First up, I want to recognize that this is an uncomfortable topic! Bitcoin is inevitably changing towards user-pays, and that's not all positive. But facts we don't like are still facts: can't engineer a solution if we can't think about the problems.
There are three kinds of bitcoiners.
A. Those who can afford any fee.
B. Those who can afford a UTXO, but not often.
C. Those who can't afford a UTXO.
Nobody worries about the A group (and in the early days, that was everyone). Obviously Lightning (my area!) caters to the B group, and we want it to be as large as possible. To do this we can (1) make lightning as resiliant as we can so onchain spends are rare, (2) make bitcoin as efficient as possible so we can cram as much as we can into what we have.
(1) Making lightning more resilient and reliable is engineering. Lots of people working on this, even before we get soft-forks which could help further.
(2) More efficiency has two benefits: obviously if your own onchain spends are 20% smaller, that's 20% cheaper. But if *everyone's* onchain spends are 20% smaller, that means fees are lower *for everyone* too (and it's non-linear). So we really care about all Bitcoin usage! Some things are obvious wins: Taproot so you can avoid even putting the script onchain in many cases, FROST so you can cram your 2 of 3 or other scheme into a single key and signature. We know we want to get more aggressive with sharing one signature across multiple inputs (Cross Input Signature Aggregation), but that needs a lot more research, and a soft-fork.
But even with all these, the math is clear: some people, even if you somehow gave them their wealth in a UTXO, it couldn't afford its own fees to spend. The C group is real. Spoiler alert: we don't have an answer for this! But let's look at some approaches people have tried.
Firstly, there are attempts to move these people into the B group: give them long enough that maybe fees will reach a point they can afford. This seems unlikely to me:
1. As fees increase everyone will start doing the work to take advantage of low fee times, and that itself means that low-fee times won't be so low.
2. These schemes tend to increase onchain footprints, so they need fees to drop a lot to overcome that (typical is 2x the transaction size, so you need fees to halve to gain anything).
3. If you really can't afford the fee, you probably also can't afford to wait.
4. You still haven't actually dealt with those who really, really can't afford the fees. Ever.
Another suggestion is that someone (e.g. a lightning service provider) will lock up funds which would cover fees, in case something goes wrong. This doesn't work economically, because nobody is paying $100 for a $5 user (not at scale), but it doesn't even work mathematically: the reason some people will have small UTXOs is because there are not enough sats for 10 billion people with any realistic distribution.
There are two basic approaches left:
1. Group people, so they fall into the B category (i.e. onchain tx is possible, but expensive).
2. Trust someone, but rely on incentives.
1. Grouping people is possible, but they need to work together if somenthing goes wrong. So grouping inside a community is probably better than grouping with randos.
For example, there are various tree-of-transaction schemes where you go onchain only if the coordinator fails/goes rogue, and how much it costs you depends on whether anyone near you in the tree pays to get themselves out. These are basically free if nothing goes wrong (one UTXO required for thousands of users!). But this is subject to ghettoization, where the coordinator makes sure all the C people are grouped together, knowing none of them can afford the transactions they need to get their funds back. It's particularly bad because the coordinator can insert its own fake "whales" to make it look like it's not ghettoized.
You can play with incentives here, too: more research needed. The details matter!
2. Relying on incentives.
As a simple example, lightning-connected e-cash mints. They can't rug individuals very easily, they have to rug everyone together (or go fractional and rug the last ones to exit). Maybe with enough anonymity and reputation, these would be Good Enough.
More ambitious would be a single UTXO held for multiple people by a coordinator. Can we make it so that if a coordinator is dishonest, you can force them to burn your funds? Maybe burn more than your funds (ie. a bond)? Won't get your money, but it aligns incentives so they're not motivated to rug you. The details here really matter!
There's a cute scheme which has been proposed where the coordinator pays a temporary bond, and asserts that they actually have everyone's signature to transfer the funds. If nobody challenges within a week, they get the bond back and the funds move. If someone challenges, all the signatures are put onchain, and if they're not all valid, the bond gets half-burned and half-given to the (successful) challenger. This is hard to make work, though. Someone needs to get the money to challenge (hard if you don't have the money in the first place, plus it's hard to prove to someone you *didn't* sign something!), and then make sure nobody gets the challenge bond before them (in particular, a dishonest coordinator, seeing the game is up, completes the successful challenge *themselves* and gets half their bond back), and make sure someone can't grief and delay the settlement indefinitely or bankrupt the coordinator.
