What The Traditional Financial System Can Teach Us about The MtGox Disaster

Imagine you were an equity trader and used a Stock Exchange to trade between equities and cash and back. What would happen if they unexpectedly filed for bankruptcy? How much money would you stand to lose? The answer is zero. You would lose nothing. Your equities would be safe at your custodian bank and your cash would be wherever you left it.

However, if you were a Bitcoin trader and your Bitcoin exchange went bankrupt, you could have lost everything – as users of Mt.Gox discovered to their cost last week.

How can this be? Isn’t Bitcoin supposed to be the ultimate decentralized financial system? Well, yes… the Bitcoin network is decentralized but many of the major players are not. And, worse, exchanges like Mt.Gox acted as more than just exchanges: they are also the Bitcoin custodian, clearing house and bank.

The diagram below shows the problem. From the time a buyer deposits cash or a seller deposits Bitcoins, they are utterly dependent on the solvency of that exchange until they withdraw their funds at some later date. You have counterparty exposure to the exchange for all this time.

Buyers and Sellers have Counterparty exposure to the exchange for an extended period of time

That’s not how it works in the equity world. I wrote about the mechanics in my article on how equities move around the securities settlement system.

The key point of that article is that your shares and cash never go anywhere near the exchange.

Instead, a custodian bank looks after your equities in a segregated account and they usually also hold your cash. And a Clearing House will step into the middle of the trade to protect you from non-performance by your counterparty. So you don’t even need to worry about the other party going bust. Things would have to be really bad before you stood to lose any money.

For example, when Lehman Brothers defaulted on US$9 trillion notional of Interest Rate Swap derivatives, LCH.Clearnet (a clearing house) resolved the situation with no loss to anybody else at all:

In September 2008, we successfully managed Lehman Brothers’ US$9 trillion interest rate swap default, comprising over 66,000 trades, by implementing SwapClear’s unique default management process. Less than a week after default, market risk had been reduced by 90% by comprehensive hedging and, within three weeks, the default was fully resolved well within the margin held and at no loss to other market participants.

The diagram below shows what the risk situation looks like when trading equities: at no time are you exposed to the exchange’s solvency and that your risk exposure is with respect to well-capitalised, hopefully well-run clearing houses and custodian banks rather than the exchange itself.

Users of equity exchanges have no exposure to the exchange

Note that you can choose your custodian and you could, by choosing your exchange, also choose your clearing house…. The equity world is more decentralized than the Bitcoin world!

Can We Do Better?

It’s tempting to conclude that Bitcoin exchanges should move to this model. But I think we can do better. Perhaps it is possible to leapfrog a stage of evolution. Here’s what I have in mind:

The Bitcoin “multi-signature” feature allows you to “encumber” funds so that they can only be spent with the agreement of more than one party. So here’s what you could do if you’re a seller of Bitcoins…

Just before you want to sell some coins through an exchange, send them to a new 2-of-3 address that can be spent by any two of the following three entities:

1) You

2) The exchange’s “Clearing House”

3) An “arbiter” that you and the clearing house both trust

Your coins are now encumbered. They’re locked up until the trade is done and the outcome agreed.

The “clearing house” would be a new concept in the Bitcoin world but it could be quite simple: it just needs to be an entity that takes temporary custody of the buyer’s fiat payment and, once received, facilitates the transfer of the Bitcoins, before releasing the fiat payment to the seller. Note that this still means somebody has to be trusted with the fiat funds but it’s not obvious how you would ever escape from that requirement. And one could imagine, in the future, that a real Bank might step up to perform this function.

Under this model, when you execute a trade, the exchange informs the clearing house and they then manage the processes necessary to settle the trade.

First, the clearing house can request fiat payment from the buyer (if they don’t already have the funds). When the clearing house confirms to you that they have received payment from the buyer, they sign and submit a 2-of-3 transaction to you for co-signature that will release the encumbered Bitcoins to the buyer.

The clearing house will have populated the buyer’s address and signed their part of the transaction. So if you agree, you co-sign and publish it into the Bitcoin network. The recipient gets their Bitcoins, the clearing house waits for confirmation and then releases the cash to you.

At no point does the clearing house or exchange have the ability to steal or lose your coins. And the 2-of-3 address prevents you from running away with the coins. You all need to co-operate.

In the event of a dispute, you can turn to the third-party “arbiter”, who controls the third key, which they can use to co-sign a transaction with whichever party they decide for. Notice how there could be competition amongst arbiters – you just need an entity that both you and the clearing house trust.

So provided the arbiter is not in collusion with the clearing house (not a given, of course), we have a way of resolving the transaction even in the event of dispute.

Now this is not perfect and it still has points of centralisation… but it’s a big step forward from where we are today. And notice how it’s simpler than the equity world: there is no need for a dedicated Bitcoin “custodian” service here – the multi-sig feature allows us to do without. We just need the clearing houses entities, which could be spun out from the existing exchanges as separate legal entities, and a network of arbiters – the one new function.

From a risk perspective, you end up with the diagram below:

Using Multi-Sig transactions as a step towards lower risk (and greater decentralization) for Bitcoin exchanges

I don’t claim this as an original idea but I think it does have the virtue of being implementable fairly easily (easy for me to say, of course…)