Crypto crimes and the risk of anonymity

I have written before that governments will never allow anonymous digital currencies and my comments attracted a certain amount of controversy. And I understand why. But to those who say that uncensorable, untraceable digital cash would be a shield against dictators, a force for the oppressed and a boon to free man everywhere… I say be careful what you wish for. The issue of anonymity in payments is complex and crucial and it deserves informed calm strategic thinking because digital currency touches on so many aspects of society.

One obvious and important aspect is crime. Would digital currency change crime? If I hire thugs to lure a cryptobaron to a hotel room and then beat him up to get $1m in bitcoins from him (as actually happened in Japan), is that a crypto-crime or just boring old extortion? If I use Craigslist to lure a HODLer to a street corner and then pull a gun on him and force him to transfer his bitcoins to me (as actually happened in New York), is that a crypto-crime or just boring old mugging? If I get hold of someone’s login details and transfer their cryptocurrency to myself (as has just happened in Springfield), is that a crypto-crime or just boring old fraud? If I kidnap the CEO of a cryptocurrency exchange and then release him after the payment of a $1 million bitcoin ransom is that, as the Ukrainian interior minister said at the time “bitcoin kidnapping” or just boring old extortion?

Holmes

Cash or charge? (CC-BY-ND 4.0)
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)

 These are just crimes, surely? And not very good ones at that, because they are recorded in perpetuity on an immutable public ledger. Personally, if I were to kidnap a cryptocurrency exchange CEO I would ask for the ransom to be paid in some more privacy-protecting cryptocurrency, because as I explained in the FT some years ago, Bitcoin is not a very good choice for this sort of cyber-criminality. It’s just not anonymous enough for really decent crimes or the darkest darknets. Hence my scepticism about claims that Bitcoin’s long term value will be determined by it’s use for crime.

Untraceable

But what if there were an actually untraceable cryptocurrency out there and it wasn’t up to governments to allow it or not? Would an aspiring cryptocriminal mastermind be able to use it for something more innovative than the physically-demanding felony of kidnapping? I’m sure the Mafia would be delighted to have anonymous digital cash to zip around the world, but what would they use it for? Might they come up with some dastardly enterprise that is not a virtual shadow of a crime that has been around since year zero, but a wholly new crime for the virtual world? What if they could find one with the potential to take over from drug dealing (currently approximately 40% of organised crime revenues) as the best option for the criminal entrepreneur?

Ransomware is one interesting candidate. It is certainly a major problem. Criminals seize control of organisations’ computer networks, encrypting their data and demanding payment to deliver the decryption keys. Companies paralyzed by the attacks paid hackers an average of more than $300K in 2020 (triple the average of the year before). A cyber security survey last year revealed that more than two-thirds of organisations in the United States had experienced a ransomware attack and had paid a ransom as a result! That’s a pretty decent business for criminals and it certainly was a driver for Bitcoin, although ransomware operators have been moving away from it for some time.

(Once again demonstrating the impending explicit pricing of privacy, the Sodinokibi payment website last year began charging 10% more for Bitcoin ransoms compared to the more private Monero cryptocurrency.)

On the whole, given the basic nature of most organisation’s cyber-defences (more than half of all ransomware attacks stem from spam e-mails), one might expect the ransomware rewards to continue to grow. Apart from anything else, the ransomware raiders are reinvesting their profits in increasingly efficient operations, making for even bigger and bolder attacks.

Assasinate and Win

So, ransomware. But what about a more sinister candidate for large-scale criminality though? Is it time for the “assassination market”? It’s not a new idea. A few years ago, Andy Greenberg wrote a great piece about this here on Forbes. He was exploring the specific case of “Kuwabatake Sanjuro” who had set up a Bitcoin-powered market for political assassinations, but in general an assassination market is a form prediction market where any party can place a bet on the date of death of a given individual, and collect a payoff if they “guess” the date accurately. This would incentivise the assassination of individuals because the assassin, knowing when the action would take place, could profit by making an accurate bet on the time of the subject’s death.

This idea originated, to the best of my knowledge, with Jim Bell. Way back in 1995 he set it out in an essay on “assassination politics“. I suppose it was inevitable that advent of digital cash would stimulate thought experiments in this area and it was interesting to me then (and now) because it showed the potential for innovation around digital money even in the field of criminality.

Here’s how the market works and why the incentive works, as I explained in my book “Before Babylon, Beyond Bitcoin“. Someone runs a public book on the anticipated death dates of public figures. If I hate some tech CEO (for example), I place a bet on when they will die. When the CEO dies, whoever had the closest guess to their date and time of death wins all of the money staked, less a cut for the house. Let’s say I bet $5 (using anonymous digital cash through the TOR network) that a specific tech CEO is going to die at 9am on April Fool’s Day 2022. Other people hate this person too and they put down bets as well. The more hated the person is, the more bets there will be.

April Fool’s Day 2020 comes around. There’s now ten million dollars staked on this particularly CEO dying at 9am. I pay a hit man five million dollars to murder the CEO. Hurrah! I’ve won the bet, so I get the ten million dollars sent to me in anonymous digital cash and give half to the hit man. No-one can pin the crime on me because I paid the hitman in untraceable anonymous digital cash as well.

I’m just the lucky winner of the lottery.

But better than that is that if I can get enough bets put on someone, then I don’t even have to take the risk of hiring the hitman. If I use some anonymous bots or friendly tolls to coordinate a social media campaign to get a million people to put a $5 bet on the date of the tech CEOs death, then some enterprising hit man will make their own bet and kill them. If the general public had bet five million bucks on 31st March and some enterprising cryptopsycho had murdered the CEO themselves the day before, then it would only have cost me a $5, and I would have regarded that as $5 well spent, as would (presumably) everyone else who bet $5!

(This is an edited version of an article first published on Forbes, 14th April 2021.)