More research needed, here, too.
Summary
A longer post than I had expected to write. And it's buried in the middle of a thread nobody will read. (I do this sometimes. I suck at marketing I guess!)
Sub-fee bitcoin amounts will have tradeoffs, involving trusting someone who has more money than you (at least, in someone's competence, even if their *financial* incentives can be made to match yours). This is difficult to build well, and not a very exciting thing to build today, so it hasn't really happened (custodial things are much, much easier!).
This is also a key reason I believe we need to make Bitcoin more expressive: if we can do *more* with our own UTXOs, we can build better solutions. And by "we" I mean "someone smarter than me" of course!
Feedback welcome!
I read it, but way too technical for me, so I’m glad you’re thinking about the problem!
Let’s break this down in simpler terms:
Bitcoin is evolving, and that change means users will increasingly have to pay for transactions, which isn’t always good news. But we need to face this reality to find solutions.
There are three types of Bitcoin users:
1. Group A: People who can afford any transaction fees without worry.
2. Group B: People who can afford fees but need to be careful with how often they transact.
3. Group C: People who can’t afford to make transactions at all.
In the early days, everyone was in Group A, but now most people are in Group B. The goal is to keep Group B as large as possible. We can do this by:
1. Making the Lightning Network (a way to speed up Bitcoin transactions) more reliable so people don’t need to make on-chain transactions often.
2. Making Bitcoin transactions more efficient so they cost less.
However, even with these improvements, some people (Group C) still won’t be able to afford to make transactions. We don’t have a perfect solution for them yet, but some ideas have been tried:
1. Wait for lower fees: Some hope that if these people wait long enough, fees will drop, but that’s unlikely because many people will be trying to do the same thing.
2. Cover fees for others: Another idea is that a service could cover the fees for people who can’t afford them, but this doesn’t work well because it’s not practical or sustainable.
The remaining options are:
1. Group transactions together: This means combining transactions from multiple people to share the costs, but it requires cooperation and trust within a group.
2. Incentivize honesty: Create systems where a coordinator holds funds for many people, with built-in safeguards to prevent dishonesty. This is complicated and needs more research to make it work reliably.
In summary, dealing with sub-fee amounts in Bitcoin involves trade-offs and challenges, particularly around trust and financial incentives. It’s a complex problem that needs more research and creative solutions, but improving Bitcoin’s capabilities is a key part of the solution.
In 2. Relying on incentives.
A system that can rug everyone is kinda bad isn't it? Eg: I don't put lots of funds in Wallet of Satoshi. If WOS rugges everyone, I lose a little money. But WOS rugging everyone is attractive isn't it. There's a lots of bitcoin locked in them.
Also, I'm wondering is it hard for entity like WOS to implement ecash into their system as a default. I'm already trusting them with a little money, if they turn everything into ecash, it least I can get privacy.
Yes. If you're going to use a custodian, ecash is a win.
Doesn't it make it rugpulls more likely? So far I didn't notice any LN custodian rugpull but several ecash mints already did.
It's the exact same risk. Which ecash mint rugged pulled, I didn't hear of a single one so far, can you provide examples?
If people behind custodian are known, they can be regulated by state and forced to deanon their users. If they aren't known, they can rug pull more easily.
I don't know exact. I just heard it
custodians mint can decide to make them known and be regulated in the same exact way, the only difference is that they cant offer a cleartext database of their clients.
I think we can elaborate a better solution than state surveillance that incentivize to not rugpull.
Pls do. Cos as it stands, ecash has low chance of being implement at scale
Great note. The grouping (with right incentives) that we can do right now is to open some channels on Liquid and bridge the payments. It's one network. The peg ins are essentially the grouped UTXOs.
