Clams, Coins, Cards and Cryptocurrencies - how it all happened

Welcome to 2018. The year that science fiction plots start needing to be dumbed down. For what has become realistically technologically achievable is straining the limits of the typical bounds on imagination.

My grandfather likes the internet. Truly, in the sense of the word that means, to find agreeable. It’s an odd affinity for an 82-year-old man to display, yet, he does, finding delight in having 10 kilos of potatoes delivered to his doorstep with the exertion of just a few clicks. Needless to say, my grandmother is not the biggest fan of this new-fangledness. This becomes very slightly relevant later, but more importantly, it immortalizes my grandparents in the small, meaningless instance of my first real blog post.

This is a post about money. A concept that I have found both intriguing and abhorrent, by way of what it controls and what controls it. Inevitably, a scientific curiosity prevails, and I find myself unable to resist trying to understand it, poke it, make it do things, and dare I dream, control it. But then, the scientist’s siren is a force that shapes the world, and money is certainly that.

More specifically, this is a post about the evolution of money, on a somewhat reverse-logarithmic scale that skims over the past and stretches out the present.


Let’s start where it all begins.

What sets human beings apart from the rest of ‘intelligent’ life on earth? It isn’t language, animals communicate in myriad ways. It isn’t feet, because bears have feet. Nor is it civility, as ill-defined a concept as that tends to be (and as far from any notion of it as humans are wont to stray). Tempting as it might be, the answer isn’t money either. It is - and this is obvious the moment it is identified - the ability to store meaning in symbols.

I’ll let Yuval Noah Harari take over for a moment -

The real difference between us and chimpanzees is the mysterious glue that enables millions of humans to cooperate effectively. This mysterious glue is made of stories, not genes. We cooperate effectively with strangers because we believe in things like gods, nations, money and human rights. Yet none of these things exists outside the stories that people invent and tell one another.

The concept of stored meaning is immediately relevant to money. It allows the barter system to almost seamlessly transition to a system of tokens. Suddenly, it is no longer necessary to remember how much rice I gave you last week, or how valuable that is against the wheat you’re handing me now. Nor must you have a precisely valued amount of wheat on hand at the very moment you require some of my rice. We require no middleman, nor do we have to keep track of a different exchange rate from each thing A to thing B. Suddenly - we can abstract the value of our possessions into the common language of a currency.

And so was born money.

Arguably, money is what has allowed for the possibility of long-term contracts to enter the human consciousness - longer than a few days, or indeed, even a few lifespans. And by induction, it has allowed for the institutions of modern civilisation to evolve from a natural state of default distrust.

I rely again on Harari for succinctness -

Money is the most universal and most efficient system of mutual trust ever devised.

Intriguingly, human beings are the only species to have ever developed a notion of quantified symbolic value. In 2005, researchers at Yale New Haven Hospital taught (or rather, conditioned) seven capuchin monkeys to use coins to buy treats from humans. This escalated reasonably quickly into what was perhaps the next logical step for an animal described as ‘having a small brain that’s pretty much focused on food and sex’ - a prostitution business.


It’s easy to forget that the concept of money, a symbol for storing value, is agnostic of currency. Peoples of the world have used naturally occurring items as these symbols - tokens like sea-shells, animal bones and teeth, crystals and pretty rocks. It’s also easy to dismiss the use of these natural currencies as primitive when, in fact, they have pervaded and even influenced the history of the last few centuries. Spurred by the unwillingness of the Crown to pump minted currency into the Americas, early colonists adopted the Native American currency of wampum shells. It was the classic British strategy of enforcing dependence - destroy the ability to accumulate profit by paying in kind, never cash. The colonists had to quickly adapt - either be restricted by an imposed barter system, or find a new symbol of stored value, one not necessarily legitimised by the embossed face of a monarch.

Fantastically, this makeshift system rapidly trickled up - and wampum became legal tender in New England. The British eventually conceded, and began to ship more of their own coin into the colonies. The unduplicable quality of a minted and stamped coin caused a rapid erosion in the utility of wampum. Yet, the humble shell left a mark on history, and on language. “Clams” is common American slang for dollars, and it raises no eyebrows even in the 21st century to be “shelling out” money. This and other anecdotal analyses of the social institutions that money has bred and fed off are delightfully detailed in Nick Szabos’s 2002 paper, Shelling Out: The Origins of Money.

