If Bitcoin Had a First Draft, Wei Dai’s B-Money Was …

All Cypherpunks value privacy; it’s basically the founding principle of the collective of cryptographers, academics, developers and activists grouped around the 1990s mailing list by the same name. But few put it in practice like Wei Dai does. Once described as an “intensely private computer engineer” by the New York Times, not many personal details are known about the man who, two decades ago, dreamed up an electronic cash system intriguingly similar to Bitcoin.

This lack of personal details is made up for by Wei Dai’s work and proliferation of ideas. A talented cryptographer, Dai created and still maintains Crypto++: a C++ library for cryptographic algorithms. Dai is also, to this day, active on rationality forums like LessWrong, where he philosophizes on such topics as artificial intelligence, ethics, epistemology and more. His insights earned him the praise of well-known AI researcher Eliezer Yudkowsky and repeated invitations to speak at his Machine Intelligence Research Institute (MIRI; previously known as the Singularity Institute).

Dai’s interest in philosophy and politics is nothing new. Back in the 1990s, as a young bachelor student in computer science at Washington University, his curiosity led him to the writings of Timothy May, one of the “founding fathers” of the Cypherpunk movement. Dai was inspired by the crypto-anarchy May advocated; the brand-new ideology prevalent amongst Cypherpunks based on the conviction that cryptography and software could provide and safeguard political and economic freedom better than any system of government would.

“I am fascinated by Tim May’s crypto-anarchy,” Dai wrote in 1998. “Unlike the communities traditionally associated with the word ‘anarchy’, in a crypto-anarchy the government is not temporarily destroyed but permanently forbidden and permanently unnecessary. It’s a community where the threat of violence is impotent because violence is impossible, and violence is impossible because its participants cannot be linked to their true names or physical locations.”

By the mid-1990s, Dai engaged in discussions on various topics on the Cypherpunks mailing list such as digital reputation systems, game theory, privacy and anonymity in digital cash systems. Perhaps more importantly, Dai made a number of proposals to further the Cypherpunk cause, including trusted timestamping, an encrypted TCP tunneler, a secure file sharing system and more. It garnered him a reputation as a prolific contributor to the Cypherpunk community — though, even back then, no one knew much about him personally. (Not even whether Dai was male of female, Timothy May recently said.)

But Dai would become best known for an idea he casually announced in November 1998, just after graduating from university. “Efficient cooperation requires a medium of exchange (money) and a way to enforce contracts,” Dai explained. “The protocol proposed in this article allows untraceable pseudonymous entities to cooperate with each other more efficiently, by providing them with a medium of exchange and a method of enforcing contracts. […] I hope this is a step toward making crypto-anarchy a practical as well as theoretical possibility.”

He called his proposal “b-money”.


Typical digital money systems use a central ledger to keep track of account balances. Whether it’s a central bank, a commercial bank, VISA or any other payment provider, a centrally-controlled database somewhere tracks who owns what.

The problem with this solution, from Dai’s and the crypto-anarchist perspective, is that it ultimately lets governments control the flow of money through regulation, while participants in the system are usually required to identify themselves. “My motivation for b-money was to enable online economies that are purely voluntary … ones that couldn’t be taxed or regulated through the threat of force,” he later explained.

So, Dai came up with an alternative solution. Or really, two alternative solutions.

In the first solution, instead of a central entity controlling the ledger, all participants maintain separate copies of the same ledger. Any time a new transaction is made, everyone updates their records. These ledgers, furthermore, would consist of public keys, with amounts attached to them — no real names. This decentralized approach would prevent any single entity from blocking transactions, while offering a level of privacy to all users.

As a quick example, let’s say Alice and Bob are b-money users. They both have a public key: Alice has public key “A” and Bob has public key “B”, for which they both control their unique private keys. And, as recorded in the ledgers maintained by all users, both their public keys hold b-money units; let’s say three units each.

If Bob wants to receive two b-money units from Alice (because he’s selling her a product), he sends her his public key: B. Assuming Alice wants to buy the product, she then creates a transaction in…

Article Source…