Facebook’s announced “currency”, Libra, has understandably created a splash. The social network’s track record does not inspire a lot of confidence. Its unwitting facilitation of Russia’s threats to democracy in the West is the biggest and the best known example of its weakness. Allowing Facebook to issue currency seems like a really bad idea. So let’s look at some of the things that could go wrong.
Clearly, Facebook’s ambitions cannot be stopped. After all, more than two billion users trust the social network with their digital lives, most probably not realising how far Facebook reaches into their offline lives. The social network’s influence seems hard to counteract — so if enough people adopt it, its “currency” has a high chance of success.
Possibly this is why Mark Carney, the Bank of England governor, did not reject Facebook’s incursion into the world of finance outright. The “entity” would be “so important” that the Bank of England, the Federal Reserve, the European Central Bank and other major central banks of the world would have “direct regulatory oversight” over it.
“This would be a global public good, so it would have to not be owned by Facebook or tech companies,” he said. “We don’t want criminals and terrorist to be using this.”
Carney also said that regulators want people’s data to be protected, but it really is not at all clear how they would ensure this. Already, people give away too much personal information on Facebook, not realising or perhaps not caring how the company uses that information.
And if there is only so much speculation that can be carried out on the back of cute videos of dogs or babies, the possibilities of exploiting financial transaction data if it falls into the wrong hands are unlimited. Presumably, Facebook knows this, and “welcomes” regulation. But judging by its track record on protecting users’ data, that doesn’t mean much.
So how could this “currency”, or more correctly put, payments transfer system, be exploited by people with bad intentions?
Facebook’s currency, Libra, comes with its own programming language. Source: Facebook
Libra, which is planned to launch next year, will take customer deposits, which it will then invest in government bonds. It will also hold “normal” currencies as reserves, and will offer transfer and payment services around the world to its users.
Facebook, aware of its chequered reputation, was careful to surround itself with allies so that it does not look like it is doing this by itself, but really it is in the driving seat.
The appeal of this new currency is obvious: it will “democratise” payments because it will be available to anyone, it will lower the cost of banking for the poorest segments of society, and it will give access to finance to millions of people for whom cash was the only option because of lack of banks nearby and lack of funds to pay banking fees.
However, the devil is in the details, and some of these details are in the white paper accompanying the announcement of the currency’s launch. Here are some of the worrying points:
Access to anyone
Initially, the blockchain technology underpinning Libra will be a “permissioned blockchain” — that is, access will be granted to run so-called “validator” nodes. These are volunteer-based nodes in the blockchain that facilitate its decentralisation and speed, but are of no real use for the person running the node, because they do not allow that person to create or change any aspect of the currency.
Facebook says: “to ensure that Libra is truly open and always operates in the best interest of its users, our ambition is for the Libra network to become permissionless.” Currently, there is no “proven solution” to “deliver the scale, stability, and security needed to support billions of people and transactions across the globe through a permissionless network,” the white paper says.
But, it adds, the aim of the company and its support network is to research and implement a transition to a permissionless network within five years of the public launch of the Libra system. A permissionless blockchain allows anyone to join.
Its own programming language
The Libra blockhain was built using its own programming language, called “Move.” It can issue cryptocurrencies, tokens and other digital assets, handle transactions on the blockchain and manage validators (nodes).
The launch of Move has been obscured by the launch of Libra, but it can end up being a much bigger deal. In fact, for some developers it already is a much bigger deal. They enthuse about Move’s ability to lessen security incidents and prevent the cloning of assets. The language also facilitates automatic verification that payment transactions only change the account balances of the payer and receiver.
However, the inventor of the language usually controls it. It is not clear how much of its future development will the Libra system be able to control, and to what purposes. The white paper is quite vague on this, saying things like: “We anticipate that the ability for developers to create contracts will be opened up over time in order to support the evolution and validation of Move.”
Backed by other assets
Unlike other cryptocurrencies, which are not backed by anything, Libra will be “fully backed by a reserve of real assts”, called the Libra Reserve. This will help build confidence in the currency and would encourage users to adopt it faster.
The Facebook currency will be backed by “a collection of low-volatility assets, such as bank deposits and short-term government securities in currencies from stable and reputable central banks,” according to the white paper. As the value of the underlying assets will change, the value of one Libra will fluctuate with it, even though the company promises to choose the reserves to minimise volatility.
In practice, this means that Libra users will have no way of knowing how much their so-called currency is actually worth. In that respect, Libra will act more like a mutual fund than an actual currency, except there will be no single fund manager.
Facebook says the assets in the Libra Reserve will be held by a “geographically distributed network of custodians” who will have “investment-grade credit rating”. This will be done to provide both security and decentralisation of these assets.
While all this sounds wonderful on paper, the above three points are enough to raise question marks, such as: what if fraudsters manage to infiltrate the permissionless blockchain? Who will compensate Libra users for losses because of it, if that happens?
What if Move, the programming language, is modified (by humans or AI) so that the whole system is hijacked by a few people? (Or, even worse, what if it has been designed that way?) What happens if one or more of the backing assets turns sour despite its investment grade? Remember that this happened before. How would Libra cope with a fire sale of its backup reserve assets in such an event?
The above are just a few of the questions that Facebook must answer before it is allowed to launch its so-called “currency”. But perhaps the two most important questions are, who will ask them, and how. Facebook has a habit of simply not answering inconvenient questions, given a choice.