Ex-Ante vs Ex-Post Bank Fraud and the Nature of Bank Money
by Joseph Haykov
June 18, 2024
Abstract
In this short paper, we formally and mathematically describe how to model counterparty risk, defined as the risk of receiving counterfeit money into a wallet, in a way that allows us to rank alternative blockchain formats based on how secure they are, as measured by the probability of containing undetected but fraudulent payments. Since this also serves as the basis for a legal brief, every logical claim in this paper is independently provably true, either as an empirical fact that is independently verifiable or as a true statement based on mathematical or logical deduction upon which all other claims are based.
Introduction
Bank fraud, such as double spending, indeed constitutes theft of bank money. In legal terms, double spending is analogous to passing counterfeit money, much like issuing a check without sufficient funds to cover it. To fully understand this, we must first define what bank money truly is.
The Origin of Bank Money
Bank money originated as fractional ownership of a real-world asset. For example, shares of IBM represent fractional ownership of whatever the IBM corporation owns, and shares in a REIT represent fractional ownership of a building where the shareholders are entitled to any rental income, net of expenses, in the form of dividends. Similarly, in the case of bank money, the underlying asset that bank money used to represent, when it was first created, was circulating gold coin money deposited in the bank’s vaults. Historically, each bank issued its own money, which represented fractional ownership of the gold they held. For instance, holding banknotes or having a balance in a bank account indicated that the bank owed you a certain amount of gold.
The Transformation through Fractional Reserve Banking
The fractional reserve central banking system, first established in the US in 1913, transformed this concept substantially. In the central bank system, fractional ownership of all gold collectively held by all banks was represented by the M2 money supply. The M2 money supply included cash and bank account money such as checking and savings account balances. Theoretically, M2 represented a claim on the total gold reserves of the banking system.
Arbitrage and the Collapse of the Gold Standard
However, the exchange rate between the issued M2 bank money and the gold held in reserves was often different from the official rate banks offered. This discrepancy facilitated arbitrage opportunities, which, combined with other factors, contributed to the collapse of the system in 1929. This collapse led to the confiscation of gold and a significant shift in the monetary system.
The Shift to Fiat Money
Today, the U.S. dollar, which evolved from this historical context, no longer represents fractional ownership of gold or any other tangible asset. Instead, it is fiat money, meaning that its value is backed not by physical commodities but by the government that issues it (in multiple ways). While the mechanics of money and banking have remained unchanged from the fractional reserve standard, the nature of bank money as a representation of value has fundamentally changed. What hasn't changed, however, is that bank money still represents fractional ownership of a non-existent asset, and as such, can be used directly as money without the underlying asset being present.
The Nature of Bank Fraud
The key point we are trying to highlight here is that under the gold standard, a counterfeit cash bill drawn by hand was considered fake because it was non-convertible to gold at a bank – which would be able to detect the fraudulently drawn hand-made dollar bill. In exactly the same fashion, passing a check with insufficient funds in the account constitutes the same type of fraud: spending counterfeit money without sufficient assets to back it. What it says about fiat money in general is outside the scope of this discussion, but in law, in theory, and in fact, counterfeit bank money is a debit authorization (as exemplified by a bank check) where the account balance would become negative if the full debit amount was deducted from the spending account. This is precisely why double spending is indeed bank money theft.
Peer-to-Peer Banking: Unfettered, Asymmetrically Informed Trade
In general, outside any specific scenario, such as processing Bitcoin or Ethereum payments, in game theory, fraud, such as double spending, cannot exist under the conditions of unfettered, symmetrically informed exchange. This concept is explained by George Akerlof in his seminal work “The Market for ‘Lemons’.” According to Akerlof, when all parties have equal access to information, the opportunities for fraudulent behavior are minimized.
The Role of Asymmetric Information
The only reason why fraud, such as double spending, becomes possible even in theory is due to the presence of asymmetric information. In the case of the Bitcoin peer-to-peer network, nodes are asymmetrically informed about pending payments. This is explained in the 2008 Bitcoin white paper.
Bitcoin and Asymmetric Information
In a decentralized network like Bitcoin, transactions are broadcasted to all nodes, but there is a lag before they are confirmed and added to the blockchain. During this period, some nodes may not be aware of all pending transactions, creating an opportunity for double spending. This lag in information dissemination leads to asymmetry, where not all participants have the same knowledge about the state of pending transactions.
Implications for Fraud Prevention
To mitigate the risk of double spending, Bitcoin employs a consensus mechanism based on the concept of 'proof of work' and requires multiple confirmations before a transaction is considered final. This process reduces the likelihood of double spending but does not eliminate the possibility entirely, especially considering theoretical 51% attacks.
Consensus Mechanism and Multiple Confirmations
In Bitcoin, transactions are confirmed through a process called mining, which involves solving complex mathematical puzzles. Once a block of transactions is successfully mined, it is added to the blockchain, and the transactions within that block are considered confirmed. Multiple confirmations (usually six) are required before a transaction is deemed irreversible, providing a safeguard against double spending by ensuring that the transaction is widely acknowledged and validated across the network.
51% Attacks
The 51% attack scenario involves a situation where a single entity or a group of colluding miners gain control of more than 50% of the network’s mining power. In such a case, the attackers could potentially rewrite parts of the blockchain, allowing them to double spend coins. While this is theoretically possible, it is considered highly unlikely due to the immense computational power and resources required to achieve and sustain such an attack.