What this tells us is important - the ‘symbol’ that stores value is mutable. It can change. And there is nothing inherently valuable about the symbol itself. All that matters is that the two people transacting believe in its value. Of course, it is unpragmatic for every pair of people in the world to have their own ‘symbol’ (requiring 2.888e+19 symbols, far exceeding the combined vocabularies of all existing languages). Far more practical is to have a widely accepted symbol, one that is unduplicable, recognized, and whose value is trusted, stable, and agreed upon.


Rulers have recognized the value of a centralised currency as early as 600 BC, when the Lydian monarch minted the first coins from electrum, an easily mined alloy of gold and silver. This was the first fiat money - a token whose value is guaranteed by a State or ruling authority. Coins of mainly gold, silver and copper (the softest, least reactive, and most distinguishable metals) pervaded the empires of Greece, Asia Minor and China. These coins were stamped with official seals, with symbols of monarchy and religion. Paper was first invented by the Chinese around 100 BC - they first used paper money around 500 AD.

The Chinese didn’t move to paper fiat money for the fun of it. Prior to paper, their coins were bulky and round with rectangular holes, allowing rich men to string their wealth together. As one can imagine, this soon got heavy, a literal burden on the rich. A solution was a system where coins were left with a trustworthy person in return for a paper receipt for the value stored. By 960 AD, the Chinese Song dynasty were facing an acute copper shortage - and adopted paper money as a practical alternative to the cumbersome coins. Paper replaced metal as fiat money for the first time.

Marco Polo brought the concept of paper money to Europe as early as the 1200s. Attribute it to European hubris, but it took until the 17th century for Europeans to make the shift. Motivated by rapid inflation in the value of gold, Europe began to issue promissory notes as a guarantee of future payment. These gradually began to be accepted as legal tender. As they took over the world, paper became the de facto standard for currency. As a relic from an uncertain past, it is common even today for banknotes all over the world to bear a promise from the central bank along the lines of - “I promise to pay the bearer of this note the sum of one hundred rupees”.

For a few centuries thereafter, the manifestations of the symbolic storage of money were relatively stable. Even political and economic catastrophes could do little to derail the convenience of paper, and the world crossed well into the 20th century without any challenge to paper fiat money.


With the electronic revolution of the late 20th century, fiat money was not replaced, but re-represented, as a digitally stored and secured record. This may seem like a big jump, and certainly, it probably seemed as much to my grandfather’s compatriots. However, it isn’t really. With fiat money, banks were still required to maintain ledgers of accounts to prevent double-spending, while offering convenient service at numerous locations. These ledgers would have to be stored securely to avoid tampering or privacy breaches - perhaps in vaults. They’d also have to be updated at all locations simultaneously - an inefficient process with a physical log. All that digitisation does is convert this log to electronic storage. The processes of reading and writing have to be ‘secured’, now via cryptographic encryption. The log itself also needs ‘locking’. The log is still in units of fiat money - it’s just more easily and quickly accessible. Cryptographic concepts like public-key encryption and algorithms like RSA and SHA provided the necessary locks to assign ownership.

It’s remarkable, even as of this point in the history of money, just how much the abstraction of the singular concept of money has changed the world. Money is now just a sequence of numbers that I can send you, that you and I trust, that I can’t spend twice, and whose value we both believe in. Let that sink in - you enter numbers off a piece of plastic and click a mouse-button, and a ‘company’ whom you will hopefully never have to physically interact with believes that they have been suitably compensated. They send you a product of actual value. You work a whole month with the assurance that at the end of that month, a sequence of numbers will be created that represent the valuation of your work by your employer. That sequence is sent to a bank that treats cash money as exactly equally interchangable with these strange numbers. The exchange rate from physical banknotes to a specific sequence of numbers is exactly 1:1.

My grandparents, and really anybody born close to the middle of the 20th century - have seen this abstraction evolve before their eyes. I must confess, I am impressed at the adaptability of those who have embraced it as my grandfather has. This small mention closes the parenthesis on my opening anecdote.

Thus far, it was unnecessary and excessive to question the dependence on a State-sanctioned currency, and on third-party authentication of transactions. Innate to the need for a certifying authority was the double-spending problem. At the basic barter level, there is no way to double-spend. Once I hand you rice and take your wheat in return, it’s physically impossible for me to exchange that same rice for corn elsewhere. However, the abstraction of a ‘symbol’ changes things. If the symbol of stored value is easy to duplicate, as with wampum shells, there’s nothing to stop counterfeiting - the mass production of ‘value’ from nothing.

