Lawfare Buys A Bitcoin---Buying the Coin
So . . . you can’t explore bitcoins unless you actually have one in hand. If you don’t then, well, it’s really all pretty theoretical. We wanted to have some skin in the game, so to speak, so we decided we needed a bitcoin of our own. For reasons that will become clear as we go along, that actually took longer and was a bit more complex than anticipated. But the good news is: The Lawfare Institute is now the proud owner of 1 XBT!
Now, if you want a bitcoin then there are only three ways to get one.
Published by The Lawfare Institute
in Cooperation With
So . . . you can’t explore bitcoins unless you actually have one in hand. If you don’t then, well, it’s really all pretty theoretical. We wanted to have some skin in the game, so to speak, so we decided we needed a bitcoin of our own. For reasons that will become clear as we go along, that actually took longer and was a bit more complex than anticipated. But the good news is: The Lawfare Institute is now the proud owner of 1 XBT!
Now, if you want a bitcoin then there are only three ways to get one. First, as we noted in the introduction, you can “mine” one (we’ll explain mining a bit in a later installment). Suffice it to say that, at the exchange rate in early December, mining is a very labor-intensive process (not manual labor of course, but nonetheless, computational effort). On the day I checked using relatively standard mining programs it would take 58+ days to do the work to earn a single XBT and more than 1400 days to complete a block in the block chain.
We don’t have that kind of patience---plus we don’t have the computing power we need to devote to the effort. The second way is easier---we could sell something that some bitcoin holder would want and for which he might give us a bitcoin in exchange. That’s plausible; Lawfare has some swag. But we’ve never offered it for sale like this and it seemed too cumbersome to start right now. [Though, note to Ben, we can now accept Lawfare charitable donations in bitcoins, I think, through our account and I expect we could even sell the swag. If anyone wants to make such a donation or purchase as an experiment, let us know and we'll report on it here.]
So we went for method three: buying a bitcoin from someone who already has one.
To do that we needed a bitcoin wallet (in effect a digital bitcoin storage locker) to hold our coin. Some readers may recall that these wallets are not necessarily secure; the early failure of a large one known as Mt. Gox was a singular moment in the industry. [More about this and other failures, as well, in the future.] After some investigation, including discussions with a few pro-bitcoin friends, we chose Coinbase as our wallet. [N.B. No endorsement is intended or made---enter at your own risk!]. Here’s a screen shot of the front page for Coinbase:
As you can see, the first issue you need to consider is your identity. Taking our cue from the pseudonymous nature of bitcoin, we decided to register under a pseudonym. I chose Nathan Detroit (and if you don’t like that name you can just sue me; sue me … what can you do me; I love Guys ‘n Dolls) with an email of nathan.detroit@lawfareblog.com. [Feel free to use it if you like; it forwards to my regular corporate email automatically.]
And then came the kicker. I had to consent to the terms of service for Coinbase and give them my legal name:
Of course, Coinbase made no effort at all to verify the legal name I provided (which was The Lawfare Institute, since the institution will own the coin in the end). But I could just as readily have used “Nathan Detroit” and, as far as I can tell nothing would have happened, though it would have violated the terms of service. But this was (along with the next step) part of the reason why bitcoin is pseudonymous rather than anonymous; at some point in the structure there is likely to be a link to your “true” name.
The second point of contact to our “true” selves was in the next step. In order to buy a bitcoin you have to … well …. give somebody money. Of course, you could buy a bitcoin with another bitcoin, but that would defeat the purpose. So we had to give them a hard, nation-sponsored currency, like dollars. And, oddly enough, Coinbase doesn’t take cash, at least not that I could tell. The only way to give it money to buy a bitcoin was through a bank account, so we had to give them the routing number and account number for The Lawfare Institute's bank account at PNC Bank.
This proved problematic. The idea was that Coinbase would then verify the reality of the bank account by making two small deposits (and one withdrawal) and requiring me to tell them the amounts of the deposits. This would have conclusively linked “Nathan Detroit” to the PNC Bank account for Lawfare Institute. But the PNC account’s link to Lawfare Institute is only as good as the bank’s verification efforts. In the US that’s pretty stringent; PNC has a lot of information about Lawfare. But elsewhere, the "know your customer" regulations are less comprehensive. If we had used, say, a bank account in the Isle of Man (or some other banking haven) we would have strengthened the pseudonymity of the enterprise.
More problematically, for some reason, the deposit/verification process didn’t work for the Lawfare Institute bank account at all. Even after waiting several days to see the deposits, nothing happened. Undaunted, we had to back up and start over, this time verifying my Red Branch Consulting bank account. That worked---and so Nathan Detroit was decisively linked to Red Branch Consulting PLLC. But that did successfully add another layer of obscurity to the process, one would have to connect my corporate Red Branch account to me, as owner of Red Branch. [The connection to Lawfare is also now further obscured, since it resides only in an unwritten agreement between me and Lawfare that I will, in the end, be reimbursed for the purchase and hold the bitcoin as an agent of The Lawfare Institute.] In the end it would be a bit intricate to figure out that Nathan Detroit was really Paul Rosenzweig or that either of us is connected to Lawfare---save, of course, for the fact that I’ve announced it in this blog post!