Separating the sheepcoins from the goatcoins

Some people mine Bitcoin for profits but some some people mine it for politics. The operator of a Bitcoin mining pool (a group of miners who work together to share the profits) quoted in CoinDesk recently said that some are investing not to convert electricity into cash but for other reasons “such as to avoid capital controls or avoid sanctions”. Indeed. And this has some serious implications. The Foundation for Defense of Democracies (FDD), a Washington think tank, summarised the emerging situation rather well in their position paper “Crypto Rogues“. They noted that “blockchain technology may be the innovation that enables U.S. adversaries for the first time to operate entire economies outside the U.S.-led financial system”. Now, while this may be technically slightly inaccurate (there are ways to create anonymous transactions without a blockchain and, indeed, the Swiss central bank has just published a working paper describing how to do so) it again flags up that the widespread availability of decentralised financial services threatens to bypass the existing infrastructure.

Iran provides an obvious example. They have every incentive to want to try new approaches to skirt the long arm of American law. The country already published a new set of regulations designed to funnel Bitcoin mined by Iranians to the state so that the country can use them to pay for imports. When the Iranian regime, for example, set up a venture to explore Bitcoin payments with a Swedish startup, the Swedish banks refused it a bank account because they themselves did not want to become subject to secondary sanctions. As America’s Treasury Secretary Mnuchin said at the time (talking about Iran), “If you want to participate in the dollar system you abide by US sanctions”.

On the other side of the world, North Korea has been developing a digital currency of its own. According to Alejandro Cao de Benós, President of the Korean Friendship Association, the Democratic People’s Republic of Korea intends to go down the Facebook route by creating an asset-backed digital currency rather than a digital fiat currency and then use some sort of blockchain with “Ethereum-style smart contracts” to do business and avoid sanctions. The regime sees this as a way to enforce deals it makes with foreign counterparties by developing a “token based on something with physical value” (eg, gold) in order to create a stable mechanism for payments in international trade between the regime and “other companies/individuals” (although it will not be available to individuals in the DPRK, who will be stuck with the Korean Won).

Across the Pacific in Venezuela, a country often mentioned by Bitcoin enthusiasts as a living case study of the benefits of decentralised cryptocurrency in the fight against tyranny, we find more mining going on: a video posted on Instagram by the 61st Battalion of the 6th Corps of Engineers of the Venezuelan Army shows military buildings converted into giant cryptocurrency mining centres and a warehouse that appears to be full of specialist Bitcoin mining equipment is labelled the “Center for the Production of Digital Assets”.

(I noted with interest that they do not appear to be mining “The Petro”, the digital currency of the revolution which according to the Bolivarian Council of Mayors’ recent “National Tax Harmonization Agreement” may soon be required for the payment of taxes.)

What… Whatible?

It seems to me that Bitcoin is a pretty poor choice for sanction-busting shenanigans though. Not only is the record of transactions public, but the Bitcoin value is not fungible. This matters. Remember that 2014 IRS Ruling about Bitcoins being a commodity, so that traders would have to track the buying and selling price of each individual Bitcoin in order to assess their tax liability? No? Here’s a reminder : “the real lesson from the IRS Bitcoin ruling is that for a currency-or any payment system-to work, its units must be completely fungible”.

Fungible (from the Latin “to enjoy” via Medieval Latin phrases such as “fungi vice”, meaning “to take the place of”) is one of my favourite adjectives. It means that all tokens are the same and can be substituted one for another. You owe me a quarter. It doesn’t matter _which_ quarter that you give me. Any will do. Any quarter can substitute for any other quarter because they are all the same. The same is true of the Pounds in my bank account, but it isn’t true of bitcoins. They are all different and their history can be tracked through the blockchain which is, as we are often reminded, and immutable public record of all transactions.

As my good friend Marc Hochstein observed about this some time ago, blockchain’s openness could turn out to be a bug for law-abiding citizens. Click To Tweet

The lack of fungibility has major implications for criminals, but also for the rest of us.  In England, the High Court (in the decision of AA v Persons Unknown & Ors, Re Bitcoin [2019]) has already ruled that crypto assets such as bitcoins are a form of property capable of being the subject of injunction. You can see what is going to happen: cryptographic exchanges will be required to identity who owns stolen coins and the owner will then be the subject of legal action to recover them. This owner might be entirely innocent about the origin of the coins and will say that they didn’t know that the bitcoins they bought are the proceeds of a ransonware attack and may ask to the keep them. But, J.P. Koning points out, that’s not how property law works. Even if you accidentally come into possession of stolen property then a judge can still force you to give it back to the rightful owner.

Launderette

You can own these cartoons!
NFTs available from the artist Helen Holmes from at
TheOfficeMuse (CC-BY-ND 4.0)

The UK has been experimenting with the “Unexplained Wealth Order” as a way to combat crime and corruption through the traditional money and finance system, but how would this translate to the world of cryptocurrency? Well, perhaps it doesn’t need to. In the world of Bitcoin, smart criminals may well try to use “mixers” or “tumblrs” that jumble together bitcoins to obfuscate their origin but I don’t think this will help in the long run. Apart from anything else, future consumers might want to know the provenance of their money, an idea explored by the artist Nitipak Samsen a decade ago in the Future of Money Design Awards. Check out the brilliant video he made here.

Have you ever wondered where the money in your pocket had come from? Who was the previous owner? Who was the owner before that? Might it be a famous celebrity?… Smart banknotes work by presenting a readable history of ownership on the note itself, an innovation designed to prevent money laundering

This might work in some interesting ways. People might pay a premium for coins that have an interesting past! Maybe coins that were used by a celebrity to buy drugs or were used to bribe a politician, coins that belonged to a murderer, that kind of thing, might be worth more than coins that belonged to boring people like me.

