Nothing New under the Sun
Exploring the parallels between
Cryptocurrency and Society

Introduction
● We often like to say Bitcoin is a fundamentally
new economic paradigm
● Common theory:
○ Commodity money
○ Commodity-backed money
○ Fiat money
○ Cryptocurrency (obviously)
● Self-executing contracts, DACs, Skynet
● Reality: everything here has existed before

Prisoner’s Dilemma and Nash Equilibria
● Everyone has two
moves: cooperate
or defect
(left, top) C D
C 5, 5 0, 7
D 7, 0 2, 2
● Generalized prisoner’s dilemma:
○ N players
○ Can cooperate (+1, +1) or cheat (+2, -5)
● Nash equilibrium: everyone defects

Punishment
● Idea: spend effort to
to punish defectors
(-0.5, -5)
(left, top) C D
C 5, 5 0, 2
D 2, 0 -3, -3
● Seems wasteful, but changes the incentives
● Problem: what’s the incentive to punish
● Solution: non-punishment is punishable
● Tax-funded police, social ostracism

Schelling Points
● Two prisoners in separate rooms both see:
59049 71245 80764 92145
97621 100000 123875 161924
● If prisoners give same number, they go free,
otherwise they die

Hawk/Dove Game
● Everyone has two
moves: attack or
retreat
● Equilibria:
○ A attacks, B retreats
○ B attacks, A retreats
● Bourgeois equilibrium: A/R based on tag
○ Property rights
(left, top) A R
A 0, 0 6, 2
R 2, 6 4, 4

Coordination problems
● How to get from (A, A) to
(B,B)?
● Example: spelling reform
(left, top) A B
A 2, 2 0, 0
B 0, 0 4, 4
● Everyone spells English words weirdly (“cough”, “enough”,
“freight”, “height”): +1 all
● Reformed spelling (“coff”, “enuff”, “frate”, “hite”): +2 all (eezier
tu lurn, mor efishent)
● You reform, others don’t: +0.99 others, +0 you
● Others reform, you don’t: +1.99 others, +0 you

Revolution
● No one participates: +1 all
● Everyone participates: +2 all
(yay democracy)
● You participate, others don’t:
-100 you, +0.99 others
● Others participate, you don’t: +1.5 you, 1.99
others (you have lower status in new society)

Revolution 2: Hamlet Edition
● Norm exists against killing the king and
usurping the throne
● If the current king is killed, the norm
disappears, so everyone will repeatedly try
to take power
● Fearing this, no one kills the king
● Grim trigger equilibrium

Bounded rationality
● People have a bias toward selecting a
relatively simple strategy and consistently
following it
● Heuristics (eg. guy in suit == this guy got
business skillz bro)
● David Friedman on virtue:
○ http://www.daviddfriedman.com/Libertarian/Virtue1.html

Stones of Rai
● Small tribe on the island of
Yap, ~1900
● Rai Stones used as money
● Stones never moved,
ownership changed via collective agreement
● Ownership very secure
○ Stone at bottom of ocean
○ German invasion

Markets as a Punishment System
● Cooperative strategy: act as if dollar is worth X
● Defection 1: undervalue dollar
○ Result: you work too hard and enjoy less products and
services
● Defection 2: overvalue dollar
○ Result: you exhaust money before exploring all
opportunities
● Both consequences occur because people
value a dollar at X

Reputation
● Doing certain things increases your
reputation
● Incentive: trust reputable people more
○ Predictable pattern of honest behavior
○ They have “more to lose”
● Incentive: be more reputable so people trust
you more
● Incentives work with any set of rules

Courts
● Hierarchical system of increasing attention
● Normally: go about your business
○ Low attention
● In case of a dispute: go to court
○ Medium attention
● Contested dispute: go to higher and
eventually Supreme Court
○ High attention

Courts 2
● Problem: how to obtain estimate of
community norms
● Solution: pick 12 random people to
adjudicate

Courts 3
● Incentive to deter crime proportional to
● Problem: if crime ~= 0, ~= 0, so no
one would bother catching criminals
● Result: sorry, no crime-free utopia for you

Blockchains
● Idea: a blockchain is a distributed database
with:
○ a state
○ a meaning assigned to the state
○ a state transition rule
■ APPLY(S, TX) -> S' or INVALID

Blockchains
● Bitcoin:
○ S = { acct : balance, … }
○ Meaning: balance represents currency units
○ APPLY = { if S[tx.sender] >= tx.val:
S’[tx.sender] = S[tx.sender] - tx.val
S’[tx.to] = S[tx.to] + tx.val }

Blockchains
● Namecoin
○ S = { domain: owner … }
○ Meaning = look up website names here
○ APPLY = { if !S[tx.value]: S[tx.value] = tx.sender }
● Land registry
○ S = { (lat, long): owner … }
○ Meaning = if someone does something at (lat, long)
without owner’s permission, whack them
○ APPLY = ?

