The Cypherpunk Movement

Bitcoin is not an initial prototype. It’s the end point of a long process of hard thinking and experimentation spanning decades, and builds upon many previous attempts to create free-market money. Each of its design features are very deliberate and essential, and were arrived at carefully by a group of people trying to figure out how to separate money from the state. Understanding bitcoin’s pre-history helps us appreciate each of the decisions behind its design.

Presented in partnership with Bitcoin Synapse

A brief history of cryptography

Alan Turing

Bitcoin was created from out of a group ofpeople who were interested in using cryptography to protect privacy, freespeech, and free markets in cyberspace. This group of people referred tothemselves as the “Cypherpunks”, and formed a mailing list in 1992, one yearafter the launch of the world wide web, in order to hold discussions. TheCypherpunks were inspired by the internet’s potential to disseminate knowledgeand facilitate electronic commerce, but also realized that it created anapparatus for electronic surveillance and spying by governments on anunprecedented scale. As such, they wanted to free cryptography from governmentcontrol, and make it a tool for everyone to use, allowing individuals tocommunicate and transact on the internet privately without interference fromany authority. The Cypherpunks drew upon recent breakthroughs in the field of cryptography,a previously obscure, esoteric branch of mathematics, and it is here that thehistory of bitcoin begins.

Lorentz encryption device

The government’s interest in controlling cryptography goes back to World War 2, where the breaking of encryption had an enormous influence on the final outcome of war. In fact, it was generally recognised afterwards that Britain would most likely have fallen to Germany in 1941 if mathematician and codebreaker, Alan Turing, at Bletchley Park had not been able to decrypt and read the enemy communications encrypted by the German Enigma cipher device. Britain’s codebreakers meant that the navy was able to know in advance where and when German U-boats and bombers planned to attack, and to intercept them. Similarly, Bill Tutte’s breaking of the codes encrypted by the Lorentz device meant that Britain was able to read the secret intel messages of the Nazi High Command from 1942. These two results are estimated to have shortened the war in Europe by 2 years.

Cryptography was subsequently recognised to be a powerful tool, and the US government designated strong encryption a munition, introducing regulations to keep it out of the hands of private citizens.

Martin Hellman and Whitfield Diffie

The government’s monopoly on cryptography was broken, however, in the 1970s by two papers written by the pioneers of a new technology called public-key cryptography. The first was “New Directions in Cryptography”, a ground-breaking paper published in 1976 by Whitfield Diffie and Martin Hellman. It was the first publicly known work of cryptography that proposed the idea of a private key and a corresponding public key. This idea (which had been co-invented with Ralph Merkle, who also invented hashing) eliminated the need for a secure communication channel, made physical enciphering and deciphering devices unnecessary, and codebreaking effectively impossible. The Cypherpunks would later realize that this technology gave computer users the ability to have an impenetrably private conversation when communicating with each other.

R. Rivest, A. Shamir, and L. Adleman

The paper stimulated the development of a new class of encryption algorithms (the public-key algorithms), and was shortly followed by a second paper in 1977, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems” , in which researchers at MIT discovered an algorithm for encrypting secret messages powerful enough to produce code that was break-proof against government spying. (This was the Rivest-Shamir-Adleman or RSA algorithm)

However, the US government considered these cryptographic algorithms as modern weapons technology, and classified their distribution as a crime under the International Traffic in Arms regulations. The NSA had even declared that publication of the research would result in a federal prison sentence, causing MIT to initially halt publication, but news of the discovery got out, and paper copies of the paper were leaked and distributed. The federal government relented in early 1978. This episode was the beginning of the Crypto Wars between the private cryptography community who advocated for freedom of speech in software, and the government which declared the unrestrained discussion of cryptographic research a threat to national security.

