A couple of weeks ago, we had a visitor to Dublin, Paul Puey of Airbitz, the bitcoin wallet company based in San Francisco. As with most of the local events these days, a call went out for the Airbitz Dublin Bitcoin meetup. As I lecture in DIT Aungier Street, teaching Entrepreneurship for Game Design students, and it wasn’t term time, they were very nice to allow the use of a room for a few hours in the evening.
Paul and his wife were travelling around Europe, and had heard that there’s a bitcoin scene in Dublin, so decided to swing by our city to say hi, talk bitcoin, and give a presentation about their product, a secure bitcoin wallet, and other services they offer.
There were about twenty people in the audience when I arrived, and a couple more stragglers came as the night went on. I was happily surprised to see a third of those present were female, and between everyone there was a decent mix of students, enthusiasts and a number of developers. When asked at the start of the evening, most in the audience had bitcoin, or were familiar with it.
So kicking off, Paul introduced himself, using bitcoin since April 2013. He was introduced by a friend who worked on Wall Street, and his own career has been a software engineer at graphics card heavyweights nvidia and chromatic research. After that, he went on to be an entrepreneur, working with small businesses and gyms on their payment methods. single point of favour or reliance on one person or company. Looking at the reasons why people should care, he explained that it has many benefits, in areas such as anti-fragility, reliability, privacy (if a channel of communication can have multiple paths, better chance for privacy), unbiased access and prevention of fractional reserve (and highlighted that economists think this creates a house of cards)
He then looked at different layers of bitcoin decentralisation, asking questions including who controls the keys, who has my money, no counter party risk, fractional reserve, security by incentive and reliability of sending. On the last, he elaborated that when people aggregate funds, they can put them in a place like a bank, such as a wallet. For security, most of these companies need to put this offline to prevent hacking. most hold 95% offline in cold storage. less than 5/3/1 bitcoin are online in hot wallets to be spent on demand. This can lead reliability of sending to be reduced. If you’re risking with someone else, they might not have the funds online in a hot wallet on demand, which makes them effectively hosted custodial bank style accounts. On the lower end of transaction sizes, this is usually fine, but bigger payments can take between 45 mins to 18 hours, as it’s based on the operator having to manually do something, and often now with multisig. While this has improved over time, it’s a problem that’s nearly impossible to solve, with the main response being having a bigger hot wallet. But this in turn makes a bigger hacking risk.
He then went on to look at other topics, such as where are my keys created, and discussed what he called the multisig fallacy, whereas some in the industry think that just having multisig = security. As keys control your access to the bitcoin network, the storage of these keys is as important, as the security implementations used. After all, who controls my keys, controls my bitcoin.
He went onto look at the fact that multisig require multiple people to sign for bitcoin transactions, before it can leave a wallet. While this allows responsibility to be delegated to different people or devices, it can add a layer of security. How the environment in which those keys generated, as well as where are they stored is important. If you implement multisig but the keys are held on one device, that isn’t encrypted, that doesn’t add security to the process.
He then went on to look at access to the bitcoin network, particularly about unbiased access, reliability, issue with platform apis, decreased security and decreased reliability. These have kicked in given that bitcoin is just one giant public ledger, and a recurring issue now, especially in the US is happening when people are checking where the coins are going after they have been spent. This has happened with Coinbase and Circle, where they can blocking accounts. Which reinforces why if the online wallet controls the keys to your bitcoin, they can block you from accessing them, for arbitrary or regulatory reasons.
He then proceeded to do an hour and a half presentation on bitcoin, looking at what does decentralisation mean, how peer to peer works, how things work when there is no client or server, master or slave,
He also raised the topic of storage of data, where are my keys (on paper, physical or electronic wallet), having multiple backups on different formats which improves redundancy and avoids data rot. However, this can cause problems related to multisig. After all, your not decentralised, if you’re the point of failure, with keys only stored on one device.
He also raised on the topic of the bitcoin fork, discussing bitcoin core, and some of the alternative choices that have spring up. He mentioned btcd, liibbitcoin, bitcoinj. On bitcoinxt he argued that while it may share the same codebase, the fork is trying to implement a different set of rules and developers. But with lots of people saying it’s good, and others saying it’s bad, it’s dividing the community. However, the one only ones that really matter are the miners with their hashing votes. They don’t sit in a room saying it’s what it’s going to be next. Miners vote with their money to buy hardware and pay energy bills. He also had complements for node operators for keeping them open.
He then paralleled these implementations as a political party. Generally there you can vote for the incumbant or vote for the candidate. People say bitcoin is open source software, but he argued bitcoin is not open source. Bitcoin is a protocol, and software uses the protocol. It’s a distinct language, that can change over time. But the thing is to make sure there’s many implementations of the protocol. And 99% runs bitcoin core that satoshi made. Bitcoin core is what miners are using and being a consensus protocol, that lets lots of computers see what’s real. Miners run the software, and many miners aren’t developers. They choose to upgrade (or not) their version of the software they run for their own reasons. But right now, they only have the choice of core. So they can choose not to upgrade their software, or opt out by choosing not mine at all any more.
