<<< trebuchet = siege


Friday, July 3, 2015 05:12 PM >>>

Bitcoin 102: Smart Contracts

Thursday,  07/02/15  01:22 PM

Some other things you wanted to know about Bitcoin, but possibly did not know you wanted to know ...  (this follows my now-infamous Bitcoin 101 post, read that first, if you dare :)


I had a little trouble* building Bitcoin Core, but finally emerged victorius with a working "full node".  Please check out this readme if you're interested in building one yourself...


Onward to a few comments about Smart Contracts...

<post type=informational>

Remember that time you discovered a poem you really liked had a totally different meaning when translated into French? And you were like, "whoa, who knew poems could even be translated"?


Well that's how I feel about blockchain transaction scripts. I thought Bitcoin and the blockchain was cool, but I had no idea how cool. There's another whole layer of amazingness here.

And I think ... this amazingness opens up some interesting business possibilities. Even better, I think relatively few people have investigated this deeply and hence this leads to some *unexplored* interesting business opportunities.


Allow me to digress for a minute, to talk about the epochs of Bitcoin (so far).

Epoch 0, the formative phase, was in the mid-2000s, when "Satoshi Nakamoto"* and a relatively few other academics had long and deep conversations about the potential value of digital currencies and how computational difficulty could be substituted for trust. Their motivations were political (libertarian, anti-government) and philosophical and technical; they did not appear to consider deeply the business implications of their work. During this phase Bitcoin was simply a term bandied about in emails and message boards, and was ignored by most of the 6B Earthlings.

* Satoshi was not his real name, and it appears likely "he" was actually a "they", and that they were English, not Japanese

This changed in November 2008, when Satoshi published the landmark Bitcoin paper, signaling Epoch 1, the implementation phase. In early 2009 Satoshi coded a reference client in C++, it was installed on six servers, and poof!, the Bitcoin network was born. The reference client (now called Bitcoin Core) implemented a "full node", a wallet, and a user interface, and was posted as open source (on SourceForge, but since moved to GitHub), enabling anyone anywhere to run a Bitcoin node. Due to the mechanism of mining, wherein operators of Bitcoin nodes are rewarded for doing so, everyone everywhere did so, and the network grew rapidly.

Criminals soon realized that Bitcoin provided an anonymous and untraceable way to exchange value, and the cryptocurrency was adopted for every kind of vice, from sex to drug dealing to arms merchandizing. This created demand for the currency, driving up its value. (The first Bitcoin transaction was 10,000 BTC for one pizza, but the value grew steadily thereafter :)

Meanwhile, the underlying technology of Bitcoin, the blockchain and the 2m+1 trust model and so on, began to attract serious academic and technical interest. The mechanism was verified theoretically even as it was being validated empirically in the real world by people with real money at stake. And Bitcoin began to creep onto the radar of businesspeople and investors.

That led to Epoch 2, the bubble, from early 2013 through late 2014, in which Bitcoin and the blockchain was celebrated as the solution to every problem everywhere, mostly by people who had limited understanding of what it was and less grasp of why it was interesting. The shark jump was probably the sensational and incorrect public identification of Satoshi Nakamoto by Newsweek Magazine. Meanwhile Andreesen Horowitz raised a blockchain investment fund of $BIG and tons of little startups spawned, and Chinese investors built gigantic Bitcoin mines. Which brings us to...

Today. Epoch 3, the reality, in which Bitcoin the currency is reasonably well established (the $1,000BTC bubble has burst, begatting $250BTC) and used by quite a few everyday people in addition to criminals, and not just for experimentation, and in which blockchain the technology is being explored for all kinds of business purposes.


So that was fun.

To understand the potential business value of Bitcoin transaction Scripts, we have to think about why they exist. Those idealistic theorists in Epoch 0 wanted it to be possible for *every* kind of business interaction to be enabled without a central authority, and especially without reference to any government. They were thinking wide and long term, and carefully built in a cool mechanism to enable arbitrary transaction structures. Immediate transfer of value from one party to another is the simplest case, and 99.99% of all Bitcoin transactions do just that. But far more complicated cases are inherently supported.

During Epoch 1 the proposed Script structure was documented and carefully implemented in Bitcoin Core. The current Script documentation shows that some of the more complicated cases have been deprecated (quoting: "Some of the more complicated opcodes are disabled out of concern that the client might have a bug in their implementation"), and there are documented bugs (Opcode CHECKMULTSIG: "Due to a bug, one extra unused value is removed from the stack."). The overall result is a stable definition of transaction logic supported across the entire network.

As businesspeople began looking at Bitcoin blockchain and Epoch 2 inflated, the phrase "smart contracts" began appearing in value propositions. I'm convinced most of the time it was simply parroted around, because there are very few explanations of what this means, not even incorrect ones. (The Bitcoin wiki has a good explanation, but it’s a bit technical and easily skipped*.) Most of the businesses created during the Bitcoin frenzy ignored transaction logic; they focused on Bitcoin as a ledger, Bitcoin as a currency, Bitcoin mining, and second-order opportunities like blockchain infrastructure and mining hardware.

