Guide to Bitcoin & Digital Asset Insurance

Guide to Insurance

BitGo has been a pioneer in establishing the Bitcoin & Digital Asset Insurance capabilities for custodians dating back to 2015. Over the years, we’ve built the most comprehensive package available, which many exchanges and custodians have replicated with varying degrees of success. Whether you’re looking to buy digital asset insurance or whether you want to understand the options, here’s what you need to know!

tldr;

  • you can’t simply compare two coverage limits; not all policies cover the same risks
  • there isn’t enough global insurance coverage for all service providers and their assets under custody
  • cold storage & multi-signature technologies, combined with SOC audits and operational controls are the key to low insurance rates and more coverage

Coverage Limits
Most clients simply look for the coverage limit of a service provider. The insurance coverage limit is indicative of the financial health of the service provider in terms of their ability to afford insurance, and also the ability of that service provider to acquire insurance at affordable rates. Companies with stronger security models, audits, and controls always are able to carry more insurance because the insurance policy rates are significantly lower. Examples of risk-reductions leading to lower priced insurance include: cold storage, SOC-controls, multi-signature capabilities, and geographic dispersion of keys. The difference in rates can be significant. Hot storage insurance, such as what you get with MPC wallet technology, generally costs 1.75 – 3.00% per year! Cold storage wallet solutions, by contrast, generally carry rates significantly below 1%.

At BitGo, we have a $250M shared pool limit with excess insurance available to clients that purchase it. The excess cover currently employed by clients at BitGo is over $500M, making the total cover at BitGo $750M, the largest in the industry, and still growing.

Global Coverage Capacity
As you look for service providers, you need to be aware that the digital asset insurance market is pretty small. The exact size of total insurance is unknown, but is estimated to be around $5-7B of total coverage shared globally. Given that the market cap of crypto today is about $2.8T, that means insurance is only available to cover a tiny fraction – less than 1% – of all crypto available.

Worse, $5-7B is smaller than the amounts held at many custodian’s and exchanges. Even if BitGo or Coinbase bought 100% of the available insurance supply, we wouldn’t be able to cover all of the assets held in custody. On the surface, this sounds terrible. But there is good news: digital asset technology does provide security provisions which, if used properly, can stretch insurance over a larger pool of assets. For example, at BitGo, if you wanted to store $1B of Bitcoin with us, we wouldn’t store it all in one big wallet. Rather, we’d break it up into multiple wallets, of less than $200M each, each with independent keys. Further, we’d rebalance wallets over time as prices fluctuate, to minimize the chance of a single-wallet compromise that could exceed the insurance policy. Further, because client funds are generally segregated and split, most wallets remain dormant for very long periods of time. In fact, if there are deposits and withdrawals, we will generally only use one of those wallets for transactional needs to further reduce access to wallets that can otherwise be held with keys dormant.

As you select your custody provider, make sure they have good policies about how they segregate funds internally. Not all custodians segregate funds on-chain or enable rebalancing and other security protections which can extend insurance policies effectively.

Covered Risks
The most difficult part of evaluating any two service providers is understanding what their insurance policy actually protects against. Just because a company has insurance doesn’t mean that all assets are covered or even that the same risks are covered. Unfortunately, no two policies are alike!

Years ago, I heard from another company that their insurance policy rate was about 1/3rd the price of what BitGo was paying at the time. Of course I was interested in finding out how to reduce BitGo’s insurance costs, so we reached out to their broker right away. The broker was very straightforward and honest and quickly told me, “First off, you need to know that our policy is very good, but it doesn’t cover all risks. It won’t cover any hacks.” I was shell-shocked; how could any digital asset custodian possibly be interested in an insurance policy which doesn’t cover the one vector of risk that our clients care about most? Obviously BitGo did not switch to that low cost provider and stayed a better policy.

However, to this day, I know many digital asset companies are still using that “cheapo” insurance. They claim to have large amounts of insurance just like BitGo does. But theirs doesn’t cover hacks at all, while BitGo’s does. It’s so fundamentally different you can’t even compare.

When selecting your service provider, check to see what risks are protected. Some things to check:

  • insider theft
  • hacks
  • technology failure
  • geographic / natural disaster

Geographic risk coverage may sound unsual for digital assets, but remember that some custodians use single-signature wallets (not BitGo, of course!). This means that a natural disaster at the wrong location could lead to catastrophic loss. BitGo’s 100% multi-signature and threshold technology cold storage means that we can always store the 3 keys at least 1000 miles apart from each other. BitGo was the first digital asset insurance to carry this feature, and I believe that even today, BitGo is the only provider in the industry to offer it.

