This is the papers page for Ian Grigg, and joint authors. Each of these papers has been written and circulated with some seriousness in various fora. Many have been published in some formal academic conference or journal. Sorted in most recent first.
Ken Griffith and Ian Grigg, Bitcoin Verification Latency - The Achilles Heel for Time Sensitive Transactions (PDF)
Bitcoin has a high latency for verifying transactions, by design. Averaging around 8 minutes, such high latency does not resonate with the needs of financial traders for speed, and it opens the door for time-based arbitrage weaknesses such as market timing attacks. Although perhaps tractable in some markets such as peer to peer payments, the Achilles heel of latency makes Bitcoin unsuitable for direct trading of financial assets, and ventures seeking to exploit the market for financial assets will need to overcome this burden.
As below, developments moved fast on this question, and there are now more ventures looking at the contracts and trading question. For clarification, I am the secondary author, Ken is lead. Comments can be placed on FC's announce post (in SSL only). It was written in December of 2013, and published here in Feb 2014.
Philipp Güring and Ian Grigg, Bitcoin & Gresham's Law - the economic inevitability of Collapse (PDF)
The Bitcoin economy exhibits remarkable and predictable stability on the supply side based on the power costs of mining. However, that stability is challenged if cost-curve assumption is not solely expressed by the fair cost of power. As there is at least one major player, the botnets, that can operate at a power-cost-curve of zero, the result is a breach of Gresham's Law: stolen electricity will drive out honest mining. This has unfortunate effects for the stability of the Bitcoin economy, and the result is inevitable collapse.
Events overtook this paper. We had hoped to present it at some interesting conference, but with the development of full-scale attacks on the Bitcoin economy, it is better out now, so as to explain the reasons. This does not preclude a later publication - this paper is still in draft in the freer sense of FC++ (comments welcome on the SSL version of the blog).
How does a lightweight community Certification Authority ("CA") engage in the heavyweight world of PKI and secure browsing? This talk tracks the systems audit of CAcert, an open-membership CA, as a case study in auditing versus the open Internet, community versus professionalism, quality versus enthusiasm. It will walk through the background of "what, why, wherefore an audit," look at how CAcert found itself at this point, and then walk through some big ticket items: risks/liabilities/obligations; assurance and what's in a name; disputes and reliance; and systems and security.
Can CAcert deliver on its goal of free certs? The audit is into its 3rd year as of this writing; and remains incomplete. Some parts are going well, and other parts are not; by the end of the year 2008, we should be able to check all of the important areas, or rethink the process completely. Hence, finally, the talk will close with progress and status, and recommendations for the future.
Presented as an invited talk at the 22nd Large Installation Systems Administration Conference (LISA 2008) 13th November 2008. Above is HTML with slides embedded within; also available are the slides in extracted form. See also the CAcert and the audit page.
What is security?
As a good in the sense of economics, security is now recognised as being one for which our knowledge is poor. As with safety goods, events of utility tend to be destructive, yet unlike safety goods, the performance of the good is very hard to test. The roles of participants are complicated by the inclusion of agressive attackers, and buyers and sellers that interchange.
This essay hypothesises that security is a good with insufficient information, and rejects the assumption that security fits in the market for goods with asymmetric information. Security can be viewed as a market where neither buyer nor seller has sufficient information to be able to make a rational buying decision. Drawing heavily from Michael Spence's Job Market Signaling, these characteristics lead to the arisal of a market in silver bullets as participants herd in search of best practices, a common set of goods that arises more to reduce the costs of externalities rather than achieve benefits in security itself.
This paper is part of a group of papers emerging from an investigation into Information Security and Signalling. This is a difficult paper, and is advancing slowly, but I think its proposals are very important. See also the (complete) Pareto-Secure paper below.
Ian Grigg The Ricardian Contract
Abstract. Describing digital value for payment systems is not a trivial task. Simplistic methods of using numbers or country codes to describe currencies, and ticker tape symbols to issue bonds, shares, and other financial instruments soon run into shortcomings in their ability to handle dynamic and divergent demands. The seemingly arbitrary variations in the meanings of different instruments are best captured as contracts between issuers and holders. Thus, the digital issuance of instruments can be viewed as the issuance of contracts.
This paper proposes that the contract is the issue. A document form is described that encompasses the inherent contractual nature of the financial instrument yet copes with the requirements of being an integral part of a payment system.
Kindly presented by Mark Miller at First IEEE International Workshop on Electronic Contracting, (WEC) 6th July 2004. Above is HTML, original submitted in multicolumn DOC form. also available is PS. See also the WebFunds' developer's notes.
What do people mean when they say something is secure?