The next episode in the Crypto Wars started in 1991 when software developer and early cypherpunk, Phil Zimmerman, released Pretty Good Privacy (PGP), a computer-based program that rendered files and electronic mail almost spy-proof. It drew upon concepts from Diffie and Hellman’s 1976 paper and the RSA paper of 1977, and was the first relatively easy-to-use secret messaging system, built with strong encryption. In PGP’s documentation, Zimmerman called his program "guerrilla freeware". The software was soon being downloaded overseas, so the DoJ launched a criminal investigation against Zimmerman on the grounds that by making the cryptographic software available outside the country, he had violated the Arms Control Act that forbid weapons exports.

The NSA argued that PGP would be used by criminals and terrorists, while the Cypherpunks maintained that PGP was just like any other published material because it was just lines of code, and that restrictions on encryption violate freedom of expression in software. Encryption software is like any other form of speech, and banning it is like banning written pages of mathematics. To prove the point, John Gilmore, who cofounded the cypherpunk mailing list a year later, convinced MIT Press to print out the PGP source code, and ship it to bookstores in Europe. He then printed out T-shirts that had PGP encryption code on them, and sent them to the Office of Munitions Control. The government knew that if it went to court to suppress publication of a book from a university, or the printing of T-shirts, it would lose. It soon dropped the criminal charges against Zimmerman, and two federal judges ruled that encryption was a form of speech protected by the First Amendment.

Under US encryption export restrictions, this T-shirt was classified as a munition. It was illegal for US citizens to show this T-shirt to foreigners.

The NSA also developed the famous Clipper chip, an encryption device with a built-in backdoor that was intended to allow law enforcement agencies the ability to eavesdrop on  voice and data transmissions. Clipper chip was introduced in 1993 and proposed to telecoms companies for adoption in their phone systems, but it faced strong resistance and the government backed down in 1996.

The Cypherpunks

From out of this context emerged the Cypherpunk movement: a group of mathematicians, computer scientists, and libertarians who were interested in using cryptography to protect human freedom and privacy against Big Brother.

The founding members of the movement were Timothy May, Eric Hughes, and John Gilmore, who created the Cypherpunks’ electronic mailing list in 1992, one year after the launch of the world wide web.

“The computer can be used as a tool to liberate and protect people, rather than to control them.”

— Cypherpunk Mailing List in 1992
Timothy May

May was a physicist, electronic engineer, and former chief scientist at Intel until 1986 who wrote extensively on cryptography and privacy in the 1990s. in 1992, he distributed The Crypto Anarchist Manifesto and Libertaria in Cyberspace.

John Gilmore

Hughes was a mathematician and computer programmer who created and hosted the first anonymous remailer. In 1993, he published A Cypherpunk’s Manifesto.

Gilmore was an advocate for internet civil liberties, and the founder of Cygnus Solutions. He risked going to jail in the 1990s in his campaign against the government for freedom of speech in software. He said that he wanted “a guarantee -- with physics and mathematics, not with laws -- that we can give ourselves real privacy of personal communications."

“Privacy is necessary for an open society in the electronic age. . . . . , privacy in an open society requires anonymous transaction systems. Until now, cash has been the primary such system.”

— A Cypherpunk’s Manifesto

The Cypherpunks were one of two groups at the dawn of the internet that were interested in combining technology with insights from the Austrian school of economic thought.

The Extropians (Libertarian Futurists) were very interested in the intersection of Rand, Rothbard, Hayek, and high technology.

But whereas the Extropians were thinkers, the Cypherpunks were also doers, interested in turning their ideas into reality. Very much part of the mailing list’s culture was the notion that it’s not enough to discuss good ideas, they need to be implemented. Cypherpunks were builders. Rather than trying to negotiate with regulators, and perhaps gaining small, marginal victories over government restrictions, the Cypherpunks would build software solutions to protect individual freedom that completely bypassed and obsolesced the government. Those software solutions would have to be built to withstand attack. Hence the famous lines by Eric Hughes:

“Cypherpunks write code.”
“We don’t care much if you don’t approve of the software we write. We know that software can’t be destroyed and that a widely dispersed system can’t be shut down.”

