Trust a Bitcoin Exchange without Regulation

Yesterday, after the spectacular failure and bankruptcy filing of Mt. Gox, the world’s largest Bitcoin exchange, Peter Finn, an IBM architect, launched a survey within a LinkedIN discussion group. The single question and multiple choice options were:

“In Light of MTGOX what level of transparency should there be for Bitcoin Exchanges?”

1. None. Exchanges Can do as they please
2. All Public Keys Disclosed and Signed
3. Show Public Keys, Source Code, Processes
4. Fully Regulated, Monitored, Audited

One day after it was published, respondents were decidedly negative on the option #1 (no regulation). They responded like this: 1–14%, 2–28%, 3–28%, 4–28%. I am among the 14%: No regulation. But only because Peter failed to cover all the bases. There is a far better option than regulation. But I am getting ahead of myself…

Regulation in a Decentralized, P2P
market, with Open Source Tools 

Suggesting that Bitcoin be “fully regulated” is like demanding that feral cats be licensed to procreate. Perhaps the point can be better illustrated by a metaphor closer to home: Perhaps we should regulate the use of file encryption or bit torrent clients. After all, they can both be used for circumventing copyright law or transmitting illegal content.

Governments are inevitably weakened by legislating against what cannot be regulated. The US has already tried to regulate encryption (PGP/Zimermann and Clipper chip) and they tried to legislate against the use of torrents (Actually, it was a prelude to torrents. Who remembers Napster?)

You can enact laws and regulations, but when you ignore motives, access and facts in evidence, you promote bureaucracy with a head-in-the-sand morality. Feral cats don’t read edicts. Their compulsion to reproduce is strong and they possess the tools they need to procreate. The same is true for bit torrent, encryption and a fully-distributed, low-cost, p2p payment mechanism that is adding users like a wild fire.

Considered in another light, Bitcoin was created to circumvent—or at least—transcend regulation. For many legitimate users, the whole point of a distributed, p2p network built upon open source tools is to unfetter users and disentangle government.

So the real question is not whether we should engage in useless legislation that ignores the facts on the ground. A better question is “How can we make the Wild West a bit safer?” I understand the need for public trust. ! But trust comes from transparency, accountability and outside audits. It doesn’t come from government regulation. Peter alluded to this in the very last sentence the text accompanying his sruvey. He said:


“Will users decide through consensus that
exchange XYZ chooses to fully disclose?”

Bingo! Create standards and practices—especially for security and transparency. Then, make it simple for anyone choosing an exchange or entering into a transaction to determine if the organization complies with industry best practice. Finally, offer a modest level of consortium insurance (to the user, or at least compliant exchanges), so that public trust can be tied to something tangible.

On Feb 25, one day after championing a joint statement from the few credible Bitcoin exchanges, Coinbase took a big step toward this goal when then invited a research analyst from a competitor to audit their internal security practices and randomly compare a customer transaction log to the public blockchain. The report includes an explanation of the test conditions and the results.

Laws are meaningless in a market that cannot be regulated. But industry standards, audits and certification can certainly step up to the task. They can build trust, confidence and stability. Just as importantly, they won’t interfere with the fraction of users who demand personal, private, p2p transactions without auditing or oversight. After all, we must never forget that these individuals started the revolution from which we will all benefit… even the “legitimate” commercial transactions that require transparency, security and an audit trail.

So, let’s revisit Peter Finn’s survey: What level of regulation should be mandated for Bitcoin exchanges?…

I propose Option #5: None. Exchanges can do as they please. But establish an easily verified, independent certification of standards & practices that can be tested at the URL throughout user interaction. Users can avoid the tool, add the tool, or ignore its warning. The certification (and a gut-simple way to see it & test it), empowers the user instead of the government. It also avoids entangling a new technology with unimaginable potential in red tape.

Incidentally, a group of individuals from this discussion group is working toward this goal right now. Although they have barely completed introductions, the Virtual Currency Collaborative Cryptocurrency Standards Association [CRYPSA] has hammered out a charter that will lead to a set of voluntary standards and practices to facilitate open, transparent, safe and auditable transactions within a community that often takes pride in their inherent freedom from regulation. Taming the Wild West will not be too difficult. And it won’t even be necessary to restrict gunslingers from walking into the saloon at high noon.