Clean Money

In the mundane world of dollar, dollar bills we have the concept of “money laundering” to describe what happens when dirty money is mixed with clean money (surely every one of us has touched banknotes that have been involved in some criminal activity!). But this doesn’t work for bitcoins. The “tainted” money stays tainted. Ross Anderson, Ilia Shumailov and Mansoor Ahmed from the Cambridge University Computer Laboratory wrote a terrific paper on this theme a couple of years ago. In “Making Bitcoin Legal” they pose some interesting questions about what to do with tainted cryptocurrency asking, for example, “If an identified customer says ‘Hi, what will you give me for UTXO x?’ and the exchange replies, ‘Sorry, 22% of that was stolen in a robbery last Tuesday, so we’ll only give you 78%’ does the customer then have to turn over the crime proceeds?”. Their idea of a public “taintchain” is an interesting way forward.  This would be a mechanism to make stolen coins visible, in which case they might display a futuristic Gresham’s Law dynamic as good coins drive out bad ones!

Whether by taintchain or some other mechanism, it’s actually pretty each to track dirty bitcoins. You can see where this might lead: if law enforcement agencies go to the biggest miners in the world and tell them that if they continue to confirm easily identifiable mixing transaction outputs, they will be accused of money laundering? This is not difficult to imagine, which suggests to me that Bitcoin’s lack of fungibility has far-reaching implications.

These implications have not gone unnoticed in the United States. Two of the largest Bitcoin mining companies there, Marathon Patent Inc. and DMG Blockchain Solutions Inc. (which together account for about a one-twelfth the power of the Bitcoin networks), recently joined forces to create the Digital Currency Miners of North America (DCMNA). This not-for-profit trade association has come up with pretty interesting idea: their miners will only process transactions that comply with American laws, thus extending the benevolent embrace of the U.S. Government into cryptocurrency. The idea (known as “clean mining“) is that instead of selecting transactions on the basis of which ones will bring the biggest fees, they will mine transactions based on the wallets that they come from.

Along the same lines, the “celebrity investor” (as described by CNBC) Kevin O’Leary announced that he will only buy bitcoins mined sustainably in countries that use clean energy. What’s more, he also said that he will not buy “blood coin” mined in China. Mr. O’Leary was quoted as saying that he sees “two kinds of coin”, which reinforces the point about fungibility and money and suggests to me, at least, that we could well see a strange and interesting twist in the world of cryptocurrency that has no analog in the analogue world of notes and coins: black and white money, or clean and dirty money, or light and dark money (an idea that goes back to the earliest days of cryptocurrency) in which some bitcoins will be worth more than others! Maybe a year or two from now, exchanges will be quoted two BTC-USD pairs: clean BTC at $100,000 and dirty BTC at $75,000. This doesn’t happen for GBP-USD or JPY-GBP, which confirms my feeling that whatever Bitcoin is, it isn’t currency.

[An edited version of this article first appeared on Forbes, 28th February 2021.]

Bitcoins stay dirty, no matter how much you launder them

Some people mine Bitcoin for profits but some some people mine it for politics. The operator of a Bitcoin mining pool (a group of miners who work together to share the profits) quoted in CoinDesk recently says that some are investing not to convert electricity into cash but for other reasons “such as to avoid capital controls or avoid sanctions”. Indeed. And this has some serious implications. The Foundation for Defense of Democracies (FDD), a Washington think tank, summarised the emerging situation rather well in their position paper “Crypto Rogues“. They noted that “blockchain technology may be the innovation that enables U.S. adversaries for the first time to operate entire economies outside the U.S.-led financial system”. Now, while this may be technically slightly inaccurate (there are ways to create anonymous transactions without a blockchain and, indeed, the Swiss central bank has just published a working paper describing how to do so) it again flags up that the widespread availability of decentralised financial services threatens to bypass the existing infrastructure.

Iran provides an obvious example. They have every incentive to want to try new approaches to skirt the long arm of American law. The country already published a new set of regulations designed to funnel Bitcoin mined by Iranians to the state so that the country can use them to pay for imports. When the Iranian regime, for example, set up a venture to explore Bitcoin payments with a Swedish startup, the Swedish banks refused it a bank account because they themselves did not want to become subject to secondary sanctions. As America’s Treasury Secretary Mnuchin said at the time (talking about Iran), “If you want to participate in the dollar system you abide by US sanctions”.

On the other side of the world, North Korea has been developing a digital currency of its own. According to Alejandro Cao de Benós, President of the Korean Friendship Association, the Democratic People’s Republic of Korea intends to go down the Facebook route by creating an asset-backed digital currency rather than a digital fiat currency and then use some sort of blockchain with “Ethereum-style smart contracts” to do business and avoid sanctions. The regime sees this as a way to enforce deals it makes with foreign counterparties by developing a “token based on something with physical value” (eg, gold) in order to create a stable mechanism for payments in international trade between the regime and “other companies/individuals” (although it will not be available to individuals in the DPRK, who will be stuck with the Korean Won).

Across the Pacific in Venezuela, a country often mentioned by Bitcoin enthusiasts as a living case study of the benefits of decentralised cryptocurrency in the fight against tyranny, we find more mining going on: a video posted on Instagram by the 61st Battalion of the 6th Corps of Engineers of the Venezuelan Army shows military buildings converted into giant cryptocurrency mining centres and a warehouse that appears to be full of specialist Bitcoin mining equipment is labelled the “Center for the Production of Digital Assets”.

(I noted with interest that they do not appear to be mining “The Petro”, the digital currency of the revolution which according to the Bolivarian Council of Mayors’ recent “National Tax Harmonization Agreement” may soon be required for the payment of taxes.)

What… Whatible?

It seems to me that Bitcoin is a pretty poor choice for sanction-busting shenanigans though. Not only is the record of transactions public, but the Bitcoin value is not fungible. This matters. Remember that 2014 IRS Ruling about Bitcoins being a commodity, so that traders would have to track the buying and selling price of each individual Bitcoin in order to assess their tax liability? No? Here’s a reminder : “the real lesson from the IRS Bitcoin ruling is that for a currency-or any payment system-to work, its units must be completely fungible”.