— A Cypherpunk’s Manifesto

Creative inspiration behind bitcoin

Top: Carl Menger, Ludwig von Mises, Friedrich von Hayek
Bottom: Murray Rothbard, Ayn Rand

The idea of the Cypherpunks was to use recent breakthroughs in cryptography to create Galt’s Gulch in cyberspace i.e. a separate realm beyond the reach of any tyranny, where privacy, free expression, and free enterprise were protected, and that was completely independent from and immune to any kind of external interference or coercion.

Central to this vision was the idea of de-politicized money that was hard, and that could not be confiscated or shut down.

Understanding of the importance of this concept had been laid years before, but now advances in computer science and cryptography made achieving it finally a possibility.

“I don't believe we shall ever have a good money again before we take the thing out of the hands of government, that is, we can't take it violently out of the hands of government, all we can do is by some sly roundabout way introduce something they can't stop.”

– F. Hayek 1984

Precursors to bitcoin

The Cypherpunks were also inspired by computer scientist, David Chaum, who had demonstrated in the 1980s that it was possible to use cryptography to build an anonymous payment network on the internet.

Chaum’s work was one of the building blocks for bitcoin.

David Chaum (1955-)

David Chaum

He had laid the groundwork for anonymous communications research in his 1981 paper: "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”.

This was followed a year later by a paper that was crucial for anonymous digital money: "Blind signatures for untraceable payments".

In 1982, his dissertation at UC Berkeley "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups" was the first known proposal for a blockchain protocol. In it, Chaum proposed every element of the blockchain later used in the Bitcoin whitepaper except proof-of-work; Chaum laid out a plan for achieving consensus state between nodes, chaining the history of consensus in blocks, and immutably time-stamping the chained data.

His 1985 paper: “Security Without Identification: Transaction Systems to Make Big Brother Obsolete”, described anonymous digital cash and pseudonymous reputation systems.

In 1983, Chaum conceived the idea of an anonymous electronic money, eCash, and later in 1989, he founded DigiCash corporation to implement this idea, using the innovations from his previous papers. It was the first attempt at private payments in digital form, where users could send and receive Cyberbucks created and issued by DigiCash. It used the same kind of cryptographic protocols that Bitcoin uses to make transactions untraceable.

Problem: DigiCash was centralized - banks were still needed for a constant supply of money. Cyberbucks were created and issued whenever dollars were deposited into DigiCash Corp. from a bank account.

The next building block for bitcoin was the work of cryptographer and hacker, Adam Back, who had done his computer science PhD in distributed systems.

Adam Back (1970-)

Adam Back

He was interested in PGP (Pretty Good Privacy) encryption, electronic cash and anonymous remailers, and had worked at large companies in applied cryptography, designing, reviewing and breaking other people’s cryptographic protocols.

In 1997, Back invented Hashcash, the proof-of-work system used for spam control. It is a mechanism that forces email senders to solve computational puzzles. By adding a cost (time and computational power) to sending an email, Hashcash made spam uneconomical. Bitcoin later repurposed these proof-of-work puzzles to become the basis of bitcoin mining, and Back’s Hashcash is even cited as a reference in the Bitcoin whitepaper.

The next step in the inception of bitcoin was made a year later by Wei Dai, a renowned computer scientist and cryptographer.

Wei Dei (1976-)

In 1998, Dai invented b-money: “an anonymous, distributed electronic cash system”, and a "money which is impossible to regulate”. The concept was of a decentralised database to record transactions using a type of proof-of-work.

“I am fascinated by Tim May's crypto-anarchy. Unlike the communities traditionally associated with the word "anarchy", in a crypto-anarchy the government is not temporarily destroyed but permanently forbidden and permanently unnecessary. It's a community where the threat of violence is impotent because violence is impossible, and violence is impossible because its participants cannot be linked to their true names or physical locations.”

