I've been thinking a lot recently about the challenges of creating a secure and trustworthy Bitcoin bank. I think this is a hard problem and one which presents a challenge for the wider adoption of Bitcoin.
WHY BANKS ARE NEEDED
Storing bitcoins safely is challenging even for technically savvy individuals (who have to think about multiple backups, wallet size, password strength and the like) and even harder for everyone else. If Bitcoin is to be adopted widely, most people will want to (and should) store bitcoins somewhere other than their own hard drive and/or a flash drive buried in their garden. Furthermore, it would be challenging to scale Bitcoin to encompass all transactions between invididuals. So it seems likely that most people will store bitcoins in banks and that most transactions will be resolved between these banks without using the Bitcoin protocol itself. At the end of the day, banks could use the actual protocol to resolve any balance discrepancy. Of course, the cautious can still hold their bitcoins buried in their garden. And as I argue below, there are many reasons to be cautious.
WHAT I WANT FROM A BITCOIN BANK
If I want to store a large sum in a Bitcoin bank, then of course I want security, reliabiliy and possibly anonymity. There's an additional feature that's of paramount importance to me but I rarely see discussed here: a daily withdrawal limit. I want the bank to guarantee that it won't give me money all at once, even if I ask for it. The reason is simple: if someone can grab my password using a keylogger, root kit or other hack, I don't want them to be able to extract all my BTC in a heartbeat. I'd like to be able to set the withdrawal limit myself. Changes to the withdrawal limit must themselves take several days to complete and must themselves be accompanied by email notifications so I can find out if they're happening unexpectedly.
HOW TO IMPLEMENT A SECURE BANK
Today, the de facto Bitcoin banks are Mt Gox and MyBitcoin. Neither of these sites call themselves banks, but I'm sure that each of them is holding many tens of thousands of BTC on behalf of lots of individuals, who (for now) trust them to return their money. Let's suppose that we want to implement a Bitcoin bank which can securely hold BTC worth, say, $50M USD. How can that be done?
The naive approach is to simply hold the BTC on highly secured computers on the bank's internal network, protected by passwords known only to a small number of trusted individuals. Knowing what we know about computer security, I think this approach is far too insecure for an asset of this value. If someone inside or outside the bank can hack that machine (e.g. using social engineering and/or a keylogger to grab a password), the $50M suddenly disappears and nobody will know where it went. It's also possible that someone could walk into the bank with a gun and demand a transfer.
So could the bank simply convert most BTC to USD, which they could then store at some other bank? That won't work, since the BTC/USD exchange rate is highly volatile and so the bank could sustain an enormous loss if it's guaranteeing to return BTC to any depositor.
The bank could store most BTC in a vault in a physically secure location (think guards with guns, security cameras). Transferring BTC into the vault is easy: simply send to an address in any wallet in the vault. Once every day or so, the bank might need to withdraw a certain amount of BTC from the vault in order to cover any outstanding liabilities. If vault is filled with flash drives each containing a wallet, the daily trip to the vault might involve just extracting one or more of these drives. Still, the vault is a single point of attack.
Alternatively, the blank might store 100 different flash drives in 100 different locations which are somewhat secure (e.g. safe deposit boxes in another bank), send money to them as needed, and just fetch one or two of these each day to cover withdrawals. This seems like the most secure approach to me if the bank doesn't want to trust anyone else. Even then, there's still plenty to worry about: an untrustworthy programmer on the inside could conceivably hack the bank's software so that everything looks OK on official reports, but cash is actually being siphoned off to somewhere else.
Of course, if a network of banks trust each other, then only one of them needs a (centralized or distributed) vault of this nature; the others can simply trust that loans to or from that bank are good. But, still, the bank which runs that vault will need to fetch BTC from that vault on a regular basis.
CAN ANY BANK BE TRUSTWORTHY?
Suppose that a bank is backed by a major company and implements all the precautions above. Can we reasonably convert a significant fraction of our life savings to BTC, store them in the bank and sleep easily at night?
The question is somewhat absurd today because holding a large sum of BTC today is enormously risky in and of itself: Bitcoin is young, and BTC could simply drop to zero for any number of reasons. In other words, if a signficant fraction of your savings are in BTC then you shouldn't be sleeping well anyway. But let's assume that BTC stabilize and/or that a depositor is willing to accept the currency risk. The question remains: can the bank be trusted?
I maintain that even if the bank's management is trustworthy and responsible, a large loss of BTC stored at the bank is a plausible event - with probability greater than 1-2% per year, say. I believe this because I think computer security is fundamentally that hard, and when bits equal dollars they are likely to be under attack.
So, now: suppose that a bunch of us store our life savings in BTC in a bank and one day the bank's managers make a dreadful announcement: the worst has happened and the bits have somehow disappeared. They say can't figure out whether it was an inside job or a clever virus from outside that penetrated the bank (think Stuxnet), but the money is gone and the bank is bankrupt. What should happen next?
Should the bank managers go to jail, or (as perhaps some crypto-anarchists might advocate) be hunted down by vigilantes? There's certainly plenty of reason for us to suspect that they simply took the money. But I think it's also plausible that they acted in good faith and a hacker nevertheless slipped through the many controls they implemented. Some might argue that even if they acted in good faith, they still deserve to be punished (by losing their life savings, or by going to jail). But in that case I think nobody would ever want to be a manager of such a bank, because they'd be assuming enormous personal risk for a hard computer security problem. And exactly who should be punished here? All the bank's managers? What if there are 12 members on its board - do they all go to jail? It's entirely possible that a couple of them are crooked and the rest are innocent.
For all these reasons I find it difficult to advocate harsh punishment for the managers of a failed Bitcoin bank. Unfortunately, the lack of such punishment increases their incentive to act in a dishonest way, so I think this is a significant ethical dilemma. After all, if the bank fails, it's also hard to imagine simply shrugging our shoulders and tell the depositors: oh, well. You should have chosen a bank that had a better reputation, and at least that bank will never borrow from anyone again. Perhaps some free-market libertarians might view the loss this way, though.
The alternative is to say that governments should regulate such banks, audit their internal practices, and bail them out if the BTC are lost. That seems pretty unlikely in the case of Bitcoin. And if enough BTC are lost (say, actually destroyed rather than stolen), even a major government could not possibly bail them out: if the bank had more than 50% of outstanding BTC then it would be mathematically impossible to refund the depositors' original amounts.
IMPLICATIONS FOR USE OF BITCOIN
All of the above leads me to question whether we'll ever be able to put BTC in a bank without assuming a risk of total loss of, say, 1-3% percent per year. In this sense I've started to think of BTC (even if the currency stabilizes) like junk bonds: probably worth something, but with a significant risk of total loss, no matter who you trust to store it. Fundamentally I think this is because it's hard for anyone to store BTC securely, and hard to know whether they are lying if they say that they have failed to do so.
And given that, at the moment I think most people and businesses may not ever want to store a significant fraction of their savings in BTC. So it may be that we still use traditional currency for savings, but BTC are a useful medium of exchange - exactly like paper cash today. And that would be fine, but this conclusion is a still a bit disappointing to me, because it means we must constantly convert between dollars and bitcoins, and because many of us have hoped for an even larger future for Bitcoin.
Or am I wrong? Do people on this forum believe that banks will be able to store BTC without this risk of loss?