Here's how to do it:
https://juraj.bednar.io/en/blog-en/2023/05/07/expanding-the-lightning-network-to-serve-billions-a-quick-win-strategy/
nostr:note1ye7xjjh8tu79rd8m4pu0fu48s860ldkwun3k7wq3ulvjp67n6ysq9sg5e9
Isnt Liquid just a corporate Shitcoin?
They own your BTC, you own their L-Token. They can censor your transactions on their network. It is not decentralized, the network is owned by a couple coporations.
Why should we go that path at all?
Whats the big difference to using WBTC on Ethereum?
WBTC is one entity, Liquid is a contractual consensus of financially unrelated entities who would need to block you by majority. Also, lightning payments backed by Liquid channels don't go on chain, so they don't have much say about payments (this is very different to for example wallet of Satoshi, they can do lightning payment level censorship, Liquid not so much).
Also, since it's one Lightning network, you can get out through independently operated bridge, not through their multisig.
Yes, it's not Bitcoin mainnet, but it has pretty good balance of fees vs privacy vs distribution of decisions for many smaller channels that would otherwise not be possible.
As it is not Bitcoin, it is a shitcoin. Its owned by some corporate entities which get all the fees and they can censor you. If they have that possibility, they will use it when the Feds ask them to. Maybe not now but in a couple of years when Liquid infrastructure is built.
To me it is just unfathomable why BTC Maxis simp for Liquid. It is the most anti bitcoin thing i can think of.
I am not a btc maxi.
I told you that you can choose when it's useful, some people want to participate in lightning but the fees will price them out.
Also - which FEDs? The signers are geographically distributed.
It is a tool that can be used in some situations. This bitcoin-shitcoin thing was cool three years ago, now we talk about real world solutions to real problems.
Also, there's not one "we". Someone wanting to dollar cost average 3$ per month to escape extreme poverty has a very different opinion on what is a corporate shitcoin and what is useful to them.
Sure there is not one "we".
But how many people do you know which want to dca $3 a month into BTC and think they will escape extreme poverty that way? On a ledger where a transction costs you often more than $3?
I think thats all just made up stories to justify crappy, corporate scaling solutions, so crappy that i rather use cash and a credit card instead.
Same for FEDI. If dont even have custody of our funds, we can dump that whole idea of freedom money immediately, embrace the CBDC and get some vaseline so the state can fuck us better.
Relax, the world is not black and white,.
Yes, I do know of this problem and it's real. nostr:nprofile1qy88wumn8ghj7mn0wvhxcmmv9uq3kamnwvaz7tmwdaehgu3wdaexzmn8v4cxjmrv9ejx2a30qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg3waehxw309ahx7um5wgh8w6twv5hsz8rhwden5te0dehhxarj95cjumnzduhxzmn8v9hxjtnrduhsz8rhwden5te0dehhxarjv9n8y6trvyh8qcmyddjzuenedyhsz9nhwden5te0dehhxarj9e5kummnw3sjucmr9uq3gamnwvaz7tmwdaehgu3wd4skgmewd9hj7qgcwaehxw309ashgtnwdaehgunhdaexkuewvdhk6tcpz4mhxue69uhkummnw3e8xct5wesjumn9wshsqgzu4kpv3x8wvcqnwyv5t4587lv4f8mytgq3s3na4ch4uf6vtxxklunvhgqx speaks about it a lot for example, helping people in Africa get onboarded. On-chain fees are a real problem and we should not price out some people just because we think everything should be solved only in one way.
Bitcoin is about open mind, expanding options, competition of ideas, not about some predetermined unshakeable ideology.
Hal Finney understood and wrote about this in 2010, as did Nick Szabo. https://rextar4444.medium.com/hal-finneys-theory-of-bitcoin-backed-banks-6b6484880c14
We will use plenty of technologies and let people choose their price sensitivity and need for privacy, security and censorship resistance.
Your word in satoshis ear :)
On chain fees are a problem, 1mb block sizes in 2024 as well, still missing privacy is the biggest problem to me.
I like your approach, we shall build pipes between different technologies.
Still we need to see that the foundation for future payment rails is being built right now. If we accept to scale through custodians ( and Liquid is also a custodian, they take your BTC, they give you their L Token ) , then we lose the properties which made Bitcoin revolutionary far before we reach any mass adoption.
