One summer day in August 2008, Adam Back got an email from Satoshi Nakamoto.
It was the first time Nakamoto had reached out to anyone about a new project that the pseudonymous programmer or group of programmers called Bitcoin. The email described a blueprint for what a group of privacy advocates known as the cypherpunks considered the Holy Grail: decentralized digital cash.
By the mid-2000s, cryptographers had for decades tried to create a digital form of paper cash with all of its bearer asset and privacy guarantees. With advances in public-key cryptography in the 1970s and blind signatures in the 1980s, “e-cash” became less of a science fiction dream read about in books like “Snowcrash” or “Cryptonomicon” and more of a possible reality.
Censorship-resistance was a key goal of digital cash, which aimed to be money beyond the reach of governments and corporations. But early projects suffered from a seemingly inescapable flaw: centralization. No matter how much cutting-edge math went into these systems, they ultimately still relied on administrators who could block certain payments or inflate the monetary supply.
More “ecash” advances occurred in the late 1990s and early 2000s, each one making a critical step forward. But before 2008, a vexing computing riddle prevented the creation of a decentralized money system: the Byzantine Generals Problem.
Imagine that you are a military commander trying to invade Byzantium hundreds of years ago during the Ottoman Empire. Your army has a dozen generals, all posted in different locations. How do you coordinate a surprise attack on the city at a certain time? What if spies break through your ranks and tell some of your generals to attack sooner, or to hold off? The entire plan could go awry.
The metaphor translates to computer science: How can individuals who are not physically with each other reach consensus without a central coordinator?
For decades, this was a major obstacle for decentralized digital cash. If two parties could not precisely agree on the state of an economic ledger, users could not know which transactions were valid, and the system could not prevent double-spending. Hence all ecash prototypes needed an administrator.
The magic solution came in the form of a mysterious post on an obscure email list on Friday, October 31, 2008, when Nakamoto shared a white paper, or concept note, for Bitcoin. The subject line was “Bitcoin P2P e-cash paper” and the author wrote, “I’ve been working on a new electronic cash system that’s fully peer-to-peer, with no trusted third party.”
To solve the Byzantine Generals Problem and issue digital money without a central coordinator, Nakamoto proposed to keep the economic ledger in the hands of thousands of individuals around the world. Each participant would hold an independent, historical, and continually-updating copy of all transactions that Nakamoto originally called a timechain. If one participant tried to cheat and “double-spend,” everyone else would know and reject that transaction.
After raising eyebrows and objections with the white paper, Nakamoto incorporated some final feedback and, a few months later on January 9, 2009, launched the first version of the Bitcoin software.
Today, each Bitcoin is worth more than $55,000. The currency boasts a daily transaction total greater than most countries’ daily GDP and a total market capitalization of more than $1 trillion. Nakamoto’s creation is used by more than 100 million people across nearly every country on earth and has been adopted by Wall Street, Silicon Valley, D.C. politicians, and even nation-states.
But in the beginning, Nakamoto needed help, and the first person they reached out to for assistance was Adam Back.
I. The Birth Of The Cypherpunks
Back was one of the cypherpunks, students of computer science and distributed systems in the 1980s and 1990s who wanted to preserve human rights like the right to associate and the right to communicate privately in the digital realm. These activists knew that technologies like the internet would eventually give enormous power to governments and believed cryptography could be the individual’s best defense.
By the early 1990s, states realized that they were sitting on an ever-growing treasure trove of personal data from their citizens. Information was often collected for innocuous reasons. For example, your Internet Service Provider (ISP) might collect a mailing address and phone number for billing purposes — but then hand this identifying information along with your web activity to law enforcement without a warrant.
The collection and analysis of this kind of data spawned the era of digital surveillance and eavesdropping, which, two decades later, led to the intricate and highly-unconstitutional war on terror programs that would eventually be leaked to the public by the NSA whistleblower Edward Snowden.
