June 13, 2011

Is BitCoin a triple entry system?

James Donald recently gave me a foil on which to ask this interesting question. Although it took me a while to sort the wheat from the chaff, I'm finally getting to grips with the architecture.


On 13/06/11 12:56 PM, James A. Donald wrote:
> On 2011-06-12 8:57 AM, Ian G wrote:
> > I wrote a paper about John Levine's observation of low knowledge, way
> > back in 2000, called "Financial Cryptography in 7 Layers." The sort of
> > unstated thesis of this paper was that in order to understand this area
> > you had to become very multi-discipline, you had to understand up to 7
> > general areas. And that made it very hard, because most of the digital
> > cash startups lacked some of the disciplines.
>
> One of the layers you mention is accounting.

Yes, so back to crypto, or at least financial cryptography.

The accounting layer in a money system implemented in financial cryptography is responsible for reliably [1] holding and reporting the numbers for every transaction and producing an overall balance sheet of an issue.

It is in this that BitCoin may have its greatest impact -- it may have shown the first successful widescale test of triple entry [2].

Triple entry is a simple idea, albeit revolutionary to accounting. A triple entry transaction is a 3 party one, in which Alice pays Bob and Ivan intermediates. Each holds the transaction, making for triple copies.

To make a transaction, Alice signs over a payment instruction to Bob with her public-key-based signature [3]. Ivan the issuer then packages the payment request into a receipt, and that receipt becomes the transaction.

This transaction is digitally signed by multiple parties, including at least one independent party [4]. It then becomes a powerful evidence of the transaction [5].

The final receipt *is the entry*. Then, the *collection of signed receipts* becomes the accounts, in accounting terms. Which collection replaces ones system of double entry bookkeeping, because the single digitally signed receipt is a better evidence than the two entries that make up the transaction, and the collection of signed receipts is a better record than the entire chart of accounts [6].

A slight diversion to classical bookkeeping, as replacing double entry bookkeeping is a revolutionary idea. Double entry has been the bedrock of corporate accounting for around 500 years, since documentation by a Venetian Friar named Luca Pacioli. The reason is important, very important, and may resonate with cryptographers, so let's digress to there.

Double entry achieves the remarkable trick of separating out mishaps from frauds. The problem with single entry (what people do when making lists of numbers and adding them up) is that the person can leave off a number, and no-one is the wiser [7]. We can't show the person as either a bad bookkeeper or as a fraudulent bookkeeper. This achilles heel of primitive accounting meant that the bookkeeping limited the business to the size with which it could maintain honest bookkeepers.

Where, honest bookkeepers equals family members. All others, typically, stole the boss's money. (Family members did too, but at least for the good of the family.) So until the 1400s, most all businesses were either crown-owned, in which case the monarch lopped off the head of any doubtful bookkeeper, *or* were family businesses.

The widespread adoption of double-entry through the Italian trading ports led to the growth of business beyond the limits of family. Double entry therefore was the keystone to the enterprise, it was what created the explosion of trading power of the city states in now-Italy [8].

Back to triple entry. The digitally signed receipt dominates the two entries of double entry because it is exportable, independently verifiable, and far easier for computers to work with. Double entry requires a single site to verify presence and preserve resiliance, the signed receipt does not.

There is only one area where a signed receipt falls short of complete evidence and that is when a digital piece of evidence can be lost. For this reason, all three of Alice, Bob and Ivan keep hold of a copy. All three combined have the incentive to preserve it; the three will police each other.

Back to BitCoin. BitCoin achieves the issuer part by creating a distributed and published database over clients that conspire to record the transactions reliably. The idea of publishing the repository to make it honest was initially explored in Todd Boyle's netledger design.

We each independently converged on the concept of triple entry. I believe that is because it is the optimal way to make digital value work on the net; even when Nakomoto set such hard requirements as no centralised issuer, he still seems to have ended up at the same point: Alice, Bob and something I'll call Ivan-Borg holding single, replicated copies of the cryptographically sealed transaction.

With that foundation, we can trade.

> Recall that in 2005
> November, it became widely known that toxic assets were toxic.

In 2005, the SEC looked at my triple entry implementation, and....

> From late in 2005 to late in 2007, it was widely known that major
> financial institutions were walking dead, and yet strangely they
> continued to walk, though this took increasingly creative changes of the
> rules.

...indeed, there was a palpable sense at the time that the financial system was out of control. They were looking at this thing with worried eyes.

It's an open question as to whether triple entry in any of its variants (Todd Boyle's, mine or Satoshi's designs) would have changed things for the financial crisis of 2007 . I think the answer is; it was way too late to effect it. But, it wouldn't have hurt, and with other things added in [9], the sum would have changed things, assuming widespread implementation.

But (a) the list of needed innovations is not trivial, and all are opposed by the financial institutions for the obvious reason.

Also, (b) it has to be said that at the bottom of the financial crisis is securitization, which changes everything about finance [10]. And I do mean everything. Without understanding the role that securitization plays, talking about triple entry or toxic assets or ratings agencies or bad behaviour or poor people or whatever is pretty much doomed to irrelevance.

Which is how they like it!