The more people get onboarded and use a custodial technology, the harder it will be to change it later on. And the easier it is to force KYC. The problem is similar with custodial Lightning.
BTC used through custodians with a transparent chain can easily become the CBDC everybody is afraid of.
Great note. The grouping (with right incentives) that we can do right now is to open some channels on Liquid and bridge the payments. It's one network. The peg ins are essentially the grouped UTXOs.
Here's how to do it:
https://juraj.bednar.io/en/blog-en/2023/05/07/expanding-the-lightning-network-to-serve-billions-a-quick-win-strategy/
Liquid is a "trust someone" solution. There are precautions to avoid targeting particular users (confidential amounts and assets) similar to ecash, but it's still a custodian.
We can certainly argue it's a "good enough" custodian, given the number, reputation and legal consequences of failure, but it's still a custodian.
Yes. A distributed custodian at least, which is very unique (basically I know of only Fedi attempting to do it this way, and Cashu doing multimint payments, so distributing the risk by amounts).
And it's chain level compatible with Lightning and can be one network.
You could even bridge your coins to channel backed by mainnet Bitcoin, or pay from both channels atomically.
Or do things like "bump this mainnet channel when fees are low, but in the meanwhile accept through Liquid".
I know this isn't the conversation you're having, but this just made a question come to mind...
Legally speaking, when you peg into something like liquid are you selling your Bitcoin for L-BTC or is L-BTC your receipt for them custodying your BTC. I guess the same question could be asked about Cashu/fedi? Or maybe we don't have legal frameworks for these things yet (most likely I guess)
Great question! I guess we should avoid all legal questions ideally and simply rely on incentives.
Depends on the country, but in Slovakia, if the unit is the same, then it's not selling, just changing form. That is one of the best use-cases for Monero in entrepreneurship.
Say you want to have a Bitcoin reserve in a company, but also want to pay suppliers with some crypto. Sale is a taxable event that goes to weighted average and triggers capital gains. So actually buying Monero and spending it at the same moment is a tax free event (buy and sale price are the same, minus the fees), but doing it with anything Bitcoin (does not matter if Cashu/fedi/lightning) would be taxable event. Of course you can also use stablecoins.
You mean like doing a swap from bitcoin to monero and having that monero being send to the person you are paying? Doesn't that count as a sale and trigger cap gains?
no, swap fiat to monero, just to not have to use banks for payments.
selling bitcoin would be a tax event. buying something else and then immediately using it all to pay an invoice is tax zero.
so you can both save Bitcoin as a company and use advanced third millennium payment technologies (i.e. Not legacy camping system)
Ah you buy just the right amount of monero at an exchange (plus a bit for fees) and send that to the person you are paying? Could also keep a balance in a stablecoin and swap what you need to monero then.
no, you can't. at least not legally without tax in most countries.
if you don't want to pay tax, there needs to be no capital gain, so the exchange rate has to be the same. you have to buy and use all the monero for payment, holding zero at any moment.
Yes, I was referring to holding stables and swapping that to monero and then spending all of the monero.
That only works if your there is a stablecoin that is the same denomination in your company's accounting currency.
I like to think of ecash/liquid as stablecoins pegged to bitcoin rather than custodians. They succeed/fail on the same basis, but with the huge advantage that issuers can fully settle with eachother in the backend over the lightning or base layer network, and can have shared custody of reserves accross jurisdictions.
I loved the incentives part. Especially how to hinder "cannibalism", where a single actor challenges themselves and make it look like a contest.
Don't trust all you see, huh?
Summary of how Bitcoin devs are thinking about the future
nostr:nevent1qqszvlrfftn470z3kna6s78572ncra8lkm8wfcm08qg70kfqa0fazgqpz4mhxue69uhkummnw3ezummcw3ezuer9wchsyg83wf2cdfqzcp4weqvdz3u2gk42phqkc75ufp5ajlp4qvmdzmuwgvpsgqqqqqqsryrpy8
Great points!
I’d encourage everyone to read @LynAlden‘s book Broken Money. There is anthropological evidence that “2. rely on incentives” works. Specifically Chapter 4 “A unified theory of money”.