Oddly enough, nothing stops the central authority itself from ‘counterfeiting’. In fact, central banks routinely ‘print’ or destroy money as part of monetary policy, often to moderate inflation, investment, or saving. This is understood as a power entrusted to them with faith in their responsible exercise of it. In fact, some forms of governance understandably treat this as an unnecessary complication. Numerous small countries in Oceania use the Australian Dollar as their official legal tender, so as to avoid needing to muck about with how much ‘value’ to print or withdraw. Zimbabwe famously failed so miserably at this task - leading to hyperinflation and the printing of billion-dollar Zimbabwean Dollar notes that were barely worth a loaf of bread - that it now uses the US Dollar as legal tender.

That aside, the central authorities worldwide have been reasonably responsible about valuing and circulating fiat money. Indeed, the alternative for the longest time would have been thought unthinkable - absolute anarchy.

This brings us to the cusp of the 21st century. Two important things have happened in the last few centuries to empower, stretch, and mould our conceptualisation of money. One, obviously, is the decentralisation of technology and internet access. Over half the human beings in the world today have internet access - about 4 billion people. The second has been a more subtle process, yet an extremely pervasive one - a universal ability to incessantly question and undermine authority. Starting the with the American War of Independence, a series of events established that no power was absolute - the French Revolution, the Russian Revolution, the political and military clashes of the 20th century, and even more recently, Arab Spring. It has become possible for one person to stand up and ask an inconvenient question - and for that person to actually change the world.


With this background, the 21st century has unsurprisingly looked to move fast and break things. In 2009, Satoshi Nakamoto, a person or group of people yet unmasked, released a whitepaper titled ‘Bitcoin: A Peer-to-Peer Electronic Cash System’. In technical terms, he proposed a decentralised peer-to-peer record-keeping system for recording and authenticating transactions. Technicalities tend to obfuscate where analogies elucidate, while formalising what analogies hand-wave. I will prioritise the latter, accepting that this might not be the most technically sound explanation.

Start from scratch. I wish to send you an amount of money of a predetermined currency, and you wish to accept it. I must be able to send it to you specifically - nobody else. You must be able to ensure that I am not double-spending what I’m sending you - that I haven’t sent it to someone else already. We wish to cut out the middleman - the authorizing third party.

These third parties - banks, governments, credit card companies - allow us to perform this transaction by maintaining the logs we discussed earlier. They ‘armor the wire’ - HTTPS and encryption when you’re confirming your transaction online, or unforgable cash money across the counter. This ensures that logs are always changed correctly. They also armor their logs in secure databases. This ensures that logs can never be tampered with.

Any alternative system needs to serve as a log with both these properties. It’s worthwhile to note the restrictions we have in the absence of third-party verification. We can only send information, say as pieces of paper, to each other, and to anybody else who happens to be interested. There is no physical check against double-spending (I can send you the same piece of paper I send everybody else). FInally, we wish to not to require a third-party authenticator as a witness.

The obvious solution is to use everybody as a witness. I can send you a note saying how much value I transfer to you. I also send an announcement of this action to everyone else. You receive my note, and spread the message of your acknowledgement. Everyone must now cooperatively prove that they have given our transaction some form of approval (say, with a vote of their own acknolwedgement notes as witnesses), and log it in their records. Those who are absent can later inquire from others when they resume activity - if they get conflicting records, they can use their discretion to trust the most frequent log, or perhaps withdraw from transacting until the issue is resolved. Tomorrow, when I want to transact with someone else, they know exactly what I’ve already spent - there is no way for me to lie.

With enough trustworthy people subscribing to this system, it starts becoming extremely robust. A few colluding liars could try to approve untrue transactions, but they must still get some form of ‘consensus’ of the majority. Meanwhile, conflicting messages would tell the people on the network that something is wrong. Alternatively, the fraudulent nodes could try to create enough fake identities to overpower the network. Again, this gets much harder as more honest people participate.

Bitcoin’s blockchain provides exactly this functionality. It does this by decentralising the log - instead of a keeping it on a server run by central trusted authority, every node on the network has to hold a copy of it. The blockchain is the log itself. It begins with an empty block, called the genesis block - sent to every node on the network. For this hypothetical, let my transfer to you have the distinction of being the first. Once you and I agree on this transaction, we broadcast it to all nodes on the network. All the nodes now start working on a ‘proof-of-work’ - the solution of a cryptographic problem that costs CPU time and effort. This problem is visible to all nodes. The first node to find the solution broadcasts it to the rest of the network, and associates our transaction with the solution. This adds it to the blockchain.