Fungible (from the Latin “to enjoy” via Medieval Latin phrases such as “fungi vice”, meaning “to take the place of”) is one of my favourite adjectives. It means that all tokens are the same and can be substituted one for another. You owe me a quarter. It doesn’t matter _which_ quarter that you give me. Any will do. Any quarter can substitute for any other quarter because they are all the same. The same is true of the Pounds in my bank account, but it isn’t true of bitcoins. They are all different and their history can be tracked through the blockchain which is, as we are often reminded, and immutable public record of all transactions. 

The lack of fungibility has major implications for criminals, but also for the rest of us. As my good friend Marc Hochstein observed about this some time ago, blockchain’s openness could turn out to be a bug for law-abiding citizens. In England, the High Court (in the decision of AA v Persons Unknown & Ors, Re Bitcoin [2019]) has already ruled that crypto assets such as bitcoins are a form of property capable of being the subject of injunction. You can see what is going to happen: cryptographic exchanges will be required to identity who owns stolen coins and the owner will then be the subject of legal action to recover them. This owner might be entirely innocent about the origin of the coins and will say that they didn’t know that the bitcoins they bought are the proceeds of a ransonware attack and may ask to the keep them. But, J.P. Koning points out, that’s not how property law works. Even if you accidentally come into possession of stolen property then a judge can still force you to give it back to the rightful owner.

Launderette

with kind permission of TheOfficeMuse (CC-BY-ND 4.0)

The UK has been experimenting with the “Unexplained Wealth Order” as a way to combat crime and corruption through the traditional money and finance system, but how would this translate to the world of cryptocurrency? Well, perhaps it doesn’t need to. In the world of Bitcoin, smart criminals may well try to use “mixers” or “tumblrs” that jumble together bitcoins to obfuscate their origin but I don’t think this will help in the long run. Apart from anything else, future consumers might want to know the provenance of their money, an idea explored by the artist Nitipak Samsen a decade ago in the Future of Money Design Awards. Check out the brilliant video he made here.

Have you ever wondered where the money in your pocket had come from? Who was the previous owner? Who was the owner before that? Might it be a famous celebrity?… Smart banknotes work by presenting a readable history of ownership on the note itself, an innovation designed to prevent money laundering

This might work in some interesting ways. People might pay a premium for coins that have an interesting past! Maybe coins that were used by a celebrity to buy drugs or were used to bribe a politician, coins that belonged to a murderer, that kind of thing, might be worth more than coins that belonged to boring people like me.

Clean Money

In the mundane world of dollar, dollar bills we have the concept of “money laundering” to describe what happens when dirty money is mixed with clean money (surely every one of us has touched banknotes that have been involved in some criminal activity!). But this doesn’t work for bitcoins. The “tainted” money stays tainted. Ross Anderson, Ilia Shumailov and Mansoor Ahmed from the Cambridge University Computer Laboratory wrote a terrific paper on this theme a couple of years ago. In “Making Bitcoin Legal” they pose some interesting questions about what to do with tainted cryptocurrency asking, for example, “If an identified customer says ‘Hi, what will you give me for UTXO x?’ and the exchange replies, ‘Sorry, 22% of that was stolen in a robbery last Tuesday, so we’ll only give you 78%’ does the customer then have to turn over the crime proceeds?”. Their idea of a public “taintchain” is an interesting way forward.  This would be a mechanism to make stolen coins visible, in which case they might display a futuristic Gresham’s Law dynamic as good coins drive out bad ones!

Whether by taintchain or some other mechanism, it’s actually pretty each to track dirty bitcoins. You can see where this might lead: if law enforcement agencies go to the biggest miners in the world and tell them that if they continue to confirm easily identifiable mixing transaction outputs, they will be accused of money laundering? This is not difficult to imagine, which suggests to me that Bitcoin’s lack of fungibility has far-reaching implications.

These implications have not gone unnoticed in the United States. Two of the largest Bitcoin mining companies there, Marathon Patent Inc. and DMG Blockchain Solutions Inc. (which together account for about a one-twelfth the power of the Bitcoin networks), recently joined forces to create the Digital Currency Miners of North America (DCMNA). This not-for-profit trade association has come up with pretty interesting idea: their miners will only process transactions that comply with American laws, thus extending the benevolent embrace of the U.S. Government into cryptocurrency. The idea (known as “clean mining“) is that instead of selecting transactions on the basis of which ones will bring the biggest fees, they will mine transactions based on the wallets that they come from.

We could well see a strange and interesting twist in the world of cryptocurrency that has no analog in the analogue world of notes and coins: black and white money, or clean and dirty money, or light and dark money (an idea that goes back to the earliest days of cryptocurrency) in which some bitcoins will be worth more than others! Maybe a year or two from now, exchanges will be quoted two BTC-USD pairs: clean BTC at $100,000 and dirty BTC at $75,000. This doesn’t happen for GBP-USD or JPY-GBP, which confirms my feeling that whatever Bitcoin is, it isn’t currency.

[An edited version of this article first appeared on Forbes, 28th February 2021.]

Legal and illegal tender

China is home to not one but two fascinating experiments in what people have taken to calling “stablecoins”. One of them is the public electronic cash system run by the People’s Bank of China (PBOC), known as the Digital Currency/Electronic Payment (DC/EP) or the digital Yuan. The other is the private electronic cash system run by Hong Kong-based Tether Limited, the cryptocurrency stablecoin known as the Tether. The main use case for the former is currently retail purchases whereas the main use of the latter appears to be market manipulation and money-laundering.

We can learn a lot from studying the dynamics of these to help us to understand how the world of digital currency might develop and whether cryptocurrency might one day become legal tender.