Quality of Underwriter
All of us want to ensure that a loss event does occur, that the insurance underwriter will pay the claim. Given that insurance policies in crypto tend to be measured in the 10’s or 100’s of millions of dollars, the underwriter matters a lot. One of the highest reputation underwriters is the Lloyd’s of London syndicates. These underwriters are known for their long-standing in the industry and ability to pay in the event of a loss event. While there are many underwriters out there, make sure you evaluate whether the coverage you think you’re buying is being provided by someone who will stand by their policy when you need it.

Beware of Additive Policies
Some service providers in the space use multiple service sub-providers, which may provide insurance. We’ve definitely seen marketing of policies where the sub-provider policies are simply added up, enabling the service provider to advertise a very large number. Remember, just because a service provider has a policy or a sub-provider policy, it does not mean that your assets are insured there. The additive policy might claim to have $500M of insurance from 3 different sub-providers. But if you store $500M yourself at that provider, it is unlikely each of the sub-providers would help with your recovery.

Beware of Fake Coverage
Some service providers will advertise a sub-provider’s policy as their own. Years ago, BitGo had a client, call him Alex, using BitGo for custodial and non-custodial wallets. At the time, Alex liked to tell his customers that he used BitGo, with $100M of insurance. But Alex wasn’t simply holding onto the assets in BitGo wallets, he was doing other things with his client’s assets, and very little was actually stored in BitGo. While it is true that any assets Alex held with BitGo in cold-storage were be covered if BitGo lost the funds, it did not mean that BitGo covered losses for Alex if funds were not stored at BitGo. After inquiries from Alex’s customers, we tried to get Alex to change his marketing, but could never come to agreement. Eventually, in 2020, we were forced to drop Alex as a client because of his misleading insurance claims. To this day, I do believe many service providers are less-than-forthcoming about what assets are stored with custodians like BitGo and covered by insurance. Make sure you clearly understand who holds the policy and which assets are insured. No insurance underwriter ever backs a policy protecting assets which are not in the direct care of the policy holder.

Hope this was helpful!

Why now is the best time to build in crypto

BUIDL

We all have one thing in common. None of us knows how much time we have, and so for all of us time is our most precious resource. So the question is, what will you do with your precious time?

All great achievements take time. So, if you’re a developer who aspires to build something that’s going to have an impact on an industry or on the world, it’s going to take years of your time. It’s important to be intentional about what kind of impact you want to have.

I would submit to you that, right now, building for crypto, web3 and DeFi is probably the most impactful opportunity of our lifetimes. And it is starting right now. You can be part of the beginning of the financial system revolution.

I’ve been incredibly fortunate to have had the opportunity to work on a lot of high impact products. I joined Netscape just as the Internet–web 1–was being born. I quickly became an expert in the inner workings of the Internet and its protocols, and it changed everything in my career. Fast forward a few years and a few great start-ups later, and I was one of the first ten engineers on the project that would become Google Chrome, the web development platform that enabled web 2. Now, with BitGo, I’m building for web 3. 

But I got lucky. When I was starting my career, I didn’t think intentionally about where I could make an impact. To be honest, I was probably too young to realize that is what I wanted.

My first job was at Hewlett Packard. At the time I joined in the 1990s, it was still a great company, but probably past its peak. My job was fixing bugs within their MPE operating system on their legacy minicomputer line. It was a good place to start to learn. But I was a piece within a piece of a piece of the company. I don’t look back at that time as well spent.

Around the same time, the foundations of the Internet were being invented. Tim Berners-Lee had published his paper on the World Wide Web. At the University of Illinois Urbana-Champaign (UIUC), Marc Andreessen and his team were building a browser called Mosaic, and later would form the core development team that brought us Netscape. 

An enormous amount of engineering talent was focused on building the capability to connect people to information. I applied for a job at Netscape and joined just before they went public. My parents thought I was crazy. But of course, Netscape soon became a global phenomenon and changed the world. And their minds.

Netscape was a 180 degree turn away from what I’d been doing at HP. It was pure chaos, but for an ambitious developer, it opened my eyes to the unlimited potential of software. I had my official role, but I also spent a lot of time researching and prototyping ways to make web servers better and faster.