Wei Dai, b-money

b-money was a very important predecessor to bitcoin. It proposed a practical way to enforce contracts between anonymous actors, and introduced:

  • public-key pseudonyms
  • creation of money using Hashcash

b-money described the core concepts later implemented in Bitcoin:

  1. requires a specified amount of computational work (i.e. proof-of-work)
  2. the work done is verified by the community who update a collective ledger book
  3. the worker is awarded funds for their effort
  4. exchange of funds is accomplished by collective bookkeeping and authenticated with cryptographic hashes
  5. contracts are enforced through the broadcast and signing of transactions with digital signatures (i.e. public-key cryptography)

Problem: lacked a way to control money creation

Wei Dai

Wei Dai’s b-money proposal is referenced in the Bitcoin whitepaper for his important role.

Dai described two concepts for a protocol. First, a protocol in which every participant maintains a separate database of how much money belongs to each participant, and the collectively agreed-upon database is protected by the cumulative computational energy expended on it, that would have to re-done if the database were to be changed (i.e. proof-of-work).

The second concept was a variant of the first system where the accounts of who has how much money are kept by a subset of the participants who are incentivized to remain honest by putting their money on the line (i.e. proof-of-stake).

Bitcoin uses the former concept. The Cypherpunks understood that there has to be a high, unavoidable cost associated with producing new units of money. What made gold money was the fact that it was harder to produce more of than anything else.
If more units of money could be produced at no cost, then they would. A ledger that was not backed by an unavoidable expenditure of energy, and that could be changed easily, would be changed, because the person changing it would have all to gain and nothing to lose. A system relying on a group of people to keep the ledger honest was easily corruptible.

The Cypherpunks had thus had the debate between proof-of-work and proof-of-stake long before Bitcoin was released, and the debate was settled conclusively in favour of proof-of-work.

Hal Finney (1956-2014)

Hal Finney

The next major step forward was made by Hal Finney in 2004. He created the first re-usable proof-of-work system before bitcoin i.e. making proofs-of-work into exchangeable tokens.

Problem: centralized - validation and protection against double spending was still performed by a central server

Finney was the first person to receive a bitcoin transaction from the creator, Satoshi Nakamoto, and very early envisioned that Bitcoin would evolve in a layered-fashion in the long run. The first-layer of Bitcoin would be slower moving, processing a limited number of high-value transactions, and used for performing final settlement. A second-layer would allow for higher-velocity economic activity without friction, processing a virtually unlimited number of transactions that would be batched together into a single, net settlement transaction on the first-layer at more irregular intervals. Finney envisioned that Bitcoin banking would emerge on this second-layer.

“Actually there is a very good reason for Bitcoin-backed banks to exist, issuing their own digital cash currency, redeemable for bitcoins. Bitcoin itself cannot scale to have every single financial transaction in the world be broadcast to everyone and included in the block chain. There needs to be a secondary level of payment systems which is lighter weight and more efficient. Likewise, the time needed for Bitcoin transactions to finalize will be impractical for medium to large value purchases.

Bitcoin-backed banks will solve these problems. They can work like banks did before nationalization of currency. Different banks can have different policies, some more aggressive, some more conservative. Some would be fractional reserve while others may be 100% Bitcoin backed. Interest rates may vary. Cash from some banks may trade at a discount to that from others.

I believe this will be the ultimate fate of Bitcoin, to be the "high- powered money" that serves as a reserve currency for banks that issue their own digital cash.”

– Hal Finney, 2010

The next major contribution in bitcoin’s pre-history was made by Nick Szabo, a computer scientist, cryptographer, and legal scholar who developed the concept of “smart contracts”.

Nick Szabo

In 2005, Szabo proposed BitGold: a design for decentralized digital currency (and a direct precursor to the Bitcoin architecture), that introduced:

  • timestamping
  • creation of money using proof-of-work

The idea behind BitGold was a money that was scarce (like gold), but portable (i.e. digital), and that did not depend on a trusted third party:

“It would be very nice if there were a protocol whereby unforgeably costly bits could be created online with minimal dependence on trusted third parties, and then securely stored, transferred and assayed with similar minimal trust. Bit gold.”

– BitGold
Nick Szabo

Most digital currencies solved the double-spending problem by relinquishing some control to a central authority, which kept track of each account’s balance. This was an unacceptable solution for Szabo. 