Let’s have a look at illegal tender first. In 2019, USDT surpassed Bitcoin as the most-traded cryptocurrency on the market by volume. This is not, as you might imagine, because consumers prefer to USDT to Visa for ordering a taxi to take mother to church on a Sunday. As reported by Nikkei Asia, USDT is widely used in money laundering, gambling and other illegal activities. China’s Ministry of Public Security has reported that in the first nine months of 2020, police cracked down on 1,700 online gambling platforms and 1,400 underground banks involving more than $153 billion in illegal transactions. Now, not all of this was in Tether, of course. But the number did catch my eye, because I am always interested in use cases for cryptocurrency other the speculation.

Illegaltender

with kind permission of TheOfficeMuse (CC-BY-ND 4.0)

Now on to legal tender. Suzhou has long been spearheading trials of DC/EP and in a recent experiment the local municipal government gave away 100,000 digital “red packets”, each containing RMB 200 (around $30) in a lottery, to encourage resident and retailers to try out the electronic cash for themselves. The South China Morning Post reports on the roll-out of the digital Yuan with the example of “shopkeeper Ma” who said that he found the digital currency to be a convenient way to receive and make payments. Not that it matters whether he finds it convenient or not, to be fair, because according to an “operational guidance” document given to the retailers in the pilot programme, they are allowed to decline payment in Alipay or WeChat Pay, but they “cannot decline payment in e-yuan”.

You can see the trajectory. The PBOC published a revised draft of the People’s Bank of China Law in October, laying out the legal foundations for the e-Yuan. The law, in essence, already says that the e-Yuan has the same legal status as the Yuan. Indeed, last year the PBoC issued a formal notice clarifying that cash is legal tender in China and that refusing it is illegal. More recently, it has called for wider acceptance of cash in economic activities and “vowed to punish” those who refuse to accept cash payments. So in China, both the Yuan and e-Yuan will be legal tender and retailers will have to accept both.

Legal Tender

I remember a story about a schoolboy who was refused access to a bus in Wales for trying to pay with a Scottish banknote. The bus company was pressured and apologised, saying that “Scottish currency is legal tender”. Actually, it isn’t. Scottish banknotes are not legal tender in England or, for that matter, Wales any more than Bitcoins or e-Yuan are. Only Bank of England banknotes are legal tender in England and Wales. But there are Sterling banknotes printed by banks in Scotland and in Northern Ireland that are not. Scottish banknotes are not legal tender anywhere, even in Scotland. In fact, Bank of England banknotes are not legal tender in Scotland either, because Scotland has a separate legal system to England and has no legal tender law at all.

This quaint monetary arrangement might seem odd to Americans, but it helps me to make a point. In America as in Britain, legal tender does not mean what you think it means. wrote about this in some detail after someone on Twitter told me that Bitcoin was legal tender in Germany. It isn’t, of course. In fact, Bitcoin isn’t legal tender anywhere and it never will be any more than British Airways frequent flier miles will be (and I’ve bought more cups of coffee with British Airways frequent flier miles than I’ve ever bought with Bitcoin).

Let’s dive in!

Section 31 U.S.C. 5103 on “Legal tender” states that “United States coins and currency [including Federal reserve notes and circulating notes of Federal reserve banks and national banks] are legal tender for all debts, public charges, taxes, and dues”. Here is chapter and verse from The Fed commenting on what that means: “This statute means that all United States money as identified above is a valid and legal offer of payment for debts when tendered to a creditor. There is, however, no Federal statute mandating that a private business, a person, or an organization must accept currency or coins as payment for goods or services. Private businesses are free to develop their own policies on whether to accept cash unless there is a state law which says otherwise”.

So… would a U.S. central bank digital currency (e$, for short) might become legal tender in the future. Here, I think the answer is unequivocal: yes, and in unlimited amounts, because there is no credit risk attached. I predict that a transfer of e$ will be considered legal tender all debts, public charges, taxes and dues. In time, Section 31 U.S.C. 5013 will undoubtedly be extended to say so.

But so what if a digital dollar become legal tender? The physical dollar is legal tender in the U.S. right now and plenty of retailers won't take it. Click To Tweet

There is no federal law that forces people to accept dollars as it is, which is why you see municipalities passing local ordinances to force retailers to accept cash. (These ordinances are, by the way, a bad idea but that’s a story for another day.)

Would the U.S. amend legal tender law to go as far as China and force merchants to accept a CBDC? I doubt it. Would the Fed declare any digital currency that meets regulatory approval to be legal tender and retailers will have to accept both physical dollars and digital dollars? It seems unlikely. Would the US accept CBDC for the payment of tax? Actually, that day might not be so far away, as far I as am concerned what is or isn’t accepted for the payment of taxes is a much better measure of what is or isn’t a currency than outdated concepts of legal tender!

[An edited version of this post appeared on Forbes, 4th January 2020.]

Crime and cryptocurrency, frauds and fungibility

The recent devastating ransomware attack on Travelex has once again raised the issue of cryptocurrencies, or more specifically Bitcoin, being used for criminal purposes. At the time of writing, my bank (Barclays) as well as other high-street banks including HSBC, Virgin and Tesco Bank, all of whom rely on Travelex for foreign exchange services, are still unable to offer online exchange services or process orders for foreign currency. The company was infected with a “ransomware” virus that encrypted its data — Travelex left critical security weaknesses in the Pulse Secure virtual private network (VPN) servers unpatched for eight months — and the attackers demanded a $6m payment in Bitcoin to decrypt the data.

(Travelex has not disclosed whether it has paid the ransom.)

The scale of the damage here may have been unusual, but the attacks are not. Every single day there is another such story in the media. And while none of us may care that much if financial institutions do not implement appropriate security and have money stolen, there are attacks on hospitals and public services all of the time as well. Perhaps we ought to consider following the lead of Finland. Back in November 2019 more than 200 Finnish municipalities and public organisations had a “war game” co-ordinated by The Population Register Centre to practice their response to possible cyberattacks. I am not an expert, but I imagine that one of the things they learned was to make sure that the IT people install security patches on their computers and to make sure they have backups of their data, but I digress.