The work we did at Netscape was fast and furious. Many of the original UIUC team were now at Netscape, and all of us were in our 20s. The code they had written as college students, and now as first time professional software engineers, was beginning to have an impact on mainstream culture and continues to do so to this day. I recall driving on highway 101 in Silicon Valley with some of the team around that time, and we drove past one of the first ever billboards with an “http://” URL on it. It was a profound moment – these young engineers were seeing their work taking root in the mainstream for the first time.It was inspiring.

The impact of Netscape and the speed of innovation would eventually lead Marc, the co-founder and visionary behind Netscape to say, “software is eating the world,” a remark which has proven to be prophetic to this day. It’s software that gives us the ability to change an industry, and to improve over time. Netscape was one of the first pure software companies driving that kind of upheaval. 

I was really fortunate to get in on the ground floor of something that had such an impact. It set me on a completely different trajectory to love startup companies and continue to try to build new things. 

The Internet was already about 12 years old when I started at Netscape and we started to build software for the web–about the same age that Bitcoin is now–and its impact has changed the world. The impact of Bitcoin, crypto, and web3 will be even greater because it intersects with money. It’s no coincidence that Marc and Ben Horowitz, co-founder of Andressen Horowitz, run the largest web3 & crypto venture funds in the world.

It’s going to take longer to build because unlike the movement of information, the movement of money brings regulation with it. We are still in the first inning. 

Crypto projects stand at just under a trillion dollars in global market cap, and yet it has the opportunity to encompass all of finance. Every major bank, custodian, and exchange on the planet is talking about how ultimately all of finance will be digital assets. But it’s unlikely that the incumbent players are going to win this market. 

It’s a classic case of the Innovator’s Dilemma. This is the phenomenon where the big companies, with all of the resources eventually lose to small companies with not much more than an idea and grit. We see this pattern over and over again. Software reduces the cost of development so that small, creative, and fast moving teams can iterate quickly, using their software to eat their much larger rivals’ lunches.

The early iterations from these small innovators are usually ground breaking. But the early markets for them are small. Market leaders, with their massive distribution channels and seemingly infinite resources, invariably dismiss these early markets as too small to be a threat. They pan the innovators as immature, inexperienced neophytes. Unfazed, the innovators continue to iterate and iterate, and eventually become a substantial force.

As the innovators start to reach critical mass, the incumbent firms take interest. But it’s too late. They’re starting from zero, they’re not very nimble, and they just can’t catch up. 

Microsoft beating Netscape in the “browser wars” was a brief exception to this rule. Microsoft would have missed the internet era had it not been for Bill Gates’ technical leadership and vision. He penned his famous “Internet Tidal Wave” memo in May, 1995, and it was a seminal moment for Microsoft. Gates immediately deployed Microsoft’s vast resources, its software engineering expertise, and its operating system monopoly to build a “Netscape killer”. It seemed like it was already too late for Microsoft. But Netscape faltered. They didn’t know how to manage large teams and their software development lifecycle was atrocious. Microsoft, by contrast, had been building software in the large for decades and they knew exactly what to do. Internet Explorer soon became the dominant product in the market by 1999. Microsoft escaped the innovator’s dilemma for a moment, but they stopped innovating and eventually Chrome rose and clobbered IE.

You could fairly argue that Microsoft beat Netscape because they had the second mover advantage. They were quickly able to replicate the product and then put all of their marketing muscle behind it. 

But that’s unlikely to happen in crypto. It is true that all of the big banks and brokerage houses have taken notice of crypto and web3, But Microsoft was a software company, and it’s software that eats the world. Banks don’t have strong software teams. They’re not product builders. They’ve built fragile markets based on marketing and relationships that have a tendency to fail spectacularly – as we saw during  the Great Financial Crisis of 2008. Relationships don’t scale like software. So these incumbents are unlikely to be successful second movers.

Additionally, today’s software engineers stand on the shoulders of giants like never before. These giants built open source software, git, github, front-end frameworks, continuous integration systems, and more. Netscape struggled to scale with the tools we had at the time. Today, any good computer science graduate can run circles around Netscape’s neanderthal development processes.

This is why the crypto industry is the best place to be a developer noq. We are at a once-in–a-lifetime point in time where “software eats the financial system”. This is going to be the =fastest and most innovative change in any system, ever. 

