1. "Notice how Bitcoin has a minimal-to-nonexistent cryptographic pedigree".
2. "Here are many criticisms of the system ranging from 'it is difficult to scale' to 'it is completely meaningless as a currency', many of them from cryptographers who have studied cryptocurrencies for over a decade".
3. "Notice how Bitcoin is currently popular".
4. "Therefore, Bitcoin is worse-is-better".
It helps at this point to understand that "worse-is-better" --- a casual essay by Richard Gabriel --- describes how Unix took over the world not based on merit but on its viral characteristics. By implication, this article suggests that Bitcoin is also poised to take over the world virally.
The issue here is that Unix was also a functioning operating system. Nobody criticizes Unix as "completely unworkable"; they just think it's inelegant.
Gwen recognizes this, and uses "elegance" as a straw-man argument to bucket Bitcoin critiques into and to make it fit the pattern of "worse-is-better". But the most damning criticisms of Bitcoin --- criticisms he himself cites in this very article --- aren't that it's inelegant.
Instead, the most damning critiques of Bitcoin are instead that it almost totally fails to achieve its security objectives, that it exploits a misperception about anonymity to handwave away the fact that for most users it is not anonymous, that it is reliant on centralized infrastructure ("Bitcoin is peer to peer in the sense of the British Peerage System"), and (most importantly) that it is meaningless as a currency: "I have taken $100 and set it on fire; I will sell you a certificate representing the smoke for $101".
These aren't elegance critiques. This isn't "worse-is-better"; to make a similar argument fly, you have to come up with "worthless-is-better". Unfortunately, the greater fool theory floats that argument too, at least until Esquire writes the postmortem on Bitcoin and all the fools who lost money to it.
But obviously I differ about the elegance and following. Elegance is not optional; elegance is useful; elegance has important practical consequences.
Go back to rpg's original paper and one of his examples - the difference between ITS and Unix in system calls was not one of mere aesthetic elegance, but a case where Unix programs were incorrect and could, and did, fail! Like freeing memory in memory management, it's easy to omit the check whether the system call failed.
This applies to each of your points:
- the anonymous vs pseudonymous distinction - you can build anonymity on top of the pseudonymity (I spent a couple links and cites establishing this with the mix material!) but you can easily not succeed in getting the anonymity you wanted. Just like you can easily not check system call success on Unix.
- the centralized infrastructure: anyone who wants to be a full miner peer can... they just have to buy the GPU power. Like writing a secure & bug-free Unix C program, it'll cost you. (One in money, the other in time & skill.)
- meaningless as currency: I am actually not sure how elegance plays into that at all, so I have no cute analogy to rpg's Unix/ITS system calls. The wasted computing power is inherent to the system of avoiding double-spending (I also spent some time discussing this), but that's not related to Bitcoin being worthless or not as a currency. Any damn thing can be currency, after all; currencies are as currencies do.
The point is that a $101 certificate for the smoke from $100 in burnt five dollar bills isn't worth $101. Or $100. Or $5. Or $0.01.
You can declare by fiat that as a proof of effort, the smoke certificate is worth something. You can try to convince people that certificates representing smoke function as a medium of exchange. But as a medium of exchange, it must reside on a continuum with all the other media of exchange, ranked by the certitude that it will in the long run be convertible to other media. And in that ranking, "smoke from burnt dollar bills" fares poorly.
There are obviously many types of Bitcoin advocates. The ones we see most often on HN are of the nerd clade. Nerdly Bitcoin advocates are fixated on the fact that "any damn thing can be a currency". This fixation presupposes that being a currency is interesting. The problem is, it isn't interesting. Toenails can be a currency. Belly button lint can be a currency. Burnt dollar bill certificates can be a currency. What's interesting is, what are good currencies.
Here the nerdly Bitcoin advocate handwaves around the fact that we actually have notions of what it means to be a "good" or "bad" currency. Dollar bills are highly liquid and have a relatively predictable valuation over time. To a lesser extent, so does gold. Bitcoin does not. It's volatilee, it has illusory liquidity (it is liquid only so long as the "exchanges" on which it trades decide to keep trading Bitcoins --- or decide not to succumb to their numerous security flaws), and it is in no place a native medium of exchange, such that some person somewhere will ever need it to e.g. pay their taxes.
To all that, add the critiques you sourced of Bitcoin; that while it has impressive virality, it largely fails at its security goal by making the cost to defend transaction integrity greater than the cost of attacking it; that it largely fails at its anonymity goal by requiring a complete audit log be made available to everyone simply in order to function; that it largely fails at its decentralization goal by requiring resources comparable to that of a Visa or a Mastercard just to scale.
What are you left with? Colorless, odorless tulips.
It would be great if tptacek actually explained what he means. It seems to be a muddled economic argument. I do not understand "meaningless as currencies goes".
it almost totally fails to achieve its security objectives, that it exploits a misperception about anonymity to handwave away the fact that for most users it is not anonymous
Are these the same -- both referring to the mere pseudonymity of addresses?
it is reliant on centralized infrastructure
How so? My understanding is that anyone can generate a new block, it's just (linearly) more likely to be you the more CPU you have.
and (most importantly) that it is meaningless as a currency
This seems like the weakest criticism. There are many conventions that work simply because they are conventions. In other words, they are self-supporting. Bitcoin has bootstrapped to the point where such a convention exists, and people are productively using it as a currency. This may not be the level of rigor you're used to in your work, but it seems plausible that a convention like Bitcoin could last for a significant period of time before collapsing.
Make no mistake, bitcoin is a very complicated system. Not for a piece of software, but for a cryptographic system. One that aims to replace the fundaments of our economic system. With such ambition, "it seems to work," is not good enough.
As someone who has spend some time hacking the bitcoin code, I have little confidence. Although I have not found any outright errors, the quality of the code shocked me. The code does nothing to provide structure and/or insight to the already complicated protocol. Basic protocol is mixed with parsing of messages and parallelism of the code. I for one, fully expect major and near fatal errors to be found in bitcoin.
There are a lot of differing opinions on this. I quoted Kaminsky at length as someone with major security credentials who is saying the opposite of you.
I hope to make the starburst of applicable points that follow from this by implication instead of explicit argument.