In his 1983 book “The Rise Of The Computer State," New York Times journalist David Burnham warned that computerized automation could lead to an unprecedented level of surveillance. He argued that in response, citizens should demand legal protections. The cypherpunks, on the other hand, thought the answer was not to lobby the government to create better policy but instead to invent and use technology that the government could not stop.
The cypherpunks harnessed cryptography to trigger social change. The idea was deceptively simple: political dissidents from across the world could gather online and work together pseudonymously and freely to challenge state power. Their call to arms was: “Cypherpunks write code.”
Once the exclusive domain of militaries and spy agencies, cryptography was brought into the public world in the 1970s through academics like Ralph Merkle, Whitfield Diffie and Martin Hellman. At Stanford University in May 1975, this trio had a eureka moment. They figured out how two people could trade private messages online without needing to trust a third party.
One year later, Diffie and Hellman published “New Directions In Cryptography,” a seminal work that laid out this private messaging system that would become key to defeating surveillance. The paper described how citizens could encrypt and send digital messages without fear of snooping governments or corporations figuring out the contents:
“In a public-key cryptosystem enciphering and deciphering are governed by distinct keys, E and D, such that computing D from E is computationally infeasible (e.g. requiring 10100 instructions). The enciphering key E can be disclosed [in a directory] without compromising the deciphering key D. This enables any user of the system to send a message to any other user enciphered in such a way that only the intended recipient is able to decipher it.”
In simple terms, Alice can have a public key that she posts online. If Bob wants to send a private message to Alice, he can look up her public key, and use it to encrypt the message. Only she can decrypt the note and read the text inside. If a third party, Carol, does not have the private key (think: password) for the message, she cannot read the contents. This simple innovation changed the entire information power balance of individuals versus governments.
When Diffie and Hellman’s paper was published, the U.S. government, through the NSA, tried to prevent the spread of its ideas, even writing a letter to a cryptography conference at the time, warning the participants that their participation might be illegal. But after activists printed hard copies of the paper and distributed them around the country, the Feds backed off.
In 1977, Diffie, Hellman, and Merkle would file U.S. patent number 4200770 for “public-key cryptography,” an invention that created the foundation for email and messaging tools like Pretty Good Privacy (PGP) and today’s popular Signal mobile app.
It was the end of government control of cryptography and the beginning of the cypherpunk revolution.
II. The List
The word “cypherpunk” did not appear in the Oxford English Dictionary until 2006, but the community began gathering much earlier.
In 1992, one year after the public release of the world wide web, early Sun Microsystems employee John Gilmore, privacy activist Eric Hughes, and former Intel engineer Timothy May started to meet up in San Francisco to discuss how cryptography could be used to preserve freedom. That same year, they launched the Cypherpunks Mailing List (or “The List” for short), where the ideas behind Bitcoin were developed and eventually published by Nakamoto 16 years later.
On “The List,” cypherpunks like May wrote about how monarchies in the late Middle Ages were disrupted by the invention of the printing press, which democratized access to information. They debated how the creation of the open internet and cryptography could democratize privacy technology and disrupt the seemingly inevitable trend toward a global surveillance state.
Like many cypherpunks, Back’s college education was in computer science. But, serendipitously, he first studied economics between the ages of 16 and 18, and afterward, added a Ph.D. in distributed systems. If anyone was adequately trained to one day become a Bitcoin scientist, it was Back.
While he studied computer science in London in the early 1990s, he learned that one of his friends was working on speeding up computers to run faster encryption techniques. Through his friend, Back learned about the public-key encryption invented 15 years earlier by Diffie and Hellman.
Back thought this was a historic shift in the relationship between governments and individuals. Now citizens could communicate electronically in a way that no government could decrypt. He resolved to learn more, and his curiosity eventually led him to The List.
During the mid-1990s, Back was an avid participant on The List, which at its peak, was populated by dozens of new messages every day. By Back’s own account, he was the most active contributor at times, addicted to the cutting-edge conversations of the era.