There are three reasons why:

  • First, it is well known that the financial services sector has seen little technology and innovation for years. This is due to institutions building regulatory moats rather than competing with service and technology. As a result, we now have decades of pent-up demand for better technology and software capabilities in the banking and financial services sector;
  • Second, the advent of Bitcoin and blockchain technologies has enabled software change to finally cross the regulatory moat that has enabled banks to stagnate for so long;
  • Third, change is occuring at a global scale. We’ve spent the last 25 years connecting every corner of the globe to build communications and communities everywhere. The change in the financial sector is not just in the United States, it is everywhere.

This confluence of trends makes crypto and web3 the most innovative space in software ever. If you’re a developer thinking about what your career is going to look like five, ten, or twenty years from now, it’s going to include this technology. You have the same opportunity that I stumbled into back in 1993: the creation of a whole new system!

But our industry is not without flaws.

Think again about how you spend the time in your life and the impact you want to have.

For the first 20 years of my career, I never was interested in finance. Traditional finance builds nothing. The entire finance industry makes money off the productivity of others.it It has almost no direct impact on GDP. What little “service” it does provide could be easily replaced by software that can do it better, faster, and without lying, cheating or stealing. 

What got me excited initially about Bitcoin, and eventually digital assets in general, is that we can make a more fair financial system. We can bring safe money to places in the world that don’t have it today. We can expose fraud. We can enable privacy so that everyone can be safer and freer. These are worthy of my time.  This is what I’m here to build. I could do this for a decade, or I could do it for a lifetime. 

Think about how you’ll reflect on your time on this earth when you’re at the end of your career. Wealth is great, if you can get it. But will you have built something of substance or value? Or will you have merely garnered riches by enabling speculators and gamblers?  

As software developers, you have power. You have power that bankers don’t have. You have the power to build. You get to decide what you build, and how you build it. Further, most software developers I know are mission driven. They are here to create and have impact.

Thus, because we are dealing with money, we have a greater responsibility as developers than most other sectors. We need to think about how our mistakes could impact people. Could it hurt their security? Could it hurt their savings? Could it enable governments to oppress or harm people? 

We know about cyber security breaches. We know about privacy concerns. We know about threat models and secure coding practices. But do we employ them? Or are we here to make a quick buck?

We can and will move quickly. But we must also move responsibly. The opportunity is huge. Our fortunes, and the fortunes of the world hinge on our next few iterations in all things crypto and all things web3.

GDPR: Successfully turning privacy problems into security problems.

Ugh – GDPR. From a legal perspective, GDPR was designed to give users control over their data. From a practical perspective, GDPR is the reason you had to click “Accept Cookies?” 12 times today without really knowing what cookies even are (and I’m sure you read all 12 privacy policies before clicking “Accept”, right?)

“The road to hell is paved with good intentions…”

I shouldn’t be so annoyed by these pesky little popups. But tonight I find myself searching for a chrome extension that can just auto-click-yes on all of them. The popups are not useful to me.

Turns out “there’s an app for that” called I don’t care about cookies. Looks like what I want, except…

Do I want to install an app that has ability to read all pages I go to and clicks “Accept”? This may seem like a circular question – am I worried about privacy to an app that’s going to help me ignore my privacy? But that isn’t the real issue. The real issue is that to fix GDPR’s UX problem requires me to turn a privacy problem (cookies) into a security problem: can I install this extremely powerful app at all? What if it’s malicious? Or what if it gets updated to do something malicious? Grrr…

Unfortunately I couldn’t find the open source for “I don’t care about cookies”, so my search continued. This time I found another app called “Consent Manager“. This one seems to take the opposite approach – attempting to decline automatically, but I also can’t find the open source. Foiled again. At this point, I’m out of time so I will give up.

Conclusion: I hope Google Chrome implements a checkbox on install that will enable users to “auto accept all cookie policies” or “auto reject all cookie policies”. If Google give you the choice, I’d say that falls within “do no evil”. Irony!

The Reserve Currency of the World Will Be Digital Currency

This week, PayPal announced it is leaving the Libra alliance.  While that may sound like a vote against Libra, it’s more likely a vote against the dollar.  PayPal was just approved as China’s first western payment processor, and its likely that PayPal is simply betting that China’s digital currency is more likely to win than Facebook’s.

