sovereign-backed currencies with ... what exactly?
I don't think it's irrational to disagree with your personal beliefs about monetary systems. There's evidence both for modern practices being beneficial as well as detrimental so I'd reserve judgement until it plays out.
Besides that, what's wrong with a private entity issuing its own scrip? It's how our current system of currency got its start with private banks issuing promissory notes which were eventually adopted by the state. You probably personally hold quite a lot of it in the form of debt or reward programs. This goes a little further in that it is redeemable for an alternate form of currency not backed by a state but that's not really an argument against it, historically people have used all kinds of alternate currencies. It really just comes down to what two individuals agree is an appropriate medium of exchange whether it's bitcoin, dollars or cigarettes.
Except of course, that most central banks function perfectly adequately despite the nation in question having very limited military power, and it isn't as if Bitcoin mining operations don't depend on there being enough use of force behind the rule of law for property to still be enforceable.
> we write an encrypted private key to the note and don't keep a copy
If the private key ever existed in your custody, there is no way to prove that it was not copied. Sorry. No amount of "trust us" is good enough here. Hell, you may not even know if it was copied if your process was compromised. The only way for a private key to be private is for it to never leave a secure device that generates it. (And even then, there are numerous caveats)
It's interesting, but it seems like it relies on technology a bit too much to really be a cash equivalent. Particularly the centralized server required.
As I understand, this requires two fold sanctity - one for the printed form and one for the NFC. For being not a counterfeit now two conditions have to be met independently and simultaneously. Has it been considered that while accepting it neither visual verification, nor electronic verification are enough alone given that it is meant to be circulated among strangers in all imaginable and unimaginable circumstances?
This sounds like it incorporates a typical NFC tag (presumably with a hard-to-clone chip) with a packaging seal option like was used for the more ordinary...
This is straight out of a fairy tale. An evil fairy can make money that looks just like real gold (I mean Bitcoin) and even passes the test when a lesser mage waves their wand (I mean smartphone) over it. But then it will evaporate in a while and will have no value at all.
I love it!
In other words, this whole scheme depends on the NFC chip doing exactly what it claims to.
Presuming you can read the user private key off the NFC chip at least once then you hold Bitcoin after the expiration of the note. No fairy tale, just math.
You need to cut the wires to do this, as I understand it. But, more relevantly, this only applies to the person who made the note. If you want to buy something with this fairly gold note, the recipient has no way to verify that it’s real unless they either trust the manufacturer or they cut the wires and transfer the Bitcoin, at which point one wonders what the point of the physical note is.
No, after expiration of the note the wire does not need to claim funds from the note. Only the user key is required.
If we as the manufacturer are perfectly untrustworthy, this is the final "backup" state. If we the manufacturer are partially trustworthy at any point in time, you can re-key the note then. In no case can we claim funds from the note ourselves.
A dollar is still a dollar in 100 years. The dollar may be worth less due to inflation, but that’s a separate issue. This Bitcoin note might not be backed by any Bitcoin, meaning it may have no value whatsoever.
Alternatively, note could retain value while the underlying Bitcoin becomes worthless; the Internet may have become irreparably fragmented by the collapse of global civilization, and fancy rainbow paper money will carry value because you can see it, smell it, and hold it while numbers in a database will be worthless because you can't verify that database against anyone else's database over a nonexistent network fabric (and that's if you can even get enough electricity to run the algorithms to do the public-key verification).
100 years of future time can be just full of surprises.
Can't agree with this, paper money is only worth what it's backed with or by the confidence people have in other's willingness to exchange goods and services for it. No government = no fiat. No bitcoin = no bitcoin cash. If global civilization collapses you'd have more luck trading bullets and bullion.
This is a bit off-topic, but I'm curious about what other think here.
I like the aesthetic of US cash. I find it elegant and pleasing. It was better before they made all the heads huge, but I have learned to live with it.
I cannot stand the off-sized, party-coloured money in Europe. I don't like how it feels in my hand, and I don't like how it looks, at all.
Personally, I love that euro notes aren't all the same size. It makes it a heck of a lot easier to tell apart notes of different denominations, especially for people with visual impairment. Imaging for a second how you would count money USD with your eyes closed.
I haven't needed to count cash with my eyes closed yet, with several decades behind me. Aside from how awesome it must be for people with visual impairment, I can't think of how else it is beneficial (though that is definitely enough of a good reason). Are there other benefits?