It’s appropriate to mention, at this point, that though Coinbase didn’t seem to care very much who I truly was (not ever verifying my true name independently) it did care, quite a bit, about ensuring that whoever was logging in as Nathan Detroit really was the same person as the one who originally created the account and identified himself as Nathan when the account was opened. Besides my email login and password they routinely required a two factor identification numerical code that was provided by them through an app (Authy) that I had to install on my tablet. The numerical code was only good for 30 seconds before it expired, which was a bit of a pain but did serve as a very effective security tool.
Anyway, in the end, it all worked out. My office account was debited $316.50 (the XBT value of $313.42; the other $3.08 was a fee. You can get pretty rich on a 1 percent transaction fee with low overhead!) and I was told that my bitcoin would be delivered in 4 working days. Since I made the purchase on December 31, 2014 that meant my bitcoin was not going to be arriving until today Wednesday January 7, 2015. Overall it seems a pretty cumbersome process, but as you can see, I am now the proud owner of a single bitcoin:
Of course, the screen shot also reflects the first risk of having bitcoin: it’s value fluctuation. On the day I bought the coin it cost $313. Today that same coin is worth $288, a decrease in value of nearly 8 percent in less than a week between when I bought the coin and when the transaction settled. But at least we have an XBT now … onward!
As you can see, the first issue you need to consider is your identity. Taking our cue from the pseudonymous nature of bitcoin, we decided to register under a pseudonym. I chose Nathan Detroit (and if you don’t like that name you can just sue me; sue me … what can you do me; I love Guys ‘n Dolls) with an email of nathan.detroit@lawfareblog.com. [Feel free to use it if you like; it forwards to my regular corporate email automatically.]
And then came the kicker. I had to consent to the terms of service for Coinbase and give them my legal name:
Of course, Coinbase made no effort at all to verify the legal name I provided (which was The Lawfare Institute, since the institution will own the coin in the end). But I could just as readily have used “Nathan Detroit” and, as far as I can tell nothing would have happened, though it would have violated the terms of service. But this was (along with the next step) part of the reason why bitcoin is pseudonymous rather than anonymous; at some point in the structure there is likely to be a link to your “true” name.
The second point of contact to our “true” selves was in the next step. In order to buy a bitcoin you have to … well …. give somebody money. Of course, you could buy a bitcoin with another bitcoin, but that would defeat the purpose. So we had to give them a hard, nation-sponsored currency, like dollars. And, oddly enough, Coinbase doesn’t take cash, at least not that I could tell. The only way to give it money to buy a bitcoin was through a bank account, so we had to give them the routing number and account number for The Lawfare Institute's bank account at PNC Bank.
This proved problematic. The idea was that Coinbase would then verify the reality of the bank account by making two small deposits (and one withdrawal) and requiring me to tell them the amounts of the deposits. This would have conclusively linked “Nathan Detroit” to the PNC Bank account for Lawfare Institute. But the PNC account’s link to Lawfare Institute is only as good as the bank’s verification efforts. In the US that’s pretty stringent; PNC has a lot of information about Lawfare. But elsewhere, the "know your customer" regulations are less comprehensive. If we had used, say, a bank account in the Isle of Man (or some other banking haven) we would have strengthened the pseudonymity of the enterprise.
More problematically, for some reason, the deposit/verification process didn’t work for the Lawfare Institute bank account at all. Even after waiting several days to see the deposits, nothing happened. Undaunted, we had to back up and start over, this time verifying my Red Branch Consulting bank account. That worked---and so Nathan Detroit was decisively linked to Red Branch Consulting PLLC. But that did successfully add another layer of obscurity to the process, one would have to connect my corporate Red Branch account to me, as owner of Red Branch. [The connection to Lawfare is also now further obscured, since it resides only in an unwritten agreement between me and Lawfare that I will, in the end, be reimbursed for the purchase and hold the bitcoin as an agent of The Lawfare Institute.] In the end it would be a bit intricate to figure out that Nathan Detroit was really Paul Rosenzweig or that either of us is connected to Lawfare---save, of course, for the fact that I’ve announced it in this blog post!
It’s appropriate to mention, at this point, that though Coinbase didn’t seem to care very much who I truly was (not ever verifying my true name independently) it did care, quite a bit, about ensuring that whoever was logging in as Nathan Detroit really was the same person as the one who originally created the account and identified himself as Nathan when the account was opened. Besides my email login and password they routinely required a two factor identification numerical code that was provided by them through an app (Authy) that I had to install on my tablet. The numerical code was only good for 30 seconds before it expired, which was a bit of a pain but did serve as a very effective security tool.
Anyway, in the end, it all worked out. My office account was debited $316.50 (the XBT value of $313.42; the other $3.08 was a fee. You can get pretty rich on a 1 percent transaction fee with low overhead!) and I was told that my bitcoin would be delivered in 4 working days. Since I made the purchase on December 31, 2014 that meant my bitcoin was not going to be arriving until today Wednesday January 7, 2015. Overall it seems a pretty cumbersome process, but as you can see, I am now the proud owner of a single bitcoin:
Of course, the screen shot also reflects the first risk of having bitcoin: it’s value fluctuation. On the day I bought the coin it cost $313. Today that same coin is worth $288, a decrease in value of nearly 8 percent in less than a week between when I bought the coin and when the transaction settled. But at least we have an XBT now … onward!
Paul Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company and a Senior Advisor to The Chertoff Group. Mr. Rosenzweig formerly served as Deputy Assistant Secretary for Policy in the Department of Homeland Security. He is a Professorial Lecturer in Law at George Washington University, a Senior Fellow in the Tech, Law & Security program at American University, and a Board Member of the Journal of National Security Law and Policy.