"I was trying to mimic as closely as possible in cyberspace the security and trust characteristics of gold, and chief among those is that it doesn’t depend on a trusted central authority.”

– BitGold

BitGold used an algorithmic approach for posting transactions containing proof-of-work (solutions to cryptographic puzzles) to servers which must agree to these transactions. The proof-of-work hashes were timestamped and chained together to create a record of ownership.

Problem: lacked incentives to keep nodes honest
Problem: lacked difficulty-adjustment mechanism - one token might be made with significantly more difficulty than another, and hence be valued differently, meaning tokens were not fungible

On the Bitcointalk forum in 2010, Satoshi Nakamoto described Bitcoin as “an implementation of Wei Dai’s b-money proposal . . . . and Nick Szabo's BitGold proposal".

The last project from bitcoin’s pre-history that tried to combine privacy-preserving electronic cash with the hard money properties of precious metals, was e-gold.

E-gold was a business that allowed digital payments backed by a physical safe full of gold.

How did it work?

  • When you as a consumer would send a sum of dollars to e-gold, they would purchase a corresponding quantity of physical gold for you, and give you an account at the institution
  • You were then able to perform digital payments through their system, paying anyone on the network with the gold you own in their facility
  • It was, effectively, a centralized Bitcoin with a physical gold safe instead of digital coins
  • Was successfully growing in the 1990s, and arguably was a cheaper/simpler/more convenient way of achieving Bitcoin’s goals

Fatal Flaw: the government could easily shut down their safe and their infrastructure and prevent them from continuing to operate

In 2008, e-gold was forced to shut down even though the judge had ruled they had no intent to engage in criminal activity, and that there is no reason to shut them down. The pressing need for gold to have physical settlement, and the economies of scale from centralization of its reserves continue to make it vulnerable to government capture.

By examining the history of the Cypherpunks, and their extensive correspondences and feedback from one another, it is clear that the various attempts to create digital cash built upon one another, incorporating new breakthrough concepts from the research of other Cypherpunks, and adapting designs where other Cypherpunks had failed. There were many crucial steps over the forty years prior to Bitcoin, and Bitcoin finally tied all these important ideas together.

Far from being Project 0, the release of “Bitcoin: A Peer-to-Peer Electronic Cash System” in 2008 was the culmination of years of tinkering.

Satoshi Nakamoto

Having understood the critical flaw of all the previous digital money designs, Satoshi optimized Bitcoin for one thing: to resist attack by the nation state.

“A lot of people automatically dismiss e-currency as a lost cause because of all the companies that failed since the 1990’s. I hope it’s obvious it was only the centrally controlled nature of those systems that doomed them. I think this is the first time we’re trying a decentralized, non-trust-based system.”

– Satoshi Nakamoto

Unlike previous designs that had a single or a few points of failure that could compromise the whole system, Bitcoin is built to be as decentralized as possible.

“Governments are good at cutting off the heads of a centrally controlled network like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own.”

– Satoshi Nakamoto

To this end, Bitcoin uses a peer-to-peer network model, where information is dispersed across the network from computer to computer using a gossip protocol. Each peer runs the Bitcoin software, and stores and updates a copy of the public record of ownership. All peers are equal on the network, and each node operator can only control their own node, and cannot impose changes upon any one else. There is no single point of failure that can co-opt or kill the system. This is the network structure also used by BitTorrent, created by Cypherpunk, Bram Cohen.

Bitcoin uses public-key cryptography that was pioneered by Diffie and Hellman, and Rivest, Shamir, and Adleman in 1970s. The particular implementation that Bitcoin uses is Elliptic Curve Cryptography. This is used in the generation of key-pairs, and in the creation and verification of digital signatures.