The problem is hard enough that a single node would take perhaps months to solve it, but easy enough that the combined power of honest nodes can solve it within a few minutes. You can see the global distribution of nodes on the Bitcoin network here. Practically, the problem in Bitcoin is that of finding the input number to a ‘scrambling’ function that has a predefined number of zeros at its start. Such a cryptographic hash function has no reverse mapping, so the only strategy is to try all sorts of numbers until one gets a correct solution (of which there can be more than one). Think of it as archery in the dark - you don’t know you’ve hit the bullseye until you actually hit it and the lights come on.

This is one of the fundamental properties of a cryptographic problem - it is easy to verify that a solution is correct, but hard to find the solution itself. This means that all the nodes on the network can verify the ‘proof-of-work’ - they cannot, however, fake it.

A rudimentary way of uncovering the cryptographic black box is to think of prime factorization (which is actually used in some encryption algorithms). It is easy to multiply two large prime numbers. However, given their product, it is difficult to factorize them, even by computer. Given one of the factors, it is easy to verify that it is indeed a factor. The value of these properties is immediately apparent in cryptographic implementations. Try it yourself - factorize 102432877.

The factors of 102432877 are 10079 and 10163.

This cryptographic design has a simple implication - once a transaction block has been added to the blockchain, it is practically immutable. Everyone on the network can see and verify it, and honest nodes will get to work on verifying the next transaction in the queue.

The only way to fake a block is to solve the ‘proof-of-work’ and add a fake block. This is unlikely - unless a majority of nodes on the network are colluding to add a fake block (a 51% attack), or unless many nodes are sparsely connected, allowing a few fraudulent nodes to hoodwink honest nodes in various ways (a sybil attack). In fact, in order to edit a past block, the fraudulent nodes would have to have proofs-of-work for that and all subsequent blocks - a truly intractable problem. This is equivalent to saying that it would have to find alternative solutions to a number of already solved cryptographic problems - as many as the number of blocks it wishes to rewrite.

Blockchain’s checks against these attacks rely on there being a large enough number of honest nodes, and on nodes having a healthy number of connections to all other nodes. Without true decentralisation, the system is highly prone.

As should be evident, Nakamoto’s Bitcoin offers the benefits of near-complete anonymity, independence from authorizing third-parties and thereby, freedom from any kind of taxes or restrictions. The concept is scarily bizarre at first thought. You don’t need a bank. You don’t need anybody. In a sense, you need everybody to not need anybody. The anarchist’s dream - no small wonder that governments all over the world are anxious.

In all of this convolution, it’s easy to have grown apathetic to the problems with conventional currencies. Banking is a mess of conflicting protocols and open-ended definitions. The ‘most secure’ databases are far from hack-proof, so we’re perpetually one hack away from disaster - 2017 was replete with serious hacks all over the world. There is a single point of failure for most of our financial records. Authoritarian regimes don’t like the prospect of losing absolute control over currency flow. Bitcoin may not be the future - but it stands for ideas that are worth thinking about.

Bitcoin may not be the future - but it stands for ideas that are worth thinking about.

As revolutionary as the concept of blockchain is, Bitcoin itself does have limitations. The physical record of the blockchain as of 2018 is inconveniently huge - 160 GB, and only growing. This makes it difficult and impractical to decide to run a what is called a ‘full node’ on the Bitcoin network. The ‘proof-of-work’ gets harder with every Bitcoin mined, and there are only a finite number of them available for mining. This has uncertain implications for Bitcoin’s viability as a truly global currency, or for its robustness against inflation and other phenomena. There are other issues that I won’t get into, but it’s obvious that Bitcoin has problems. Other cryptocurrencies like Ripple and Ether solve some of these issues, but have more of their own.

In 2013, Vitalik Buterin proposed a blockchain platform for more than just currency - Ethereum. Again here, the idea is simpler than it’s made out to be, though no less brilliant for it.

Bitcoin uses the blockchain to manage money on a decentralised network. But the ‘money’ is really just a file, a line of code. With Ethereum, Buterin proposed a blockchain of executable code.

It’s useful to return to our transactional-decentralisation experiment, with a single modification - we replace the monetary ‘transaction’ with a service - say, information storage and retrieval. You wish to be able to store data, and access it - services I know how to perform - without necessarily surrendering all your data to me.