Ecash community banks in local high-trust environments are basically a social credit system. Or a “proof of punch” system to quote @obi.
This is in contract to global low-trust environments that requires final settlement of commodity money. This would map to Bitcoin over Lightning (between banks and self-custody solutions).
8B people could use bitcoin today without a soft-fork with 10M community banks at an average of 800 users per bank. In reality things would obviously look much more heterogeneous with people using self-custody wallets, full custodians, ETFs and everything in between. But I don’t see why local community banks couldn’t be a part of the solution.
This is also how banking works in many places today. For example Germany has a very decentralized banking model with about 1500 banks. 70% of deposits are held at local community banks and credit unions (Volksbanken Raiffeisenbanken).
My point is with all these technical discussions about scaling, we shouldn’t forget about human nature. People are more likely to adopt bitcoin if it works in a way they’re used to. We should learn from history and not ignore anthological evidence. That means relying on local trust and incentives where appropriate.
This is excellent Rusty .. thanks 🙏
Currently this sounds like a place for #CashuMints to feel at home in ^^
Very detailed and real problem for those who can’t UTXOs. I don’t know much about this and hope a solution is found. Thanks
Rusty are you not underselling 2 here? Where we can of course get 10 / 20% gains with improvements like taproot and Frost lightning can represent 90-95% efficiency gain over the lifetime of an individuals bitcoin usage.
We still have the limitation of the # of satoshis that exist and the # of UTXOs that can exist, but this pushes against blockspace driving the threshold of subfee UTXOs as well
It's hard to get exact numbers, but a significant fraction of the world will not have enough money at one time to spend a single UTXO. This is clear from the uneven distribution of wealth and the inevitable rise in Bitcoin fees.
Too long didn't read
maybe this helps: A summary done by https://venice.ai
The main issue discussed is the growing divide between those who can afford Bitcoin fees (A group), those who can afford UTXOs but not often (B group), and those who cannot afford either (C group). While solutions like Lightning Network help the B group, there's no clear answer for the C group. Various approaches have been tried or proposed, such as moving people into the B group, locking up funds to cover fees, or grouping people together. Two main approaches remain: grouping people through community cooperation and relying on incentives.
Grouping people can work within a community, but it's subject to ghettoization if the coordinator exploits the system.
Relying on incentives involves schemes like e-cash mints, single UTXOs held for multiple people, or more ambitious proposals that align incentives against dishonest coordinators.
The importance of making Bitcoin more expressive is highlighted, as this can lead to better solutions. Overall, finding a solution for the C group remains a significant challenge requiring further research and development. Can you make it a little shorter?
doing self-mint = running LN node
Thanks for sharing all this Rusty. It's nice to have some high quality content amongst all the noise 😃
Innovations on upper layers are welcome but changes to the core L1 protocol should be a last resort, to solve some existential problem that cannot be solved in any other way.
We don’t have a scaling problem yet. We probably will in the future, but we don’t have one now. We don’t need to rush out solutions ahead of time. We should just do R&D and deploy candidate proposals elsewhere to other working systems to gain experience with them.
When we do face a scaling problem, we should allow the pain of it to motivate solutions on upper layers before we entertain changes to the core protocol. Necessity is always the mother of invention and the pain of the actual problem may motivate solutions we didn’t consider before.
We also need to keep in mind that L1 transactions are not for buying coffee. L1 is for safeguarding the world’s money. We can’t continue to mess it up (eg. witness discount). Future generations are counting on us.
Last time I watched 4Sats/vB, currently 7.
We have no current scaling problem.
Don't touch the baselayer!
Lighting will succeed. It's better than most think.
I like the direction this is going in. Consider that larger transactions can afford higher fees for priority inclusion.
Perhaps one needs to accept that there will always be a Group C, and nothing can be done to prevent that. So, the goal should be to expand Group B as much as possible.
Indeed, that's the current effort, in every direction. But it definitely has limits.
As long as people keep pondering the subject the answers will come
necessity is the mother of invention
unaffordable if you think in terms of fiat.
If you think in bitcoin terms, 2 to 3% transaction fees for an inmutable store of value is nothing.