Proof of Work and Asymmetric Information
Barring such unlikely scenarios, the proof of work consensus algorithm effectively addresses the problem of asymmetric information about pending payments. By design, the Bitcoin network requires that all nodes agree on the state of the blockchain through the mining process. A single node, the miner, processes each update block, ensuring that all nodes eventually converge on the same version of the blockchain. This mechanism helps to synchronize information across the network, reducing asymmetry and enhancing the reliability of the transaction process.
Conclusion
While Bitcoin’s consensus mechanism and proof of work algorithm significantly reduce the risk of fraud such as double spending, they do not eliminate it entirely. The potential for 51% attacks remains a theoretical vulnerability. Nonetheless, the decentralized nature of the mining process and the requirement for multiple confirmations help to create a robust system that largely overcomes the challenges posed by asymmetric information in peer-to-peer banking systems.
Understanding the role of asymmetric information is crucial in preventing fraud in peer-to-peer banking systems. As shown by Akerlof and the Bitcoin white paper, ensuring all parties have equal access to information is key to maintaining the integrity of financial transactions.
The Key: Asymmetric Information Persists After the Trade
While multiple consensus algorithms are used to mitigate fraud facilitated by asymmetric information ex-ante, or before a block update gets permanently added to the blockchain, the problem of asymmetric information persists ex-post, or after the block update is added and accepted. Aligning with the concept of a 51% attack, it occurs when dishonest miners go back and modify historical transactions in a blockchain. However, the question becomes, how is an independent third-party observer, joining the Bitcoin blockchain for the first time, able to identify which version is honest and which is fraudulent? In other words, what is it specifically that the perpetrator of fraud must be able to accomplish to pass around a fraudulent version of the Bitcoin blockchain?
Of course, there are all sorts of "hacks" people use, such as the 'Longest Chain Rule,' but indeed, the only thing that prevents perpetrators from committing fraud by distributing a fraudulent blockchain version is the digital signature by the miner of the cryptographic hash of the update block. That’s all. While most discussions of blockchain technology omit this inconvenient fact, cryptographic hashes of digital signatures do not ensure immutability.
For example, if we simply mandate that all wallet owners must authorize debits by digitally signing them, and then add cryptographic hashes, this does not make the blockchain immutable. The reason is simple enough – anyone can go back and double spend in the past using the following technique:
The perpetrator of fraud has two wallets, A and C, with 100 coins in A and none (0) in C.
The perpetrator sends money to B as follows: pay 100 to B, signed by A.
The perpetrator then, ex post, after the fact, replaces in the blockchain "pay 100 to B, signed by A" with "pay 100 to C, signed by A" and recalculates and replaces all the subsequent checksums (hashes), leaving no one the wiser that they have a fraudulent blockchain.
What precludes this from happening, barring various "long blockchain" hacks, is that the miner digitally signs the update block’s cryptographic hash with their private key, and this is what, in fact, makes the blockchain immutable—the fact that the perpetrator needs to also have the miner’s private key in order to modify the historical blockchain in such a way as to make it appear authentic. In this sense, if the FBI knows who the miner is and asks, legally, firmly, and politely, for temporary access to their private key, then they have no problems "stealing" any Bitcoins from anyone they wish.
This type of "steal-back" fraud, unlike double spending, can occur after multiple blocks have been added to the blockchain, long after the transaction has taken place, well after payment recipients feel their coins are safe in their wallets. This makes the entire system uniquely insecure and vulnerable to ex post theft. Moreover, unlike the probability of committing ex-ante double spending, which is minimized because there are multiple nodes monitoring block updates, the probability of committing ex-post take-back fraud using asymmetric information can be modeled precisely and mathematically, based on the number of private keys one would need to gain access to, in order to replace all of the digital signatures that secure the blockchain against fraud, namely the digital signatures of the hash value of the updated block.
And here is where TNT truly shines, because we solve the problem in the simplest way possible: we require every single wallet, bar none, to sign every single cryptographic hash of every single block update to the TNT blockchain, making it provably immutable. Any take-back (or steal-back) attempt would necessitate the private key of every single wallet in the entire TNT bank – and if everyone agrees, barring involuntary exchange, which is impossible as you can simply unplug your peer-to-peer server, then is it really fraud?
Thus, for example, in Ethereum, if the FBI knows who the validators are, they can steal back any Ethereum coins they wish, by asking for their private keys. But you can’t steal back TNT one-true money coins, because every single wallet on the TNT true-no-trust blockchain must sign the transaction in order for it to be considered valid and included in the chain. This proves that the TNT true-no-trust blockchain is relatively more secure than any competing alternative blockchain file format, as it requires knowing the maximum number of private keys, out of any competing alternative, in order to commit fraud ex-post in a true-no-trust TNT blockchain.
The key here is that when trading physical assets, which by definition are immutable, fraud facilitated by asymmetric information can only occur in the past, or before the transaction takes place. With blockchain, however, because of possible future changes, only those blockchains that are guaranteed to be immutable are future-fraud-proof. To be future-fraud-proof, a blockchain must be as difficult as possible to modify (or mutate). Thus, the more digital signatures in a valid update, the more secure the blockchain becomes, as more private keys must be obtained by the perpetrator of fraud to insert undetectable fraudulent transactions into a blockchain.