Back was struck by how the cypherpunks wanted to change society by using code to peacefully create systems that could not be stopped. In 1993, Hughes wrote the movement’s seminal short essay, “A Cypherpunk’s Manifesto”:
“Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private matter is something one doesn't want the whole world to know, but a secret matter is something one doesn't want anybody to know. Privacy is the power to selectively reveal oneself to the world...
“...We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy out of their beneficence. We must defend our own privacy if we expect to have any. We must come together and create systems, which allow anonymous transactions to take place. People have been defending their own privacy for centuries with whispers, darkness, envelopes, closed doors, secret handshakes, and couriers. The technologies of the past did not allow for strong privacy, but electronic technologies do.
“We the Cypherpunks are dedicated to building anonymous systems. We are defending our privacy with cryptography, with anonymous mail forwarding systems, with digital signatures, and with electronic money.
“Cypherpunks write code. We know that someone has to write software to defend privacy, and since we can’t get privacy unless we all do, we’re going to write it… Our code is free for all to use, worldwide. We don’t much care if you don’t approve of the software we write. We know that software can’t be destroyed and that a widely dispersed system can’t be shut down.”
This kind of thinking, Back thought, was what actually changes society. Sure, one could lobby or vote, but then society changes slowly, lagging behind government policy.
The other way, Back’s preferred strategy, was bold, permissionless change through inventing new technology. If he wanted change, he thought, he just had to make it happen.
III. The Crypto Wars
The original enemies of the cypherpunks were governments trying to stop citizens from using encryption. Back and friends thought that privacy was a human right. On the other hand, nation-states were petrified that citizens would create code allowing them to escape oversight and control.
Authorities doubled down on old military standards — which classified cryptography alongside fighter jets and aircraft carriers as munitions — and tried to ban export of encryption software to kill its use globally. The aim was to scare people away from using privacy tech. The conflict became known as the “Crypto Wars,” and Back was a frontline soldier.
Back knew that the big picture effects of such a ban would cause many U.S. jobs to move offshore, and force vast amounts of sensitive information to remain unencrypted. But the Clinton Administration was not looking ahead, just at what was directly in front of it. And its biggest target was a computer scientist named Phil Zimmerman, who had in 1991 released the first consumer-level secret messaging system, called Pretty Good Privacy, or “PGP” for short.
In the mid-1990s, WIRED covered the cypherpunks in a detailed profile:
PGP was an easy way for two individuals to communicate privately using PCs and the new world wide web. It promised to democratize encryption to millions of people and end the state’s decades-long control over private messaging.
As the face of the project, however, Zimmerman came under attack from corporations and governments. In 1977, three Massachusetts Institute of Technology (MIT) scientists named Rivest, Shamir, and Adelman, implemented Diffie and Hellman’s ideas into an algorithm called RSA. MIT later issued a license for the patent to a businessman named Jim Bidzos and his company, RSA Data Security.
The cypherpunks were uneasy with such a vital toolkit being controlled by one entity, having a single point of failure, but all through the 1980s, licensing and fear of being sued had largely prevented them from releasing new programs based on the code.
At first, Zimmerman asked Bidzos for a free license for the software, but was denied. In defiance, Zimmerman released PGP as “guerilla freeware,” disseminating it through floppy disks and internet message boards. A young cypherpunk by the name of Hal Finney — who would later play a major role in the Bitcoin story — joined Zimmerman, helping to push the project forward. A 1994 WIRED feature hailed Zimmerman’s brazen release of PGP as a “pre-emptive strike against such an Orwellian future.”
Bidzos called Zimmerman a thief and mounted a campaign to halt the spread of PGP. Zimmerman eventually got help from Christopher Allen and his team at Consensus Development to put out a new PGP version, which piggybacked on code that Bidzos had released for free, defusing the corporate threat.
But the federal government ultimately decided to investigate Zimmerman for exporting “munitions” under the Arms Control Export Act. In defense, Zimmerman argued that he was merely enacting his First Amendment rights of free speech by sharing open-source code.