Even in real estate you have to pay 5% to the broker and 2% transfer tax paid to the state and city.
If your house is worth 500k, you have to pay $35,000 in fees.
Bitcoin is a much better store of value, so paying 5 to 7% is still a bargain
For his group C I suspect the fees will be >100% the value they're trying to move. Not everyone will be bitcoin rich. Most folks will be transacting in amounts that would be less than the transaction fee for a global settlement later txn no matter what you denominate the amount in I expect
Some good points here but it’s ‘Maths’ not ‘Math’
British vs American English, sorry.
IMO your #2 incentives based system will happen inevitably. Like a new free banking system based on BTC. Some will be good, some will take too much risk, some will be crooks. If there are enough options then the good win out overall and the overextended/crooks fail often and early enough for the system to remain healthy on the whole
I somewhat agree: "trust somebody" can be quite efficient. But it's prone to bad incentives (undeclared fractional reserve) which can drive out good actors (who are not as profitable) *then* collapse. I know nostr:nprofile1qqs9pk20ctv9srrg9vr354p03v0rrgsqkpggh2u45va77zz4mu5p6ccpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsz9thwden5te0dehhxarj9ehhsarj9ejx2a30qythwumn8ghj7un9d3shjtnswf5k6ctv9ehx2ap09krt7g has thought about this a fair bit, and has a rotating ecash solution which may address it well enough?
Undeclared fractional reserve would definitely fall under the crook category- I’m certain that will happen somewhere in this market of “banks”- but at what scale? Am I naive in thinking there’s some kind of social layer within this community that would enforce transparency to allow a mint to even get large/popular enough to be systemic? Over-engineering “perfect” solutions and leaving nothing to the social layer comes with its own complexities, unforeseen consequences and never mind UX/scaling issues…
I’m also curious to learn more about this rotating e-cash though thanks for bringing that to my attention 🙏🏼
C group worst case can use custodial bitcoin .
You could have custodial services that accepts being audited on permannant basis
This is still 100X better than FIAT
This is why I believe there is a use case for silver coinage used for in-person, everyday, transactions. Private, bearer assets
Does drivetrain a la Paul Sztorc theoretically improve this in any way?
Not really, that I can tell. The custodian you are trusting there is the miners.
You can have public and private bookmarks on Amethyst ... works well!
Great comment Rusty!
Just the basic idea of identifying that there are 3 groups of people (can afford; can sometimes afford; and cannot afford a UTXO whatsoever) is a huge upgrade over past conversations, which tend to jump straight into technical details and gloss over the actual user profiles and market demand.
Personally, I agree that more research is warranted. I’m not particularly optimistic on UTXO-sharing as a solution for people who can’t afford standalone UTXOs at all because of the group coordination cost, “Tragedy of the Commons”issue (LN counterparties are heavily incentivized to police their LN channel state, whereas in a Timeout Tree you can freeride others to do the policing for you, leading to no one doing it at all), “ghettorization” issue as you mentioned, and the inevitable complexity of any such solution. Secondly, did anyone bother to ask whether users like sharing at all? Why would they opt for a complex sharing solution when they can use something like gold for savings.
I’m slightly more bullish on locally-run ecash mints where people fall back to long-built relationships and hard-earned reputation to prevent cheating. Basically, use the social layer to address a technical limitation.
I like your quote here: “can’t engineer a solution if we can’t think about the problems.” That’s a great way to think about it. As someone else once said, the most common mistake engineers often make is to “optimize for something that shouldn’t really exist”. I’ve seen it happen way too many times, being an engineer myself. Just because UTXO-sharing with large N is possible, doesn’t mean it is ideal or will actually have a market.
In the spirit of thinking deeply about the problem (and not the solutions), it would be wise to also visit assumptions such as there will be 10 billion people who want sovereign UTXOs and the responsibilities that come with it. I think that assumption is highly unrealistic. IMO the actual demand will remain well below 500 million people, realistically more in the range of 100-200 million people. Being your own bank, as it turns out, is quite a heavy burden.
So if you believe in these numbers, Bitcoin does not have a scaling problem. At the very least, it’s not urgent at all. The math might work out by just making current things as efficient as possible.
This is only a problem for maximalists.