So while he thought that xt is a good thing, he felt that they tried, and miners will ultimately vote on it’s success or not.
So wrapping up his general bitcoin talk, he moved on to talk about Airbitz, and how they aim to make decentralisation usable. Their main strength is that the owner holds the keys to their bitcoin, not airbitz. They also have developed a password recovery method, and right now claim to be the only wallet with this.
He highlighted their one touch 2 factor authentication, and how their decentralised wallet is resistant to server outages. Also, as they’re using decentralised open source servers, if in the future the company were to close, people using their wallet would still have access to their bitcoin.
Their wallet also has some pretty nifty functions, with the ability to pay with bluetooth, using contacts on the phone, using the fiat value. He also highlighted that all information is encrypted client side on the phone. This gives somewhat better privacy, as everything is encrypted, all data is encrypted before backed up to cloud servers, and they incorporate dynamic rolling address to prevent tracking on blockchain ledger.
The wallet also aims to offer an integrated buy and sell, connecting with bitcoin exchange partners, as well as other potential avenues for bitcoin, in banks, kiosks, atms. These coins are never held by a third party, and transactions after are more private, as they’re not with third party. The company is also offering a platform for core developers. He went on to say that they’re “dog fooding” their own platform.
He also talked about other things they can do, with a platform for zero knowledge decentralised apps, and end to end encrypted communication of digital assets. Other potential applicaitons include secure public private key authentication, username password management, private communications, instant messaging, audio/video and private financial applications.
He noted that while (encryption method) PGP has been going for 20 years, a lot of people don’t use it because key management is so difficult, and there is a high barrier to entry for normal user.
Wrapping up, his final thoughts were that bitcoin’s decentralisation allowed it to succeed after the failures of previous digital currencies, and left a question hanging, as will a bitcoin company’s success also depend on it’s decentralisation?
He took a number of questions from the audience. Those who asked a question got a metal coffee mug to encourage participation. When asked what’s the business model, he replied openbazaar didn’t have a business model when it got funding. They did a project, which people loved and people gave them money. Right now Airbitz is building buy/sell partnerships, and will then add other opportunities later on. There are practical uses, such as being able to buy mobile minutes, gift cards etc. Their long term focus is the platform, driving private secure platforms. licensing on this side. And they feel they can do a lot with security of private key, and backup synchronisation for general apps.
When questioned on buy sell tech, is that using credit cards to buy bitcoin, one of the biggest obstacles in Europe. He replied that buy sell will depend on each jurisdiction or countrycountries. They look to find out whats the most usable legacy financial infrastructure whether atms, kiosks, people on bikes. But they’d first use SEPA in the Eurozone.
He was asked his thoughts on bip100 vs bip101. He replied that bit100 looks like a better decision, as it lets miners choose block size over time. His main idea is that miners should vote.
Another audience member asked if they see themselves as alternative to coinbase or circle. He said that they’re the polar opposite to Coinbase and Circle. As they’re holding everything offline, this brings in a reliability of sending issue. While their servers may be up, but they don’t have coins. Airbitz is non custodial, encrypted with your credentials. They’ve made a purpose of company to hold servers, and making sure that it can’t be associated associate with a person, so properly anonymous. They couldn’t associate it with you even if they wanted to, and they’re giving software to let you encrypt data.
A small discussion in the audience discussed Coinbase, in that if you’re sending from wallet within to another, they use a sidechain and they have their own ledger. Paul commented that this wasn’t always the case as they used to only use these for large transactions, not small ones. But now all is offline.
Another audience member asked if Airbitz was doing anything to counter side channel attacks and traffic analysis. Paul said that if you have access to every server a phone is attached to, you potentially could – if there are temporal associations, not a hard link between an account and an ip address. Some of the things they do to help disassociate data are that they assume all data is insecure, so they encrypt. They mask queries for addresses. While accessing the network and running a query you give up some information, such as looking up a particular address. Prefix queries let you get multiple ones, and manually find the one you want, which trades some bandwith for privacy. He also said that if a server goes down, nodes are cached on the phone
Wrapping up nearly two hours in the meetup, the audience left, and about a dozen went up the road to Against the Grain on Camden Street. Pints, bitcoin banter, advice on places to visit in Ireland, and a peer to peer bitcoin for euro trade ensued. For more information on other bitcoin events in Ireland, stay tuned to BitcoinsInIreland.com, and we try to make it to some of the increasingly regular Bitcoin Dublin meetups.