At the time, the Clinton Administration argued that Americans had no right to encrypt. They pushed for legislation to force companies to install backdoors (“clipper chips”) into their equipment so that the State could have a skeleton key to any message these chips encrypted. Led by White House officials and congressmen like Joe Biden, they argued that cryptography would empower criminals, pedophiles and terrorists.
The cypherpunks rallied to support Zimmerman, who became a cause célèbre. They argued that anti-encryption laws were incompatible with U.S. traditions of free speech. The activists started to print the PGP source code in books and mail them overseas. Via the publishing of the code in printed form, Zimmerman and others theorized they could legally circumvent anti-munitions restrictions. Recipients would scan the code, reconstitute it, and run it, all to prove the point: you cannot stop us.
Back wrote short pieces of source code that any programmer could turn into a fully-functional privacy toolkit. Some activists tattooed snippets of this code on their bodies. Back famously started selling t-shirts with the code on the front and a piece of the U.S. Bill of Rights with “VOID” stamped over it on the back.
Activists finally sent a book containing the controversial code to the U.S. government’s Office of Munitions Control, asking if it could share it abroad. They never got a response. The cypherpunks guessed that the White House would never ban books, and in the end, they were right.
In 1996, the U.S. Department of Justice dropped its charges against Zimmerman. The pressure to force companies to use “clipper chips” subsided. Federal judges argued that encryption was a right protected by the First Amendment. Anti-cryptography standards were overturned, and encrypted messaging became a core part of the open web and e-commerce. PGP became “the most widely used email encryption software in the world.”
Today, companies and apps ranging from Amazon to WhatsApp and Facebook rely on encryption to secure payments and messages. Billions of people benefit. Code changed the world.
Back is self-deprecating and said that it is hard to say if his activism in particular made a difference. But certainly, the fight that the cypherpunks mounted was one of the main reasons that the U.S. government lost the Crypto Wars. The authorities tried to stop the code and failed.
This realization would loom large in Back’s mind 15 years later, in the summer of 2008, as he worked through that first email from Nakamoto.
IV. From DigiCash To Bit Gold
As the computing historian Steven Levy said in 1993, the ultimate crypto tool would be “anonymous digital money.” Indeed, after winning the fight for private communications, the next challenge for the cypherpunks was to create digital cash.
Some cypherpunks were crypto-anarchists — deeply skeptical of the modern democratic state. Others believed it was possible to reform democracies to preserve individual rights. No matter what side they took, many considered digital cash to be the Holy Grail of the cypherpunk movement.
In the 1980s and 1990s, major steps were taken in the right direction, both culturally and technically, toward digital cash. From a cultural perspective, science fiction authors like Neal Stephenson captured the imagination of computer scientists around the world with depictions of future societies — where cash was gone — and different kinds of digital e-bucks were the currency du jour. At a time when credit cards and digital payments were already on the rise, there was a nostalgia for the privacy involved in making a cash payment, where the merchant does not know, store, or sell any information about the customer.
On the technical front, a cryptography scholar at the University of California, Berkeley named David Chaum took the powerful idea of public-key encryption and started to apply it to money.
In the early 1980s, Chaum invented blind signatures, a key innovation in the evolution of being able to prove ownership of a piece of data without revealing its provenance. In 1985, he published “Security Without Identification: Transaction Systems To Make Big Brother Obsolete,” a prescient paper that explored how the growth of the surveillance state could be slowed through private digital payments.
A few years later in 1989, Chaum and friends moved to Amsterdam, applied theory to practice, and launched DigiCash. The company aimed to allow users to convert European currencies and dollars into digital cash tokens. Bank credits could be turned into “eCash” and sent to friends outside of the banking system. They could store the new currency on their PC, for instance, or cash them out. The software’s strong encryption made it impossible for authorities to trace the money flow.