We have several ways of scaling vertically (what you described) and horizontally (through other chains e.g. XMR,...)
We already go for Max node decentralisation in BTC, so other chains don't need to go to full extremes.
I think it's a great breakdown. And ultimately, the answer partially comes down to 1) trust+incentives and 2) grouping.
However, I would add one more important variable to your bitcoiner kinds analysis: the desire to have a UTXO, or the lack thereof.
Engineers/developers often start with the scaling problem assessment by saying, "okay assuming all 8 billion people want to use bitcoin non-custodially..." which might not be a valid assumption.
So to recap your list:
"There are three kinds of bitcoiners.
A. Those who can afford any fee.
B. Those who can afford a UTXO, but not often.
C. Those who can't afford a UTXO."
I would expand that by saying there are six kinds. There are each of those three categories, and then also a yes/no for each of them for whether they want a UTXO in the first place. (And in reality, a bit more nuanced than that, as there are certain contexts where they might want a UTXO or not, or levels of desire to have a UTXO.)
We don't yet know what percentage of people will want to have some sort of cryptographic control (and thus ultimate responsibility) over their money, either for personal reasons, or situational reasons, etc. For many people, a custodian with proof of reserves and external auditors and rule of law in a good jurisdiction, and someone to call for support if there's a problem, is what they want. And, maybe an ecash wallet run by a federation of power users they trust as their daily spender wallet if they (hopefully) value privacy.
Others are power users by choice, or they're in a more uncertain/hostile environment where they need to become a power user, and thus they want to acquire some or all control over their funds.
So I tend to look at the problem set in terms of optionality. Ideally there should be plenty of reasonably easy-to-use methods for people to gain more control and/or privacy over their funds.
The solution set is already quite large and growing, and every fee spike incentivizes and accelerates more scaling for those solutions. And even with more expressivity, there are still inherently limits on being able to enforce scaling layers back down to the UTXO for the smallest users of those layers, which means there will always be a use for the social layer, and the various trust/incentive/grouping economies of scale that come with that. Division of labor.
(Hi, Lyn, long time fan!)
I'd push back on this, a little. There are definitely cases where I won't have a UTXO, but all the cryptographic solutions I've seen to handle others' failure (malice or incompetence) devolve to me obtaining a UTXO.
In times (and places) of high trust people may forgo this security, but if you can afford it, why would you? "Verify, don't trust" is our entire motto at Blockstream, and while I am not my employer, it resonates.
In my mind, forgoing cryptographic protection for your Bitcoin, if enough people do it, is akin to detaching your issued currency from gold. Seemingly a minor technical detail which has no immediate effect, perhaps. Obviously nobody would be foolish enough to do that, though! 😬
Long time fan from my side too!
To answer your question of why people might forgo this security if they can afford it, I think there are several reasons.
The main one is responsibility and convenience. If you're ultimately responsible for maintaining keys or similar cryptographic material, then that's a significant responsibility and not everyone wants it. Some people just want a bank to hold it, to insure it, to have someone to call or help them login or whatever the case might be. Especially when we're not talking about a huge amount of money.
Additionally, we can think of this for other areas.
-Some people would rather rent than own a home.
-Some people don't want to bother with knowing how their car works at all.
-Some people want to just buy a computer rather than assemble one themselves.
-Some people don't want to grow any of their own food.
There's generally a division of labor, prioritization of attention or concerns, etc. For many of us in this industry, we prioritize control over our money, our communication methods, etc. And we like to spread the importance of this to others, but for all we know we might only reach a similar % of people holding their own money as people growing their own food, for example. I'm not really sure.
If I think back to 15 years ago when I graduated college, had tons of student debt and a little bit of cash in the bank, monetary sovereignty was not my priority. The state coming to take my little checking account or my well-audited bank rugging my funds was not high on my list of concerns or likely scenarios. The version of me now takes that more seriously. But I wouldn't look back and say that the less financially well-off version of me was locked out of doing so; the benefits of doing so just weren't huge compared to everything else.
And in a world of tools like ecash and so forth, I think people across jurisdictions will have a lot more options in the future for how much privacy they want, how much security they want, what jurisdiction they want it in, etc.