It relies on each party generating a private/public key pair, where both keys are just large numbers that are mathematically related. The private key (a large number) is used to generate the public key (another large number), but the process is one-directional i.e. non-reversible - the private key cannot be deduced from the public key. Everyone exchanges public keys with one another, but keeps their private key secret. The sender encrypts messages with the recipient’s public key. Only the recipient has the corresponding private key to decrypt the message. The sender also creates a digital signature for each message, to prove that they were the one who sent the message. The sender creates this digital signature using their private key, but without ever revealing their private key. This digital signature is then distributed along with the message and sender’s public key. The digital signature is used to verify that the private key used in signing the message is mathematically related to the "public key," without the private key ever needing to be revealed. This authenticates the sender of the message.

Bitcoin also uses the proof-of-work system invented by Back, and used by Dai, Finney, and Szabo.

Adding a cost (time and computational power) to the block creation process makes it very expensive to cheat. If a miner breaks the rules and creates an invalid block, the block will be rejected by the other nodes, and the miner will forfeit all the resources invested in creating the block as well as the miner reward. Proof-of-work also solves the double-spending problem without relying on trusted third parties - in the event of two conflicting transactions, the one with the most cumulative proof-of-work is accepted as canonical by nodes, and the other is rejected.

An algorithmic difficulty-adjustment mechanism is used, in combination with a fixed supply and issuance-halving, to solve the problem of how to control the distribution and rate of inflation.

Bitcoin uses hashing (invented by Merkle). This is the process of taking any stream of data as an input and transforming it into a data-output of fixed size using a non-reversible mathematical formula. This makes it possible to easily generate a uniform-sized hash for any piece of data, but impossible to determine the original data string from the hash. Hashing enables identification of a piece of data in public without revealing anything about the data - this can be used to verify if pieces of data are the same. Hashing is used in creating addresses, digital signatures, transaction identifiers, and in proof-of-work.

Transactions (consisting of locking and unlocking scripts) are hashed, timestamped, and chained together to create this public record of ownership. (Chaum, Dai, and Szabo)

Bitcoin is designed with a limited block space (limited transaction throughput on the first-layer) to minimise the data-storage and hardware requirements for running a full node, enabling maximal decentralisation and resilience of the network.

In addition to reducing the costs of running a full node, Bitcoin provides powerful economic incentives for its users to make Bitcoin survive and thrive, and for new users to adopt it. These economic incentives have enabled Bitcoin to grow quickly, and distinguish it from other cypherpunk projects like Tor that lack a system of monetary incentives, where only dedicated privacy-enthusiasts were incentivised to run a node.

Each of these design features were made purposefully, and entail calculated engineering trade-offs. They are essential to Bitcoin fulfilling its function. They’re not bugs that need to be rectified, or imperfections to be tweaked.

“There’s something unusual about Bitcoin.

So, in 2013 I spent about 4 months of my spare time trying to find any way to appreciably improve Bitcoin, you know across scalability, decentralization, privacy, fungibility, making it easier for people to mine on small devices, a bunch of metrics that I considered to be metrics of improvement. And so I looked at lots of different changing parameters, changing design, changing network, changing, changing cryptography, and you know I came up with lots of different ideas . . . . .

But, basically to my surprise, it seemed that almost anything you did that arguably improved it in one way, made it worse in multiple other ways . . . . made some other aspect of the system objectively worse.

And so I came to think that Bitcoin kind of exists in a narrow pocket of design space . . . . . counterintuitively it seems you can’t significantly improve it.

. . . . . I feel like I have a reasonable chance if anybody does of incrementally improving something of this nature. And basically I gave it a shot and concluded, “Wow, there is literally, basically nothing. Literally everything you do makes it worse.” Which was not what I was expecting.”

– Adam Back

Bitcoin finally accomplished the Cypherpunk goal of privacy-preserving, electronic, free-market money that can’t be stopped by any amount of violence.

“[with Bitcoin] we can win a major battle in the arms race and gain a new territory of freedom for several years.”

– Satoshi Nakamoto

by Darius

Get started with Coinbits

Email Icon

Success! Check your email to verify your address. If you don’t see it, check your spam folder.

Oops! Something went wrong while submitting the form.
Trusted by 10000+ bitcoiners since 2017
Trusted by 10,000+ bitcoiners since 2017.