In the analogy, the solution is again simple - I must leave the instructions for performing this service with a number of people around us both. If I can build my service in a way that encrypts its components and distributes them across a network of people - you can spread your information over the network and access my service without ever needing to confide 100% in me.

Computationally, this means that you want to distribute the reliance you previously had on my single server. All you need is for some server to accept your information, process it with the instructions I’ve designed, and reply to you with what you need. Public-key cryptography makes sure that the information you send can only be accessed by nodes that are actually running my service. Put this way, the existing way of things looks suddenly very problematic. Why, and how, did it become obvious that I should have full control over the information you’ve given me in exchange for my service?

Privacy rights activist have been fighting against these defaults, though it usually isn’t something that concerns people. Perhaps it should. Google has more information about you than most of your family and friends do. When you choose to store a file on Google’s Drive, you lend absolute control to the company, and rely on them every time you want to pull or share the file. Facebook owns all of the social information you create. It is neither reasonable nor safe for so much valuable information to be controlled by a few entities, just in exchange for their ability to process that information usefully. We don’t give a photographer a share of the rent from a house he photographs. We don’t give refrigerator companies information about all our future grocery purchases (not yet, anyway). And why should we?

The solution is to decentralise technological services - by treating services as pieces of code that can be distributed and authenticated similarly to transactions on the blockchain. This means that Google no longer runs the single server that stores my file and gives me an interface to use it. Rather, Google develops a new kind of service that distributes both, the file I upload, and the services associated with it, over the network - in pieces of verifiable code that I can pull from any of the nodes on the network that hold it. Ethereum is analogous to torrenting a computational service.

Ethereum is analogous to torrenting a computational service.

Ethereum visualises the use of Ether as a currency to power these distributed services. Every time you try to access a service, the nodes that contribute computing power or storage space demand some payment - measured in gas, a subunit of Ether - to perform the computation. This ensures that all computations cost something, that you don’t get something for nothing, and that malicious code can be contained easily.

Because Ethereum generalises the blockchain to store and transact in files, and because anything can be represented as a file - it allows for contracts to be signed in a distributed manner. Think about that - contracts become universally distributed, verifiable by everybody on the network, making them essentially unbreakable.

The possibilities are endless. Smart contracts can revolutionise intellectual property rights - everytime you wish to listen to a band, say CHON (they’re great) - you access their distributed streaming service, pulling pieces of their files and streaming protocols from across the network. It doesn’t matter if YouTube is down or hacked - you can pull files from whoever has them. As a user, you would have to create some form of contract to do this - paying in Ether or gas, proportional to your usage. There will be no other route to access these files, so no stealing or piracy (until someone figures out how). Nor is there a reliance on a middleman.

The idea of such a contract shifts the balance of power when users request services. Suddenly, it isn’t Google doing you a favour by taking all of your information in exchange for a service. Today, services are ultimata - accept the terms and conditions, or walk away. Ethereum opens a two-way street - Google now needs to accept a contract whose terms you can set. This contract, unbreakable as it is, immediately changes how we can think of and value our own data. Much faster than petitioning or protests ever will.

Of course, it won’t be easy to get service-providers like Google to adapt to the new distributed internet, often called Web 3.0. But for the first time, we see it being not just thought of, but made possible. We stand at the frontier of a freer, fairer, truly open internet.

And thus, we come full circle. Money, that allowed contracts to first exist and develop over long time-frames, is set to be rethought in a way that ensures that contracts are respected.

The implications of Ethereum’s concept of the smart contract are fascinating - it can effectively solve the Prisoner’s Dilemma. This game theoretical problem of cooperation involves two players, each of whom can either ‘cooperate’ or ‘defect’. Both players benefit largely from mutual cooperation, and get nothing by mutually defecting. However, if one player cooperates while the other defects, he loses what the other gains. Both players must choose their strategies simultaneously. It’s evident that this is the form that many real-world contracts take. That’s why it’s so hard to uphold them - it is almost always easier and more rewarding to do nothing, than to risk cooperating and being defected on.

With a smart distributed contract, there is no concept of betrayal or back-stabbing. Assuming the smart contract is created with a framework to evaluate compliance, this changes everything. The tragedy of the commons can be averted. International trade agreements cannot be compromised on. Countries that commit to protecting the environment needn’t worry about contributed disproportionately. Votes can’t be faked. Corruption becomes immediately evident.

The future is closer than you think it is. Be excited.

Written on March 10, 2018