Blockchains
● A blockchain is a
series of blocks,
each block containing
a hash of the previous
● Scoring function
○ score(genesis) = 0
○ score(block) = score(block.parent) + PoWdiff(block)
○ current state = block with highest score

Mining
● Miners spend computational effort producing
blocks, get rewarded 25 btc/block
● Miners have 4 ways to deviate:
Include an invalid TX giving themselves extra BTC
Not bother with PoW
Mine on top of an invalid block that favors them
Mine on top of a suboptimally scoring block
● Question: why act honestly?

Mining as Recursive Punishment
● Idea: if you create an invalid block, other
miners will not mine on it, because a block
dependent on an invalid block is an invalid
block, and miners do not want to produce
invalid blocks
● Similar logic for low-scoring blocks

Valuation Equilibria
● Question: why do users pay attention to the
top-scoring chain?
● Answer 1: it’s a Schelling point
● Answer 2: it is more difficult to attack than
the top chain along any other metric

Concept: Smart Contracts
● Regular contract: I agree to give you $300 if
you perform task X
● Smart contract: I put $300 into a box, which
are automatically assigned to you if you do X
● Verifiability
○ Pure math (eg. prove a theorem)
○ Global fact (eg. temperature in San Francisco)
○ Local fact (eg. did you wash my car?)

Factum Law
● Decentralised consensus lets us create
cryptographic systems that control internal
assets with emergent value
● This provides a door from the world of
cryptography into the real world
● Idea: we can enforce rules without needing
real-world “enforcement” by using crypto-subsidies

Proof of Work: Takeover Attack
● Ethereum contract
○ Any miner can join, sending deposit into contract
○ To avoid losing deposit, miners must regularly send
shares to prove their hashpower
○ Before 60% PoW joins, miners can leave at any time
○ At 60% PoW, deposit locked until a 20+ block-deep
fork succeeds
● Incentive to join: possible reward, no risk
● Incentive to follow through: deposit

Grim Trigger Argument
● Fails if miners are fungible, works if miners
are bound
● Specialized ASIC-friendly algo: good
● CPU algo: bad
○ Unless (1) it’s a monopoly chain or (2) grim trigger
spreads across chains
● CPU algo + bonding: good
○ Another kind of PoS?

Software
● Altruistic actions in Bitcoin protocol prevalent
○ eg. responding to getblock messages
● Not explainable by general altruism
○ eg. core dev horribly underfunded
● Correct model: 2 kinds of agents
○ Software (= heuristics)
○ Users (download and run software, stick to defaults)

Software
● Model defaults as friction:
○
○
● “One currency to rule them all” may be flawed
○ | f | > benefit of liquidity

Why not delete the FBI’s Silk Road wallet?
● Argument 1: grim trigger equilibrium
● Argument 2: new valuation equilibrium more
“complex” to calculate
● Idea: a consensus system is a way of
creating a complex valuation equilibrium, and
protecting it with:
○ Coordination problem
○ Grim trigger equilibrium
○ Bounded rationality

Scalability
● Problem: at 1000000 tx/sec no node can
process every transaction
● Solution: split into consensus groups
● Problem: if split into N groups, attacker can
take over with 1/N power/stake
● Solution: if substantial disagreement
detected, suddenly increase attention

Scalability
● Solution 2: randomly select consensus
groups per transaction
● General problem: who waves the flashlight?
○ Subsidize via penalty
○ Privatize (ie. potential victims look out for themselves)
● Problem: failure rate ends up nonzero
○ Dependency on altruism

Scalability
● Solution 2: randomly select consensus
groups per transaction
● General problem: who waves the flashlight?
○ Subsidize via penalty
○ Privatize (ie. potential victims look out for themselves)
● Problem: failure rate ends up nonzero
○ Dependency on altruism

Conclusion
● Cryptoeconomic protocols are social
protocols
● Everything has already done before
● The main benefits we have are:
○ Opportunity for computationally complex equilibria
○ Low-cost communication