Today, US Dollars are the world’s dominant reserve currency, representing 62% of all reserves, while the RMB accounts for a mere 2%.  Despite having the globe’s 2nd largest economy by GDP, China’s RMB has only became reserve currency 3 years ago in October, 2016 and it has grown from 0% to 2% in a very short time. 

Meanwhile, in digital currency, American politicians are fighting digital.  Democrats, such as Senator Maxine Waters, and Republicans, such as President Donald Trump, both see Facebook’s Libra as a threat to the US Dollar.  Trump goes so far as to say that all digital currencies are an affront to the USD.  At the same time, China’s leadership is ready to embrace digital currency and is accelerating projects to create a government-backed digital currency.  Who’s right here? America sees digital as a threat while China sees digital as its opportunity to break out.

Frankly, digital currencies are unstoppable.  We have a global economy, but we don’t have a global currency.  Digital currencies, which can move globally with zero friction and zero counterparty risk are the first opportunity we’ve had to build a truly global currency.  While the US should use its position as the dominant reserve to propel digital currencies forward, it instead sees it as a threat and is attempting to block it. But the US has no jurisdiction globally, and its competitors would love nothing more than to displace the dollar.  As such, China rightly recognizes that digital currency is just what it has been waiting for: a global distribution vehicle for RMB.

If the US can’t get its act together soon, it will lose.  Crypto-currency is the future. As Marc Andreesen once said, “software is eating the world.

Why I Would Not Participate in a MPC Wallet

The personal liabilities associated with multi-party computation (MPC) based wallets are so great I don’t see how I (or anyone) could ever participate in a MPC wallet.

No Accountability

The core problem with MPC is an architectural one. While MPC does create a mechanism whereby multiple people can each hold independent parts of a key to eliminate single points of failure, MPC fails to offer any accountability about who participated in the signing of a transaction.

Imagine you create a 4-of-7 MPC wallet with 7 people participating, and 4 required to authorize a transaction. What if, unbeknownst to you, 4 of the other people holding key parts in the MPC wallet decide to steal the money? Because MPC does not offer signature accountability, no one can be certain who participated in the transaction.  As such, even though you had nothing to do with the crime, you’re now a suspect, and it may take months or years to clear your good name.

Co-Signers Make MPC Even Worse

Vendors offering MPC services and co-signing dismiss this vulnerability and claim, “don’t worry, we keep track of who participated and will log all accesses to the signing process”.  In other words, even though no one can determine who participated in the transaction from the signature itself, the vendors claim that they know the answer within their application logs. Thinking about this carefully, you’ll realize this makes the vulnerability even more severe.

With the vendor as a co-signer, you can now imagine the same attack scenario as above where 4 of the other participants on the wallet collude to steal the money.  In this case, however, imagine one of the perpetrators is a rogue employee at the MPC vendor itself. In this scenario, you have no protection that the MPC vendor isn’t modifying its application logs and data. In addition having already been a suspect, the MPC rogue employee or vendor can now frame you for the crime. How would you defend yourself in this scenario?  They hold all the cards, the data, the logs, and the technology.  Unless you’re a cryptography expert, it will be extremely difficult to defend against them.

Conclusion

MPC vendors forget that accountability is a critical part of security, trust, and safety in a multi-user system. Participants on MPC wallets need to be very careful that they can fully trust all of their MPC wallet co-participants. This may not seem like a large risk if your wallet balances are small. But these vendors are encouraging MPC for protecting billions of dollars of assets. 

Multi-signature systems, by contrast, offer all of the benefits that MPC systems offer, but without any ambiguity of accountability.  With a multi-signature system, everyone on the blockchain can publicly see that you did not participate in the transaction without a shadow of a doubt.

I don’t see why anyone participating in the security of assets would even consider using MPC without multi-signature.  The personal risk for the users of the MPC system is massive, and is simply beyond tolerances as the asset values go up.

Proprietary Cryptography

One of the best things about the growth of Bitcoin is how it has propelled research and development in cryptography. What was once a relatively sleepy field of computer science has now become one of the most popular areas of study.  There is no doubt that this additional research will yield great advances in the coming decades. But cryptography is unique from other computer science disciplines, in that there is no margin for error – especially if that cryptography is being used to secure money or digital assets. Unfortunately, the growth of Bitcoin has also fueled a new wave of rushed cryptography.  Rushed cryptography is brand new cryptographic technology that hasn’t had sufficient peer review or test, yet is being promoted as the new panacea to all your hacking woes.