Back to the issue of ransoms. Ransomware wouldn’t be much good if the attacker could only be paid by cheques or bank transfers. This is why ransomware and cryptocurrency are a package, although ransomware datanappers are not the only criminal users of the new digital dosh. According to the Daily Mail, the police have seen an “explosion in the use of digital currency by criminals who are strolling into cafes, newsagents and corner shops to dump their ill-gotten gains in virtual currency ATMs”.

Well, let’s not panic. If you look at the actual Bitcoin transactions going on out there in cyberspace, you’ll have to admit that even crime isn’t proving the vehicle for mass market adoption that the more hysterical parts of the media might have made you think. Frankly, if the demand for Bitcoin were all about crime (and not speculation) then it would actually be worth far less than it is today. There just isn’t enough crime. Calculations based on the use of Bitcoin in this sector of the economy put its value at something like one-twentieth of the current price.

Now, I have to say that I think that these kinds of calculations are highly spurious.

First of all, such calculations are often based the value of the global market in illegal drugs. Now, while no-one can be sure of the exact size, this is undoubtedly a vast market. But it is a market that is conducted almost entirely in cash. Were these transactions to be converted to digital money, the sums involved are so vast that it would be almost impossible to create to an AI machine-learning transaction monitoring services to ignore them.

Secondly, I have yet to see any evidence that criminals are adopting Bitcoin at scale for anything else. And the reason for this is obvious: it’s not anonymous enough. Wallet addresses are pseudonyms, and once any of these pseudonyms has been linked to a mundane identity in anyway, the identities can be connected, monitored, tracked and traced. While people often refer to bitcoin as anonymous, it really isn’t. 

Why Bitcoin?

It can be made anonymous, though, right? In the world of bitcoin, smart criminals will use “mixers” or “tumblrs” that jumble together Bitcoins to obfuscate their origin. Well, whatever. If Bitcoin were to be widely used in serious criminal enterprises then the authorities would step in. What if law enforcement agencies go to the biggest miners in the world and tell them that if they continue to confirm easily identifiable mixing transactions, they will be accused of money laundering? As I write, 49% of all of the Bitcoin “power” is in the hands of five Chinese mining pools, so this is not difficult to imagine. Bitcoin’s fungibility means that it has little long-term prospect for criminal enterprise.

Wait! Whatibility?

Fungibility.

Whatever Bitcoin is, it isn’t cash for the inescapable reason that cash is fungible. This matters. Remember that IRS Ruling about Bitcoins being a commodity, so that traders would have to track the buying and selling price of each individual Bitcoin in order to assess their tax liability? No? Here’s a reminder from [CreditSlips]: “For a payments geek, the real lesson from the IRS Bitcoin ruling is that for a currency–or any payment system–to work, its units must be completely fungible”.

Fungible (from the Latin “to enjoy”) is a great word. One of my favourites, in fact. In this context, money, it means that all tokens are the same and can be substituted one for another. You owe me a pound. It doesn’t matter _which_ pound coin that you give me. Any will do. Any pound coin can substitute for any other pound coin because they are all the same: no-one can distinguish one pound coin from another. This isn’t true of Bitcoins. They are all different. and because they are all different, their history can be tracked through the blockchain, its immutable public record of all transactions.

The existence of the blockchain means that clever analysts can set their bots scampering along the chain of transactions to find out where money is coming from and where it is going. While Bitcoin has a media image of secrecy, it has long been understood that blockchain analysis means that it could be surprisingly easy for a law enforcement agency to identify many users of the currency [MIT Technology Review]. So you can what is actually going on at all time. If you want to get a picture of Bitcoin’s role as the currency of crime, a good place to start is the Chainalysis report on “The 2020 State of Crypto Crime”. Chainalysis, founded by Jonathan Levin, have sophisticated tools for cyber currency transaction monitoring and are used by the FBI and such like to track down miscreant moolah.

Bitcoin isn’t fungible (unlike the £50 notes so helpfully provided to the criminal fraternity by – yes, couldn’t make this up and I will call the Daily Mail in the morning – it’s only the Bank of England wouldn’t you know it) which means that the money can be traced from wallet to wallet and that should make it easier for these detectives to get a handle on where the ill-gotten gains are heading. 

The lack of fungibility has major implications for criminals. We have just the English High Court (in the decision of AA v Persons Unknown & Ors, Re Bitcoin [2019]) determine that crypto assets such as Bitcoin are considered to be ‘property’ capable of being the subject of a proprietary injunction against a cryptographic exchange, which was indeed granted. You can see what is going to happen here: the exchange will be required to identity who owns the stolen coins and the owner will then be the subject of legal action to recover them. This owner might be entirely innocent about the origin of the coins and will say that they didn’t know that the Bitcoins they bought are the proceeds of a ransonware attack and may ask to the keep them. But, as the economist J.P. Koning points out, that’s not how property law works. Even if you accidentally come into possession of stolen property then a judge can still force you to give them back to the rightful owner.

(To recap. Bitcoin isn’t cash, because cash is fungible. If we want something to be cash, we need to make it fungible. But do we want cash? I’m always ready to listen to informed views. If you do too, then someone you should listen to is Adam Back. He is a brilliant guy. He has already forgotten more about cryptography than I could conceivably learn from now on if I dedicated the entire rest of my career to the topic. His masterful lecture on “Fungibility, Privacy and Identity” delivered to Bitcoin Israel is well worth 90 minutes of your time. Get a notepad, a cup of tea, packet of fruit shortcakes and fire up the video.)

What happens when they get anonymous on our asses?