> Today in 2011, there is still no audit that acknowledges that toxic
> assets were and are toxic.

This one winds all the way to [11] ...

> While doubtless a good monetary system should embrace all these aspects
> of knowledge, our existing monetary system does not.


Errata: I adjusted the years for double entry and Luca Pacioli.

Footnotes.

[1] reliably here means to play its part in the overall security model against attacks of fraud, etc.
[2] this rant is essentially a highly compressed version of:
http://iang.org/papers/triple_entry.html
[3] there is an intermediate step here where Bob can also sign the payment into a deposit instruction, thus confirming acceptance. But this can be optimised out. You can find out more about the signed transactional receipt model from Gary Howland's paper on SOX.
[4] think here of European Notaries, responsible to both parties to intermediate.
[5] crypto people would recall the term "non-repudiable" although that is out of favour; "non-repudiation is repudiated . BitCoin paper uses the term "non-reversible." Finance prefers terms like "final settlement. Legal people look for "evidence." I choose the legal term here because in a dispute their opinion matters more.
[6] this is not really apparent on paper, only in code and implementation (aka issues).
[7] all of this logic is applicable & analogous & consistent when the bookkeepers are computers...
[8] accounting history does not accept this point as proven. Having seen the difference of both double entry and triple entry in accounting systems, I'd say its clear. But historians don't have the benefit of seeing accounting systems stuff up in glorious fashion, they only have the dry old parchments to work from.
[9] another of the things essential on the list is final settlement / irreversibility / non-repudiation, as pioneered in many digital cash schemes. c.f., Mutual Funds Scandal.
[10] Everything important about the financial crisis in 4 short essays, start here: http://financialcryptography.com/mt/archives/001297.html
[11] http://financialcryptography.com/mt/archives/001126.html


This Season's BitCoin Collection:
  1. BitCoin and tulip bulbs
  2. Is BitCoin a triple entry system?
  3. BitCoin - the bad news

Posted by iang at June 13, 2011 08:08 AM | TrackBack
Comments

Securitization is in theory, really great. But who is it that is to actually manage the loans, and make sure that they actually exist, that the payments are made, and so forth?

The lowest tranch on a bundle of debt has to be shares, not debt, and the people owning the lowest tranch have to be responsible for managing the bundle of debts.

Our recent securitization crashed because the people managing the debts had no interest in managing them, or whether they had any value.

The debts in the bundle, and the people managing them, all have to be in one geographical area, so that those managing the debts can look at the assets on the ground, and check out the people who are supposed to be paying the debts, and look those people in the eye.

Securitized debt should be bonds issued to a company whose major asset is a pile of loans, and whose major skill is managing loans - which is a very old form of finance.

Posted by: James A Donald at June 13, 2011 06:25 PM

unregulated loan originators found they could access an unlimited amount of funds by paying the rating agencies for triple-A rated. As a result they no longer needed to worry about loan quality and/or borrower's qualifications ... immediately unloading the loans as triple-A rated toxic CDOs as fast as possible. There has been estimate that there was $27T in triple-A rated toxic CDO transactions during the bubble ... which would have been possibly $3T-$5T in profit, fees, and commissions between the original real-estate transaction and far backend warehousing of the CDOs (there were statements that the financial industry tripled in size as percent of GDP during the bubble off those toxic CDO transactions). I had also heard references to musical chair analogy during the height of the bubble and who would be left standing when the music stops. Zakara's "Post American World" uses a Cinderella analogy, the major players all knew they had to leave before the stroke of midnight, but most wanted to stay until the last possible minute. For the most part the individuals all walk away with what they wanted ... it was some of the institutions that were left holding the toxic CDOs.

Posted by: Lynn Wheeler at June 13, 2011 08:11 PM

Note that securitized instruments had been used during the S&L failure with fraudulent documents. In the late 90s we had been asked to look at processes that might be used to significantly improve the trust & integrity of the supporting documents (the magnitude of the problem in the S&L failure was much smaller not having the triple-A ratings).

Being able to pay for triple-A ratings on the CDOs, much of the supporting documentation became superfluous and the unregulated loan originators could make no-documentation loans. No-documentation, no-down, 1% interest only ARMs became very attractive to speculators ... during the bubble some sectors of the country had 20-30% real-estate inflation & speculators could make 2000% ROI.

Posted by: Lynn Wheeler at June 14, 2011 09:06 AM

one of the items pointed out in the "wall street money machine" was the frequent enormous disconnect between the compensation for individuals packaging and dealing the triple-A rated toxic CDOs and their institutions ... individuals motivated to repeatedly engage in activities that could easily take down the institution (if it weren't for gov. bailouts); there has been periodic references that the environment represents enormous "moral hazard".

Posted by: Lynn Wheeler at June 14, 2011 01:45 PM

Linking triple accounting to a public database of expenditures is interesting... the network becomes the third party.

Incidentally, are you aware this post is completely unreadable in the RSS feed? All the formatting is gone and the whitespace removed.

Posted by: gwern at June 28, 2011 11:23 AM
Post a comment









Remember personal info?






Hit preview to see your comment as it would be displayed.