The creators of rushed cryptography always know that they rushed it.  They know they haven’t done sufficient testing or peer review. Testing takes months to years and peer review takes years to decades.  Excited to launch products with their new technology, combined with a little hubris and a little ambition, rushed cryptographers use their new algorithms prematurely. While they make bold claims and brag about the awesomeness of their creation, internally, the rushed cryptographer is actually full of fear – fear that someone will find a bug, a hole, or a problem before they do.  To prevent this from happening, they fall back on the oldest trick in the book: they make it proprietary.

What is proprietary cryptography?  Nobody knows except the creator – the same one that is now trying to sell you his product. The creator says they tested it.  They hired PhD’s, experts and mathematicians to attest they did a great job. They hired security auditors and code reviewers. But did they?  How can you know? How can you possibly use this to secure assets worth millions?

OWASP (the Open Web Application Security Project) has this to say about proprietary cryptography: “Proprietary encryption algorithms are not to be trusted as they typically rely on ‘security through obscurity’ and not sound mathematics. These algorithms should be avoided if possible.

Remember Schneier’s Law: “Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break.”

It is an exciting time for cryptography, computer science, and digital assets.  But one of the best things about Bitcoin is that it relies on stable, steady, known algorithms.  This conservative development helps the system, builds trust, and is known to be secure. To those that are rushing new crypto, don’t forget peer review and open source implementations: this is money!

Who Votes For The Blocksize Increase

There are two primary proposals on the table for increasing the transaction capacity on the Bitcoin blockchain.  I’m in favor of both of them.  Although nearly everyone agrees we want more capacity, it has been hard to decide the best path forward.  Regardless of where you stand, one interesting consideration is who gets to vote for the two proposals.

Segregated Witness

Segregated Witness, or “SegWit” for short, is a fantastic feature which has a number of positive impacts for Bitcoin.  It can be implemented with a “soft-fork” upgrade, and I have yet to hear anyone disagreeing that SegWit is a good idea.  The only delays would be implementation and testing, but those are progressing well.  Bitcoin Core developers have committed to a solid roadmap.

In terms of increasing the block capacity, SegWit should yield a 1.6x increase in transactions within a block, once fully implemented.  But implementation is not just within the core software, it also must be implemented in every wallet in that creates transactions.  In order to get full capacity gains, all transactions need to be created using wallets that have implemented SegWit.

So who votes for SegWit?  Since there is no contention that its a good feature, the voters end up being wallet implementations like BitGo, Blockchain.info, and Coinbase.   And, if you know the stats, you know that Blockchain.info is currently responsible for 40+% of blockchain transactions (that chart does not include BCI’s API based transactions).  

For the record, BitGo plans to implement SegWit early.  We feel it is a good improvement for our customers and will reduce their fees substantially.  It is a significant engineering effort, but we are committed.

2MB Blocksize

This approach is much simpler in concept – it’s a direct increase in the size of a block from 1MB to 2MB, thus allowing twice as many transactions.  There are some corollary impacts to consider with other limits to avoid scalability issues with massive transactions and such, but for the most part the implementation portion is understood.  The primary debate with the increase is that it requires a hard fork, and some are worried that we could end up creating two different versions of Bitcoin.

Everyone seems to have an opinion about the hard fork.  We’ve seen BitcoinXT, we’ve seen Bitcoin Classic, and we’ve seen Mike Hearn quit the Bitcoin world altogether.  Gavin Andreesen, long time lead engineer for Bitcoin is strongly in favor of the hard fork.  Brian Armstrong, CEO of Coinbase has been adamant about the hard fork.

But not everyone agrees. Some Bitcoin Core developers (Andresen and Garzik) are in favor of the 2MB increase, but most core developers are not, and they’ve been reluctant to add a blocksize increase to the roadmap.  I think everyone prefers the Bitcoin Core developers to agree with a direction, so the disagreement is troubling.

Regardless, none of these people get to vote on the hard fork – not even the Core developers. Only the Bitcoin miners really get to vote, as they’re the ones that create the larger blocks.  Everyone else is just an opinion.

Conclusions

Unfortunately, it doesn’t look like we’ll see a block size increase any time soon.  But SegWit is very likely.

The voters for SegWit are the wallets, and Blockchain.info is the lion’s share of transactions.  If you’re truly interested in Bitcoin capacity increases in 2016, it’s time to go pay Blockchain.info a boatload of money, because without them on board, the increases are less than 30% this year, even if every other wallet implements SegWit.

