This is an excerpt from a presentation I gave at last week’s Blockstack Summit.
This is Tim May. Tim recently gave a talk called “Thirty Years of Crypto Anarchy.”
I like that title so I’m ripping it off, but we’ll add 70 years because this talk is aspirational as well.
Crypto Anarchy has gotten a bad rap. Something about the whole idea of anarchy. We’re not trying to overthrow the establishment and collapse the nation-state here. You can if you want to, but please do that on your own time.
The government actually has a pretty important job. It creates and enforces rules that make civilization possible. Without rules we’d be a bunch of little tribes fighting each other, and life would be nasty brutish and short.
In the absence of a central authority, we can use technology to enforce rules. That’s all crypto anarchy is: Create self-enforcing rules without involving the government. They should thank us for easing their workload.
Property rights, for example.
Back in the days of the wild wild west, there was no good way to control land rights. Cattle ranchers couldn’t keep their cattle from straying, farmers couldn’t grow crops without getting trampled by cows.
Barbed wire was a big deal because it let settlers take control of their land and improve it.
Barbed wire is not a perfect solution. For instance, it’s no match against a set of wire cutters. In physical conflict, it’s cheaper to attack than defend.
This is Ft. Knox. There’s something like $200B worth of gold stored here. A game theorist might reckon that it’s economically rational to spend up to $199B to break into the vault and steal the gold.
Except that we have a $600 billion defense budget. In the physical world, whoever has the biggest weapons gets to make the rules.
This isn’t true for the digital world. Encryption is cheap to defend and expensive to attack. To brute force a 128-bit RSA key would take a million billion years with a supercomputer.
Threats of violence are useless here.
Without coercive threats, we can interact and transact as we choose.
This is Attorney General Jeff Sessions. He sucks. I don’t know if he’ll be Attorney General for very much longer. He led a campaign to take down the biggest darknet markets.
Jeff Sessions likes to point out that people have OD’ed and died from drugs they bought off darknet markets, but look – people aren’t going to stop doing drugs. Narcotics is one of Mexico’s biggest exports.
Street drugs involve a lot of violence and extortion because they don’t have a central authority to keep things in order. Darknet markets provide a way for adversaries to compete without murdering each other.
Technology doesn’t change what people want in the world, it just removes the use of violence to get there.
Every time a market shuts down, three new ones spring up in its place. For the past few years, the biggest hidden market was AlphaBay. The day after Alphabay disappeared, vendors were posting signed messages on Reddit to prove that they were still available, and to announce that they had moved to the next market.
Public Key cryptography isn’t just for encrypting private messages. It also provides proof that the sender is who they say they are. When buyers and sellers conduct transactions, they sign messages with their private keys. The signatures become digital identifiers.
So here’s the thing with darknet markets. The platforms don’t matter. Users expect sites to eventually disappear, because no market admins have lasted 3 years without an exit scam or a raid. What matters is the users.
Even if a site goes down, the reputation and relationships remain.
For most of existence, identities were local. People could selectively reveal information depending on where they were.
Now that we have all these big data companies, there’s a stupid idea that people should have only one identity that follows them everywhere.
This is the visa application for entering the US. It asks for every email address you’ve used for the last five years, and a list of all your social media accounts. Cripes.
True Names is a sci-fi novel from the 80s, where online hackers go to great lengths to keep their legal identities secret. If the government finds their true identities, it might kill them.
This is where we’re headed. Not the killing part, but the part about separate digital and legal identities.
Keypairs aren’t social security numbers. We can have more than one digital identity.
Before we invented corporations, business owners were personally liable for any losses the business incurred. This meant that if your company sold a bum product, you could be sued and enslaved by creditors.
In the 1800s, we created the idea of limited liability companies that were legally independent of their founders. By separating the corporation from its owners, entrepreneurs could take on new business ventures, or multiple ventures, without liability from one company affecting another.
A lot of people are doing ICOs and lawyers are spazzing about whether tokens are securities. Who cares. Don’t do an ICO under your real name, duh.
ICOs have raised over $1.3 billion this year. How many investors even know who the founders are? Here’s one anonymous ICO for a decentralized name server and token exchange. The founder is trading on nothing more than a Github repository and Reddit karma.
Reputation is collateral. No one knows who darknet market admins are, but they’re entrusted as escrow. If the amount of money in custody exceeds the operator’s expected future revenue, they will exit scam. Evolution was the most highly-rated market until it exited with $12M in escrow. Don’t trust anyone with more money than their reputation is worth.
True names are a barbarous relic. The most valuable blockchain to date was created under a pseudonym.
When Tim May wrote The Crypto Anarchist Manifesto, it wasn’t a call to action or instigation of sorts. It was simply an observation. We now have the technology to create and enforce our own rules, and this knowledge cannot be stopped. We can either rail against the inevitable, or use these tools to build the world we want.
Public key crypto is pretty great, recently my apartment got broken into and had some stuff stolen. Around the same time my I broke my phone. As a fairly security minded person I use 2FA in almost anything that I care about so having my recovery keys on that hard drive was a bad threat model in this situation.
Luckily I recovered all the accounts I needed because I had signed all my important accounts with using pgp to keybase. In the future I don’t know how big a player cryptocurrency will play, but definitely digital signing will be.