In a 1994 profile of DigiCash at its heyday, Chaum said that goal was to “catapult our currency system into the 21st century… in the process, shattering the Orwellian predictions of a Big Brother dystopia, replacing them with a world in which the ease of electronic transactions is combined with the elegant anonymity of paying in cash.”
Back said that cypherpunks like him were initially excited about eCash. It prevented outside observers from knowing who had sent how much to whom. And the tokens resembled cash in as much as they were bearer instruments that users controlled.
Chaum’s personal philosophy also resonated with the cypherpunks. In 1992, he wrote that mankind was at a decision point, where “in one direction lies unprecedented scrutiny and control of people’s lives; in the other, secure parity between individuals and organizations. The shape of society in the next century,” he wrote, “may depend on which approach predominates.”
DigiCash, however, failed to get the right funding, and later that decade went bankrupt. For Back and others, this was a big lesson: digital cash needed to be decentralized, without a single point of failure.
Back had personally gone to great lengths to preserve privacy in society. He once ran a “mixmaster” service to help people keep their communications private. He would accept incoming email and forward it along in a way that was not traceable. To make it hard to figure out that he was running the service, Back rented a server from a friend in Switzerland. To pay him from London, he would mail physical cash. Eventually, the Swiss Federal Police showed up at his friend’s office. The next day, Back shut down his mixer. But the dream of digital cash kept burning in his mind.
Centralized digital money could fail operationally, come under regulatory capture, or go bankrupt, à la DigiCash. But its biggest vulnerability is monetary issuance dictated by a trusted third party.
On March 28, 1997, after years of reflection and experimentation, Back invented and announced Hashcash, an anti-spam concept later cited in Nakamoto’s white paper that would prove foundational for Bitcoin mining. Hashcash would eventually enable financial “proof of work”: a currency that needed the expenditure of energy to produce new monetary units, thus making money harder and fairer.
Governments historically have frequently abused their monopolies on the issuance of money. Tragic examples include ancient Rome, Weimar Germany, Soviet Hungary, the Balkans in the 1990s, Mugabe’s Zimbabwe, and the 1.3 billion people today living under double, triple, or quadruple digit inflation everywhere from Sudan to Venezuela.
Against this backdrop, cypherpunk Robert Hettinga wrote in 1998 that properly decentralized digital cash would mean that economics would no longer have to be “the handmaiden of politics.” No more making new huge amounts of new cash with the click of a button.
One vulnerability of Hashcash was that if someone tried to design a currency with its anti-spam mechanism, users with faster computers could still cause hyperinflation. A decade later, Nakamoto would solve this issue with a key innovation in Bitcoin called the “difficulty algorithm,” where the network would reset the difficulty of minting coins every two weeks based on the total amount of power spent by the users on the network.
In 1998, the computer engineer Wei Dai released his b-money concept. B-money was “an anonymous, distributed electronic cash system,” and it proposed a “scheme for a group of untraceable digital pseudonyms to pay each other with money and to enforce contracts amongst themselves without outside help.”
Dai was inspired by Back’s work with Hashcash, incorporating proof of work into b-money’s designs. While the system was limited and turned out to be impractical, Dai left behind a series of writings that echoed Hughes, Back, and others.
In February 1995, Dai sent an email to The List, making a case for technology, not regulation, as the savior of our future digital rights:
“There has never been a government that didn't sooner or later try to reduce the freedom of its subjects and gain more control over them, and there probably never will be one. Therefore, instead of trying to convince our current government not to try, we'll develop the technology… that will make it impossible for the government to succeed.
“Efforts to influence the government (e.g., lobbying and propaganda) are important only in so far as to delay its attempted crackdown long enough for the technology to mature and come into wide use.
“But even if you do not believe the above is true, think about it this way: If you have a certain amount of time to spend on advancing the cause of greater personal privacy (or freedom, or cryptoanarchy, or whatever), can you do it better by using the time to learn about cryptography and develop the tools to protect privacy, or by convincing your government not to invade your privacy?”