Shamir's 1st law says absolute security does not exist, yet the popular press and the security buying process is inundated in secure product. For some of these products, there may be merit in the term, but for many it is more debatable. Such differences of meaning and applicability suggest low efficiency in the market for security, as well as a blackspot on the claim for security as a robust science.
One way to define 'secure' is to apply the economics theory and terminology of Pareto efficiency. This simple structure gives an easy way to categorise and choose among alternates, and identifies when an optimum has been reached. We suggest that this meaning may already be in wide spread usage, intuitively, among security practitioners and the popular press.
Pareto-Secure was one of the three papers presented in the founding issue of Advances in Financial Cryptography . As editor, publisher and chief gopher that was an easy decision for me! FC++ as it is known for short is a pre-publication drafts circle designed to polish our work before going out to a 'real publication'.
The digitally signed receipt, an innovation from financial cryptography, presents a challenge to classical double entry bookkeeping. Rather than compete, the two melded together form a stronger system. Expanding the usage of accounting into the wider domain of digital cash gives 3 local entries for each of 3 roles, the result of which I call triple entry accounting.
This system creates bullet proof accounting systems for aggressive uses and users. It not only lowers costs by delivering reliable and supported accounting, it makes much stronger governance possible in a way that positively impacts on the future needs of corporate and public accounting.
A new paper that attempts to meld our ground-breaking digital issuance innovations with classical accountancy. In Financial Cryptography it is an article of faith that double entry bookkeeping has taken a broadside from the digital certificate, and is expected to sink any year now. Instead, I look at how the two can work together and emerge stronger for their contributions.
James Nesfield and Ian Grigg Mutual Funds and Financial Flaws
Abstract. Mutual funds are vulnerable to abuses involving market timing and late trading. Primarily, this is due to a failure of governance, and the delayed nature of settlement of both payments and transfers. This vulnerability is only exploited over time, through a progression of small steps that, individually, raise no alarm, but in sum, cross the line of acceptable behaviour. Solutions to the abuses will be found not in more regulation, but in open governance and a move towards real time gross settlement.
This paper was submitted as testimony to the U.S. Senate's finance subcommittee during hearings on the mutual funds scandal , 27th January 2004. Above is HTML, original submitted in PDF form (local and also senate copy), also available is PS.
Ian Grigg Financial Cryptography in 7 Layers
I seek to reduce complexity by presenting Financial Cryptography in a 7 layer model. This model separates the field into distinct disciplines of Finance, Value, Governance, Accounting, Rights, Software Engineering, and Cryptography. I also present Systemics' Ricardo system in the light of this model, as an example.
The paper was presented at Financial Cryptography 2000 (FC00) and was originally published in the Proceedings of Financial Cryptography Fourth International Conference, FC 2000 Anguilla, British West Indies, February 21-24, 2000, Springer-Verlag LNCS 1962. Here is the postscript.
Ian Grigg Digital Trading
I survey the current state of the art in digital trading and brokerages. I also document some of Systemics' experiences in digital certificate trading, and draw the conclusion that future trading will be open and costless. This predicted future may not come pass, but it will serve as a benchmark for the financial world as it enters into an era of rapid and dramatic structural change.
Ian Grigg and C Petro Using Electronic Markets to Achieve Efficient Task Distribution
This is our controversial proposal to automate the division and distribution of labour. Where Marx has failed, Markets can succeed! By allocating ownership of software projects as fungible units, we seek to use digital value systems to assist in raising funds for open source software.
It was presented at Financial Cryptography 1997 (FC97) and was originally published in the Proceedings of Financial Cryptography First International Conference, FC'97 Anguilla, British West Indies, February 1997. Springer-Verlag LNCS 1318. Here is the postscript.
A viewpoint on what's happening in the European Internet Cash policy arena, and why it represents a bad move for Europe.
Argues that, in actuality, Internet cash issuance will not be a strong force, neither against the tools of monetary policy, nor for its own mercantile purposes. Three models are used: Fractional banking, Baumol-Tobin, and potential participancy.
This paper was written in April-June 1996 as primary assessment for Professor Michael Kuczynski's International Financial Systems elective in the London's MBA programme. As it was a hot topic at the time, and this was only the second paper on the subject, I published it on the web. Here is the postscript.
I have re-organised this page to include all completed papers. In the past, completed papers that were waiting for some forum to bless them were left in my draft list but now that includes only papers that aren't ready to be read.
Also see the Financial Cryptography Blog my Money Page for the various older reports and links on electronic money, and the new Advances in Financial Cryptography peer-review circle for current thought expressed in working and draft papers.
All of these papers were prepared and published under the influence of Systemics, a builder of Financial Cryptography tools and applications.