This is why ransomware rogues convert their Bitcoins out into something more suited to the less-regulated corners of the economy. The people behind the famous “WannaCry”, which hit more than 300,000 computers in over 150 countries, took their rewards and converted them into Monero, a privacy-focused cryptocurrency that has seen some growth in its popularity over the last year or so. This, in turn, makes me wonder why criminals continue to use a payment mechanism that leaves behind a perpetual record of all transactions that anyone can look it, particularly when there are more private alternatives already in the wild. One such example is Zcash, a cryptocurrency with the added special sauce of genuine anonymity rather than the pseudonymity that, as noted, hampers the exploitation of Bitcoin for nefarious purposes. Transactions remain confidential unless the counterparties reveal their addresses by “selective weakening” of the cryptographic protection. Now, I am sceptical about whether confidential transactions will get much traction in the mass market, but that does not mean that advocates of Zcash do not have a point when they say that “If you start with a perfect electronic cash system building block, then you can build an electronic cash system with selective weakening in a way that makes sense for society” [IEEE Spectrum].

You can understand why, of course. An electronic cash system that is going to offer some forms of privacy must be built on a truly anonymous infrastructure. You can’t do it the other way round. But… a truly anonymous infrastructure provides ample opportunities for mischief and some of this mischief might be of significant harm to society as whole. So what will happen?

In Zcash, there are two types of addresses, “transparent” and “shielded”. The transparent addresses and the amounts sent to and from them show up on the blockchain as they would in bitcoin. But if a user opts to use a shielded address, it will be obscured on the public ledger. And if both the sender and receiver of funds have opted to use shielded addresses, the amount sent will be encrypted as well [American Banker].

(The idea that counterparties can choose whether a transaction is visible or not is interesting and under explored. This reminds of the idea for light transactions and dark transactions that artist Austin Houldsworth put forward and that we presented at the BCS back in 2012!)

Trying to think this through, it seems to me that there is something of a paradox here in our mental transaction models. We want our transactions to be anonymous because we are good people but we want other people’s transactions to be tracked, traced and monitored because they might be criminals. Obviously we don’t want child pornographers and terrorists to have access to anonymous electronic cash but we do want freedom fighters and oppressed minorities to have access to electronic cash.

Hhhmm…..

So how might this paradox be resolved? Well, one option might be to assume that the anonymous cash will be used primarily by criminals and possession of it will be taken to be prima facie evidence of criminality, but not to ban it because free speech trumps crime according to our cultural values. Thus law enforcement resources can be targeted. Remember, in an anonymous world no-one knows you’re a dog but no-one knows that you’re from the FBI either. Hence you could argue that anonymity can actually help law enforcement to carry out old-fashioned police work (and since no-one knows you’re a bot either, I’d assume that the police will have large-scale big data analysis and pattern recognition and machine learning and all sort of other things to help them). It’s not at all clear to me that a terrorist child-pornographer will be any further beyond the reach of the law because their cash is anonymous when their mobile phone location is recorded every 50ms and their face is scanned at every street corner, but I’m open to debate.

In the mass market I can therefore envisage an environment where some kind of anonymous cash is in existence but is never used in its “raw” state, because people, companies and governments will only use the privacy-enhanced layers on top of it. Getting your ransomware cryptocurrency might remain easy, because companies don’t do proper risk analysis and don’t design secure products, but spending that cryptocurrency might become increasingly difficult.

Crime of the (new) century

Here’s something that I’m surprised we don’t see more of. Pavel Lerner, the CEO of the cryptocurrency exchange Exmo Finance, has been released by kidnappers after the payment of a $1 million bitcoin ransom. According to the Financial Times, the Ukrainian interior minister specifically labelled the crime “bitcoin kidnapping and extortion”. I would have asked for Monero, rather than traceable bitcoins, but there you go.

Given the number of Bitcoin millionaires wandering around — I bump into them at every conference I go to these days — you would have imagined that the more enterprising and forward thinking members of the cosa nostra (the coder nostra, as I call them) were out in force. Stand around outside Consensus or Money2020 and bundle most anyone into a van and drive them off into the desert and you’re sure of a Bitcoin, Ripple, Ether or Bitcoin Cash payday. It’s a puzzle that this doesn’t happen all the time, although it’s entirely possible that it does and that I never get to hear about it because I’m not rich enough, just like those Silicon Valley sex parties.

So is kidnapping for cyber-ransom the defining crime of the 21st century? Actually, I suspect not. What if, rather than traditional money–related crimes such as kidnapping and extortion, there were much better crypto-crimes invented in parallel to the new forms of crypto-money made available by technology? Is there such a crime that is unique to this virtual world? Not a virtual shadow of a crime that has been around since year zero, but a wholly new crime for the virtual world? Actually, one such crime was invented many years ago. It’s the “assassination market” that I wrote about in “Before Babylon, Beyond Bitcoin“.

An assassination market is a prediction market where any party can place a bet (using anonymous crypto-currency through the TOR network) on the date of death of a given individual, and collect a payoff if they “guess” the date accurately. This would incentivise the assassination of specific individuals because the assassin, knowing when the action would take place, could profit by making an accurate bet on the time of the subject’s death.

Here’s how the market works. Someone runs a public book on the anticipated death dates of public figures. If I hate a pop star or politician, I place a bet on when they will die. When the person dies, who ever had the closest guess wins all of the money, less a cut for the house. Let’s say I bet a fiver that a specific TV personality is going to die at 9am on April Fool’s Day 2018. Other people hate this personality too and they put down bets as well. The more hated the person is, the more bets there will be.

April Fool’s Day comes around. There’s ten million quid bet on this particularly personality. I pay a hit man five million quid to murder the personality. Hurrah! I’ve won the bet, so I get the ten million quid and give half to the hit man. I don’t have to prove that I was responsible for the assassination to get the money and no-one can pin the crime on me because I paid the hitman in untraceable anonymous electronic cash as well: I’m just the lucky winner of the lottery. If someone else had bet 31st March and murdered the television personality themselves the day before, then it would only have cost me a fiver, and I would have regarded that as a fiver well spent.

