Satoshi Nakamoto Mentioned Trust Minimization 14 Times in the Bitcoin White Paper


You can listen to or watch this article here:


Given cypherpunk history and the clear ethos of decentralization in the Bitcoin ecosystem, it is obvious that trust minimization is the overarching purpose of the system.

In other words, all the other principles and features sought by highly secure blockchains, such as immutability, permissionlessness, censorship resistance, sound money, fungibility, crossborderness, social scalability, and others stem from one single underlying understanding: Trusted third parties are security holes.

Satoshi Nakamoto actually mentioned trust minimization, in one way or another, 14 times in his seminal Bitcoin white paper. This article examines these occurrences.

Satoshi Nakamoto’s diagram in the “Privacy” section of the white paper lays out the trusted third party problem-solution logic of Bitcoin. (additions in red are by this author.)

Satoshi on Trust, Trusted Third Parties, Trust Based Models, and Trusted Central Authorities

Following are the 14 times Satoshi Nakamoto mentioned the concept of trust minimization in the Bitcoin white paper. They are organized by mention number, section, occurrence number by section, and format when applicable.

1. Abstract I

A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending.

As described in the first line of the white paper, the implicit problem are financial institutions, and the solution is to allow online payments to be sent directly from party to party.

Immediately after, one of the cryptographic technologies used to accomplish Bitcoin, digital signatures, is mentioned, but clarifies that if trusted third parties were needed anyway, the main benefit would be lost.

This main benefit is to prescind or minimize trusted third parties, thus the concept of “trust minimization”.

2. Introduction I

Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments.

In the first mention of trust in the first line in the introduction, the historical context Satoshi uses is about the financial industry in particular, and how it has come to be centralized in the internet with trusted third parties as intermediaries in online payments.

3. Introduction II

While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model.

It is recognized that trusted third parties work reasonably well for most transactions, for example to pay for a coffee. Nevertheless, the inherent problems of the trust based model, namely that trusted third parties hold people’s information, money, and property titles, and that they can be breached, lose value and integrity, are still present.

4. Introduction III

With the possibility of reversal, the need for trust spreads.

The paper expands the concept of risk and transaction costs trusted third parties entail. Some of those costs are the requirement of more information from customers and the possibility of transaction reversals for merchants, which hardly exist with physical cash payments. It goes on to mention that with more roles given to trusted third parties, the more the need for them expands, thus vulnerability for all sides of the transaction.

5. Introduction IV

These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party.

As mentioned above, in the physical world transactions have less demands for information, reversals, and other risks and costs. If a purely peer-to-peer payment system over a communications channel without the need of a trusted third party existed, the problem would be largely solved.

6 & 7. Introduction V & VI

What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.

The solution proposed is to use cryptographic tools and proofs, e.g. digital signatures and public key cryptography to secure individual property titles and possession, and proof of work as a consensus mechanism, security barrier to prevent attacks, unforgeability, and proxy for value in the economy. This would allow for parties to transact directly rather than using trusted third parties.

8. Transaction I

A common solution is to introduce a trusted central authority, or mint, that checks every transaction for double spending.

The description and details of the transaction model are a critical part of Bitcoin. Historically, mints and other trusted central authorities had been used. This happened even in digital systems previously attempted, e.g. DigiCash by David Chaum, a pioneer cypherpunk and libertarian in the digital currency and privacy space.

The unsolved problem was double spending, which happens when the sender pays with the same money twice. A trusted third party was always used for this type of solutions, which obviously significantly undermined the systems.

9. Transaction II

After each transaction, the coin must be returned to the mint to issue a new coin, and only coins issued directly from the mint are trusted not to be double-spent.

The way mints as trusted third parties worked is that they positioned themselves as the default counterparty in every transaction to make sure to payees that the currency amounts were not forged.

This is a similar model used in the majority of centralized markets, such as stocks, futures, and bonds, where either the exchanges or authorized dealers automatically become counterparties in all transaction settlements. 

10. Transaction III

To accomplish this without a trusted party, transactions must be publicly announced, and we need a system for participants to agree on a single history of the order in which they were received.

The proposed solution continues with a public announcement system, the peer-to-peer gossip network in the case of Bitcoin, where all nodes pass all the transactions and blocks to all other nodes so all participants have a single identical database of the history of the activity in the network. In other words, that is what is now called the “blockchain”, which is a fully replicated record and order of all transactions in Bitcoin.

11. Privacy I

The traditional banking model achieves a level of privacy by limiting access to information to the parties involved and the trusted third party.

Trusted third parties, as in banking, not only guaranteed a reasonable scarcity and unforgeability, but accumulated information, balances, and titles to property of all participants. This, evidently, was a huge security risk in the form of lack of privacy. 

12. Privacy II (diagram)

This is the diagram used by Satoshi to illustrate the problem-solution logic of privacy:

It includes a trusted third party as a key link in the traditional value chain.

The same diagram could actually be used to describe how all other problems of trust are solved.

13. Conclusion I

We have proposed a system for electronic transactions without relying on trust.

After describing how digital signatures, public key cryptography, proof of work, the transaction design, and the database with the timestamp server, or blockchain, work, the paper concludes that it has presented a peer-to-peer system for transactions over communications channels without relying on trusted third parties

14. References I

[2] H. Massias, X.S. Avila, and J.-J. Quisquater, “Design of a secure timestamping service with minimal trust requirements,” In 20th Symposium on Information Theory in the Benelux, May 1999.

As a final and fourteenth mention of trust minimization, Satoshi included, as the second reference, a paper by Henri Massias, Xavier Serret-Avila, and Jean-Jacques Quisquater about a timestamping service they created with minimal trust requirements, which is another critical component of the Bitcoin network.

The Direction has Been Established

The reason blockchains are not “trustless” is because there is still, however small, some dependence on node operators, developers, miners, and other participants. This is why the proper terminology to describe highly secure proof of work blockchains is “trust minimization”.

Nevertheless, even if some marginal trust still remains in these systems, they have made an incredible step forward in security for money, property, and agreements for individuals and businesses on a global scale.

The mission of blockchain ecosystems is to continue the work in terms of privacy, individual control, and decentralization.

The direction is one way, and has been established since the beginning. 


Code Is Law

Author: Donald McIntyre

Read about me here.