* On my first pass I looked at it, said “hmmm”, and moved on…

Now that we're in the reality phase, we should examine the purported "smart contracts" value proposition in more detail. What does this really mean?

Consider the general case of a contract, a business agreement between multiple parties in which there is value exchanged. Each party agrees to input certain value in order to get specified other value as output, based upon certain conditions. Either all the parties trust each other, based upon experience or reputation, or a mutually trusted additional party is used to conduct an escrow, during which the various conditions are verified. The idea of "smart contracts" is that a complicated series of conditions can be evaluated without trust or any additional party.

The Bitcoin transaction script mechanism enables each party to contribute value as input, verified via the public key / signature mechanism, and arbitrary combinations of conditions to be evaluated, specified via additional public key / signatures. The existence or absence of each condition can be verified separately. When all the conditions are met in the specified combinations, all the outputs are authorized to the specified Bitcoin addresses. The mechanism provides for a two phase execution, similar to an escrow, in which the first phase defines the contract, and the second phase executes the contract, with the phases separated in time. There can be more than two phases, as with progress payments or periodic satisfaction of conditions. The minimum and maximum time elapsed between phases can be specified, as well as the time intervals required for each condition to be evaluated.

Examples of smart contracts include:

  • An escrow for purchase of an asset, by one or more parties from one or more other parties, with verification of certain conditions
  • A loan, in which one or more parties are lent value by one or more other parties, with or without collateral, with payments to be made at defined intervals
  • A service contract, in which parties agree upon compensation for services rendered over time, in which value is released as services are provided
  • An exchange of value, such as a purchase of an asset, in which the amount of value is contingent upon conditions which are evaluated over time

To nail the point home, let me expand on the first example. Suppose you are buying a house. You’ve agreed upon a price. Now you want to execute a contract to buy the house. You open escrow, make a down payment, and a number of contingencies are identified – you need a title search*, house inspection, earthquake review, loan qualification**, etc. The disbursements of funds are identified, payment to the seller, commission to the agents, fees to various vendors, etc. When all the contingencies have been met, and after a predefined time interval, the transaction is executed; the funds are disbursed, you receive a refund of the amount left, and title is transferred to you. How could all this be done with a Smart Contact in the blockchain?

  1. The contract is defined and recorded as a transaction.
    a.  As part of this transaction, you make a down payment.
    b.  The contract identifies all the contingencies.
    c.  The contract identifies the amount to be paid to the seller.
  2. Each party responsible for evaluating a contingency executes a transaction which updates the contact. For example, the home inspector performs the inspection, and executes a transaction which signifies the house has passed inspection, and charges their fee. The lender approves the loan, and executes a transaction which records that the loan is approved, and charges their fee. Etc.
  3. As a special case*, the title agency performs the title search, verifies ownership, and executes a transaction to say so, charging their fee. This is a special case because they are responsible for transferring title when the transaction is completed, which is [for the time being] an offline operation involving the government.
  4. When all the contingencies have been met, execution of the contract is triggered, and the funds are disbursed to the respective parties. The seller is paid, the various vendors receive their fees, and you receive the residual amount. The title agent records the title in your name (including a lien for the lender**), and you own the property.

* Of course, this would be even cooler if title were recorded in the blockchain, but that’s not necessary for this scenario to work

** Of course, this would be even cooler if the loan were recorded and serviced in the blockchain, but that’s not necessary for this scenario to work

Now that we have a preliminary grasp of Smart Contracts (we have translated the poem we like), where is the potential business value (what does it mean in French)?

It can be seen that translation of desired business terms into corresponding Bitcoin transaction logic is complicated. Consider a business which exists to help individuals and other businesses craft Smart Contracts, in exchange for a fee. Such a business would have the same relationship to Smart Contracts as outside lawyers have to ordinary contracts. The Smart Contract Consultants (SCC, your [better] name here) would create, verify, evaluate, and contest Smart Contracts on behalf of the parties. SCC would become expert in the creation of such contracts, and could carve out a significant niche in the blockchain value chain (p.i.).

I have a bunch of follow-on thoughts to this, presently half-baked, and this is already a longish post, so let me stop the business thinking here and continue separately in future.


Let me close with a couple of technical observations.

First, the genius of the Bitcoin transaction Script mechanism is that it is an explicit part of the blockchain. As noted previously, anyone can embed anything in the blockchain, including entire contracts or hashes of externally stored contracts. That would give integrity to the *existence* of a contract, but not to the enforcement of the terms of the contract. By including the transaction terms in the transaction logic, the entire Bitcoin network cooperatively enforces the contact.

Second, I feel the weakest part of the transaction Script mechanism is the treatment of time. Each transaction in a multi-phase contract is fixed in time, embedded in the blockchain. At time A, when transaction TA is executed, the most it can say about time B when transaction TB is executed is that it must occur within a certain time period. It feels like conditional time should be possible, with more flexibility. Perhaps after more study I'll conclude the mechanism is actually more powerful than I thought. But additionally, this constraint opens the door to more need for SCC, to correctly structure the transaction sequence within this limitation.


Bitcoin is cool, but the blockchain is really cool...