This is a rather an old idea that originated, as far as I know, with Jim Bell, who back in 1995 wrote an essay on “assassination politics” that brought the idea to the popular (well, amongst a nerd subgroup) imagination. I suppose it was inevitable that the arrival of digital currency would stimulate thought experiments in this area and it was interesting to me then (and now) because it showed the potential for innovation around digital money even in the field of criminality. If I hire thugs to lure a cryptobaron to a hotel room and then beat him up to get a $1m in bitcoins from him (as actually happened in Japan recently), that’s just boring old extortion. If I use Craigslist to lure a HODLer to a street corner and then pull a gun on him and force him to transfer his bitcoins to me (as actually happened in New York back in 2015), that’s just boring old mugging.

 

Now, as I explained in the FT some years ago, Bitcoin is not a very good choice for this sort of cyber-criminality. It’s just not anonymous enough for really decent crimes or the darkest darknets. Hence my scepticism about the claims that Bitcoin’s long term value will be determined by malevolent money mischief. But as I explained to students at Winchester College last week, if there were to be an actually untraceable cryptocurrency then an assassination market is a much better bet for the coder nostra than the physically demanding felony of kidnapping.

They are where the money isn’t

When most of us think about bank robbery, we think about people inventing complex derivates and amassing fortunes while the institutions that house them amass fine, bankruptcies and bailouts. But it turns out that your grandparent’s bank robberies are coming back into fashion. American Banker says that violent bank crime has become increasingly less common in the past decade, but that the rate of robberies has ticked back up in recent years.

At first I thought this might be a hipster revolt, like with vinyl records, but that doesn’t seem to be the case. So I’ve no idea. I don’t understand bank robbery. I remember getting into an interesting discussion about bank robbery at a lunch a while back. We were talking about risk and risk analysis. I was trying to make some points about why proper risk analysis like this is a more cost-effective way to proceed than (for example) panicking about newspaper stories on hacking, and that led to a train of thought around cost-benefit analysis for the robber, not the bank. Are robbers put off by thick doors and barred windows and such like? Are robbers deterred by visible, physical symbols of security? Come to that, should be bother with physical security at all in banks?

This is a fair point. So it set me thinking: if you are an amoral sociopath desperate to amass as much money as possible, are you better off robbing a bank or working for it? As a responsible father, I want to help my sons chart the best course for life. Right now, they are at University studying socially useful subjects in science and engineering. Having myself studied science only to become trapped in mortgage serfdom and forced to work until I drop, I am trying to persuade them to become Somali pirates or Wolves of Wall Street, without much success so far. So I understand that side of the equation, but am less certain of the other. Remember that old paper “The Decision-Making Practices of Armed Robbers” by Morrison and O’Donnell. It’s a study of armed robbery in London and one of my favourite papers. It is based on first-hand research (viz, the analysis of over 1,000 police reports and interviews with 88 incarcerated armed robbers).

While it’s about the UK rather than the US, I’m sure the thought processes of the perpetrators must have some similarities. Crucially, the paper notes that “almost all of these robbers evaluated the offence as having been financially worthwhile (aside from the fact that they were eventually caught and punished for their crime)”. So robbing a bank seems like good idea, if you exclude the possibility (in fact, the likelihood) of being caught. I suppose this is standard Jordan Belfort, Bernie Madoff thinking thought isn’t it? Unless people believe they will be caught (and these people don’t) then they only consider the upside.

(One of the interesting snippets it contains is that a great many of the armed robbers in the UK use imitation firearms even though they could have access to real ones. I imagine that in the US the use of imitations is vastly less prevalent, since it’s presumably harder to buy an imitation gun than a real one there.)

So, what to do? While glancing back over the paper I note that the authors say that it doesn’t seem practical to “expect financial institutions and commercial properties to reduce counter cash much more than they already have”. That may have been true when the paper was written a few years ago, but it clearly isn’t true now, since both bank branches and businesses in many countries are becoming cash free. And this is a good thing, because as we all know there is a direct and measurable relationship between the amount of cash out there (more on this later) and the amount of crime. As the paper says, “even when the amount of money obtained was quite small (an element often touted in support of the irrationality of economic criminals), it must be recognised that even apparently small sums may be adequate for the offender’s immediate needs. Hence, gains may be subjectively much larger than they appear”.

Bank robber or management consultant?

 

It’s a stick up

The rewards of armed robbery seem to me, then, as an educated middle-class professional, to be rather low. Yet they are still sufficient to attract the robbers, because their needs are immediate and limited. I want a holiday home in the South of France but the guy in the Nixon mask isn’t robbing a bank to pay his way through college or to obtain seed finance for a start up, he just needs to buy a car or some drugs or whatever. This paper seems, then, to indicate that so long as there is some cash in the till, there will be robberies. This is not an observation confined to banking. A study of the American Electronic Benefit Transfer (EBT) program found that “the EBT program had a negative and significant effect on the overall crime rate as well as burglary, assault, and larceny”.

What they are talking about here are US programmes where benefit recipients are paid electronically and given cards that they can use in shops instead of being given cash. The authors found a 10% drop in crime correlated with the switch to EBT. It seems pretty overwhelming evidence, and even more so if you read the paper, which notes no impact on crimes that do not involve the acquisition of cash. If we can to stop armed robberies, that would surely be an excellent social benefit to the move to cashlessness and would help us to explain the nature of appropriate regulation to legislators.

But back to the specific point about the relationship between bank cash and robberies. With the rewards from robbing banks and businesses falling  armed robbers, like everyone else, follow the money – literally – and so cash-in-transit (CIT) robberies are now the preferred option. We see the same in Europe where countries that have much higher usage of ATMs have much higher CIT robbery rates than countries that have lower ATM usage (see, for example, Sweden and Denmark).

Overall, then, we see another early indication of the emerging post-cash era: Spending on physical bank security is being reduced and spending on virtual bank security is being increased. We do, indeed, live in interesting times.