I suspect it's an effect of OCD, but when I have a mess of different sized bills in bright multi-color... my mind is just not at ease.
We did debate this, but decided to stick with same size notes for a couple reasons -- (1) they're easier to produce in low volume and (2) there is a bit of sensation from the raised print on the large "1", "2", "5" and "10" numbers.
Beautiful design especially the subtle Guilloche, but I personally have doubts this solves a real problem and in fact it seems to go totally against the culture of crypto.
As a short-run art piece, it makes sense, but I can't see this being used in the real world. Sadly, it feels to me like this is just another project trying to cash-in on crypto hype.
1. The private key is itself encrypted and stored on the note. Where is the key encryption key stored? On this company's servers?
2. Where is the proof that the note is cut? Are there physical traces embedded in the note? Can someone bend the note over and over again to break the traces?
3. What prevents exfiltration of the user key from the note?
I've got only one question. Can this note be verified without ability to being spent? In other words, is there a cryptographic proof of validity, that doesn't give the validator ability to transfer value?
If users rely on your service to redeem and the printing really is secure, why not just print the bill and redeem manually? If you do it for ETH, you could store it staked and profit like Circle or Tether does with dollars, at least until you're in jail. Any russians or iranians want to start a business?
Oh, we need to show a better photo of this but there is a point on the note where the claimer needs to physically cut the note which trips a tamper sensor in the chip.
This is some very fancy printing. How much does one of these cost to make? How much are you going to ask people to pay for them?
The smallest denomination is roughly equivalent to US$30 so I don't think this is a thing that falls into "if you have to ask the price, you can't afford it".
Having gone to the currency printing industry events the environmental impact of polyethylene currencies appears to be lower and the plastic currencies appear to last longer.
Not as much, but the most common modern currency substrate is PET which is probably the most recyclable plastic. There are a lot of 'wtf' moments when one gets a glimpse behind the veil of an otherwise super secretive industry but this part at least is actually surprisingly mundane.
We used Greco-Roman god statues -- Apollo, Venus, Minerva and Neptune (some of the model statues were Greek, others Roman). We chose aspiration mythical figures to point to some deeper Bitcoin lore. I will hold off with details and let our note designer tease out the meaning there.
Hmm...where? Given all the last minute touch ups to the site I wouldn't be surprised...
As an American rooted in the puritanical foundations of my country I do not support speculative financial instruments and believe rather money should come from strong hard work ethics. Therefore I do not approve of these crypto currencies
I can't tell if this is satire. If it is it's pretty good. If not, no offense meant.
The "puritanical" foundations of the US had _tons_ of speculative financial instruments, including the colony/state/US currencies in their early years/decades.
Cool idea! But how do you make sure that I didn't just pretend to cut the note? If I could fool you into believing I've cut it then I could pay someone with a worthless note.
Thank you; I don't know too much about Monero -- while I see that it does have multisigs, I can't tell if they can change over time. This is pretty important to ensure that we as the note issuer can never block someone from ultimately claiming the funds off of the note.
We don't hold any Bitcoin key material; all of it lives on the note. One of the keys you contribute, the other one is encrypted by a key that we store (and release when the note is cut).
If the note expires then only the user key on the note can claim. However, this is an important risk to consider -- if you have notes on hand that have expired and you haven't re-keyed them, there will likely be a race at expiration to claim for anyone has encountered the note.
We recommend that if you don't plan on spending a note right away (as cash) that you re-key first to ensure that you're the only one who can claim at the point of expiration.
What does that re-keying process do exactly? Surely it’s not just updating the key on the device itself, because then it wouldn’t do anything to stop people claiming encountered notes at the point of expiration, if I’m understanding this correctly. But it can’t be moving the funds to a new wallet either, because you don’t have control of the second private key yet. So… what exactly happens there?
Yes -- that's correct. The security printing is really to highlight that these feel and look like real money which we believe is critically important. There is significant literature on the psychology of money and we believe that it has been a big missing piece for the adoption of Bitcoin.
Had we just used a color laser printer and attached chips to standard paper the security of the Bitcoin stored would be the same, but the experience for someone holding it would be vastly different. Our goal is that you can gift one of these notes to a family member and they will keep it safe even if they don't fully understand it (unlike a printed QR code or ambiguous gift card).
I originally thought this was a joke… because normal “offline” cash that I can spend… isn’t on the blockchain… wait… LOL.
If I claim the bitcoin, I no longer have the paper? And if I have the paper, I don’t have the bitcoin? It’s more like buying a paper bond, with the risk profile flipped upside down?