Bitcoin Blocksize and The Future

spacex3Today, one of BitGo’s major customers complained to us that their transactions weren’t getting confirmed.  Why not?  Well, because the blocks are full.  They put the right fee on the transaction, BitGo’s platform dynamically computes the right fee every time.  But a sudden spike in demand left their transactions lingering for hours.  It’s not okay that our current, small Bitcoin exchanges are suffering due to Bitcoin Core flailing.

So I have a few things to say.

#1 Bitcoin is Engineering run Amok

I’m sorry, engineers of Bitcoin, but you’re wrong with your fears that a larger block will break Bitcoin.  You’re doing what Donald Knuth told you not to do – premature optimization.  We have no hard data that indicates a 2MB block will be a significant issue with block propagation or centralization.  If you’re right, and larger blocks do require more optimization, we’ll optimize and fix once we’ve seen the real bottleneck.  From my own experience building HTTP/2.0, there is only one thing I know about optimizations:  you never know what to optimize until you’ve tried it!

Premature optimization is the root of all evil.   — Donald Knuth

#2 We already have consensus

Data shows that more than 90% of the community already supports at least a 2MB block.  If 90% is not enough for “consensus”, then I don’t know what is.  From my work in standards bodies, I know that standards are always a compromise.  If you can’t bend on this, then the community will need to move on without you.

#3 Bitcoin is already centralized

The core argument against larger blocks is that it will lead to more centralization.  I wish it weren’t the case, but this war has already been lost.  First, it was pooled mining, and later it was advances in hardware which left individual nodes in the dust.  But no matter how you slice it, Bitcoin can be overtaken by only taking out a handful of companies.  Sure, this isn’t as centralized as a product like e-gold, with single governance, but it certainly isn’t the decentralized mecca that Satoshi had envisioned either.

Don’t get me wrong – we all want a decentralized system.  But the blocksize isn’t the key here.

#4 Segwit and Lightning Network are distant dreams

Both Segregated Witness (a proposal for decreasing data included in a block) and Lightning Network are great technical ideas for the future.  I love them.  However, neither one will be ready or deployable for 6-18 months.  For Lightning, prospects are even more risky – there is a real chance that it won’t work at all.  Further – if you think decentralization is hard in existing Bitcoin, think how hard it will be to punt the problem up a layer – its just pushing the problem to someone else with unproven software.  Unfortunately, we need a solution to the blocksize today.  Holding Bitcoin back for these experimental technologies is a major mistake.

#5 We don’t have time for this

Finally, we just don’t have time for this.  A payment system that can only handle 300,000 transactions per day is not worth my time or anyone else’s.  I highly doubt Elon Musk would waste his time on such a pitifully minuscule system, and I doubt Larry Page, Steve Jobs, or Warren Buffet would either.

If we want to change the world, we need to think bigger.  Take the world’s largest transactional system and multiply it by a factor of 1000 – that’s what we need to focus on.  We don’t have time to waste on systems that can’t change the world.  Want to change it?  Do it now.  Otherwise, the true thought leaders of our next generation will ditch Bitcoin and make something that will.

Bitcoin fees, but lower

highfeesaheadBitcoin is already known for its low fees.  But this week at BitGo we proudly announced that if you use a BitGo wallet, Bitcoin transactions are even cheaper.

Typical fees prior to Summer, 2015 were usually between 0.0001 and 0.0005 BTC – roughly 2 and 10 cents.  Although Bitcoin has long used a variable pricing system, typical fees used to get your transactions picked up in the blockchain quickly – about 10 minutes.

But as transaction quantity grew this summer, users had to compete to get their transactions picked up quickly.  This meant that fee prices rose. Using too low of a fee wouldn’t necessarily prevent your transaction from going through, but it could make it take hours, days, or even weeks to be confirmed on the blockchain.  BitGo has the most optimized fee computation available, and it matters.

You might be thinking you don’t care -Bitcoin fees are still really cheap.  But BitGo customers do care, because our customers are sending a boatload of transactions every day.  (We recently announced that BitGo surpassed the $1B quarterly transaction volume level!).  If your transactions are late, or if you’re just sending a lot of transactions, it can really add up.

So if you’re a Bitcoin business – get on the BitGo platform.  It’s cheaper, faster, and more secure.