Speaking of Blockstream, I was on the record back in 2022 saying we can't judge Liquid's attractiveness in a low-fee environment, in defense of Liquid when people criticized it for not being heavily used. There's clearly a useful trade-off there among multiple metrics, and in a low-fee environment it just wasn't a priority for a lot of people. It got a bit more attention and implementation amid these more recent fee-spikes.
And there are teams looking to make optimistic fraud proofs or other things to make federated trust models even better, without requiring more base layer expressivity per se.
You're orders of magnitude more technical than me of course, but my emphasis here is on the economics and incentives. Prior to fee spikes, there was all this design space just not being explored or funded as much. And when they were explored and funded, people didn't use them much, which didn't exactly encourage people to spend money or time on the next exploration. Necessity is the mother of invention, and so now there's a bunch of well-funded teams building all sorts of stuff. Fees and constraints tend to do that.
Which again is not to say I'm against expressive changes, but rather that there's still a lot of design space which can be accelerated in a high-fee environment, and there's still a lack of clarity on which solutions people will gravitate to or what percentage of people will value certain privacy or security details.
Sorry for the delay, I've been dwelling on this a little. I think that self-custody is easier than many alternatives, unlike with cash: I use Green wallet myself which shows how you can have support while still having ultimate control. I believe Casa have a similar product for larger custody. I hope to see this kind of offering mature, and be attractive beyond the DIY crowd: Bitcoin insurance will be necessarily limited, there are going to be more high profile custody disasters. Also, there's a possibility of generational attitude change: if fiat becomes noticably worse, many people will expend effort looking after their money.
However, that's somewhat of an aside. The question was not those who choose not to custody, but those who can't. What guarantees can we give them, if we can't give them a UTXO? I think, and hope, we can do better than "you all need to trust one of these few people". But I agree this will only get its due attention when enough people are in that group: for now, the low hanging fruit is improving lightning and other L2s which can simply fall back to a UTXO each.
The way I look at it is a lot of people will be pushed off chain eventually. The 2nd layers will come with less benefit of the decentralized transactions on the base chain, but they will still be able to send money in a generally trusted way and still reap the benefits of using a money which can’t be debased. Currently people are stuck with shitty fiat or proof of stake networks which also have the same issues as fiat
Some layman’s thoughts here… could a system be created whereby users in group B or C could send their small trapped amounts to a single depository address, run by a charitable mining pool/org, with zero or close to zero transaction fee.
Miners in general wouldn’t pick up these low value transactions, but the mining org would know that they were for processing and would then mine those transactions and refund the amount to a Lightning address. So the original user can then use their otherwise trapped funds.
There would have to be some benevolence here from the mining pool/org, (as priority is given to low value transactions from the mempool) but it does mean consolidation of trapped UTXOs, and perhaps a small fee can be taken (so 95% is returned).
This could be seen as a “for the health of the network” and “improving adoption” initiative that bitcoiners as a collective could support.
Mints for group C sound great, but how does a sub-fee UTXO get to a mint in the first place? Only way I see is you earn your first sats from a mint, ie never have a UTXO. Am I missing something?
In that model, you never have full custody. Someone sends money into the mint and they hold it on your behalf.
The ability to transfer channels without an on-chain transaction is on the way.
When you can rent instant liquidity when needed, and return it when it's no longer needed, all without any on-chain transactions, a lot of the current problems with onboarding new users with non-custodial wallets will be solved.
Lightning is cool, but still very much beta software and not ready for mass consumption by people that use 0000 as their PIN.
For some people, right now, a custodial wallet where someone in support can help them when they forget their password is not a bad compromise.
Great topic. My talk at BTC Prague was in this vein (https://www.youtube.com/watch?v=4YwqTG9xtKQ). The three groups are a good start, but we can push much further and look at income-level categories around the world, prioritize use cases based on impact, estimate efficiencies tech improvements will bring, etc, and then construct possible futures from that. My talk was not about finding final answers, that would require a much more comprehensive effort (which I'd love to see), but about digging layers deeper than the conversations I've seen happen. More of this please.
Getting me thinking! 🤔 TY
Oddbean new post about login | logout 