We used Greco-Roman god statues -- Apollo, Venus, Minerva and Neptune (some of the model statues were Greek, others Roman).
We decided that because of the anonymity of Bitcoin it didn't feel right to 'select' portraits of real people representative of Bitcoin, but rather choose aspirational portraits of mythical figures.
No; this is a fantastic question and why the notes consist of a multisig with a timelock. After the timelock expires only the user key on the note can retrieve the funds. So in the worst case scenario where we go away or refuse to validate notes day 1, you will be able to retrieve the funds after expiration (Jan 3 2029).
Question: how much is it going to cost you to spend your $5 note on chain when you finally want to redeem it as BTC on the network? $1, $2... maybe $50 in 2030. So now it's worth -$25.
Then treat this like a hardware wallet. It's really hard to make trustless, decentralized physical cash which is what this is.
If cryptocurrency is to compete with fiat currency it should be able to do so through all the same mediums fiat can. You can hack these to load them with Bitcoin Cash and make a "Bitcoin Cash Cash" instrument. Previously one couldn't do this, now one can.
We've dabbled with the idea of making a Kong note using the same tech we're applying for the Bitcoin Note, but the requirement for a large fixed run of notes and the niche appeal of Kong makes this tricky.
While Kong Cash notes are gorgeous, there are couple additional reasons we likely won't ever make another cryptocash note like that again: resilience over time in your wallet and the flex-PCBA manufacturing process rather than a print process (the former being far more complex with limited print detail possible). That said, we believe that we are likely still the only mass production run of flex PCBs that incorporated a full-color digital print :)
You make a physical representation of something digital which also changed denomination quite often the last 10 years?
What do I do with it?
I mean first of I need to check if the value is on that note so I need a smartphone. Now I have a smartphone why do I need a note?
The only useful thing would be if I as the giver don't have a smartphone but than I also need to give away a printed object. How cheap can someone print something like this?
My favorite part is the pictures of it on the website.
"Hold your corporeal money next to other real things, like pizza and gameboy cartridges and magic the gathering cards. This is a real thing. That you can own. Like this baguette, or this tamagotchi."
You missed the part where the private company 'authenticates the bill being cut in half' in order for them to surrender the private key.
So, in theory, the bill has the printed Satoshi value and doesn't need a smart phone to verify.
Rotlmao.
In practice, the company gets hacked, loses all the keys, and now all these bills in the wild look legit but have no value. Also, they will be counterfeited like all other bills, except easier because thier not a government mint.
It’s not really a joke, but it is a little funny. It’s just a really fancy ‘paper’ wallet. I actually love the concept. I used to make paper wallets for myself and friends, and this is basically the best version I’ve ever seen
Can't tell if this is satire or not. Must be some kind of elaborate joke that I don't quite get. But in case it's serious:
> censorship resistant money
Ordinary cash is very censorship resistant, that's why it's used by so many criminals. Ever watched Narcos?
> before you accept one of these things you should validate that it actually contains funds? > Yes; depending on who gives you the note you might trust that they have done this for you
So... much, much worse than actual cash, to the point of complete absurdity.
I used to love the cyberpunk distopia aesthetic, back in the 90s.
Now I want less of all of the things in this article. Less digital money, less cellular telephones, less of all of it.
By comparison, if it was depressing to see awesome or inspiring technologies get steamrolled and monetized by the MBAs in the early 2000s, this farce evokes despair.
We were heavily inspired by OG Bitcoin physical money like Casascius coins, however, we wanted to created a design whereby (1) anyone can spend, gift and share the Bitcoin for years to come without having to worry a sophisticated attacker who extracts a private key from under a label or scratch off and (2) trust was minimized on that part of the printer (us).
This lead us to the design we landed on for the Bitcoin Note
1) An NFC chip readable by nearly all modern smartphones
2) A two part multisig where (1) we write an encrypted private key to the note (and don't keep a copy and (2) you write a user key to the note in plaintext and then load the note
3) We only release the decryption key when someone cuts the note and reports this via an authenticated and encrypted way to our server
4) The multisig reverts to only your key after a printed expiration date on the note
5) You can re-key the user key on the note you receive if you want to hold it for a long time
We believe that the result of this design achieves the goal of Bitcoin that's incredibly easy to use - like cash - but still preserves the important quality of self-custody. Take a look at http://bitcoinnote.com/ to learn more and reserve a spot in line for our release later this summer.