What is a Cypherpunk?

13 MIN READ
What is a Cypherpunk

Every modern convenience is based on inventions made by dreamers and visionaries. The most important modern convenience is the internet, which was dreamt up by visionaries known as “cypherpunks.” This article will try to answer the question what is a cypherpunk? In short, a cypherpunk is a person who seeks to drive social and political change, using cryptography and technologies that safeguard privacy as the means to achieve these goals. Cypherpunks dreamed of a world where people would communicate effortlessly and anonymously, connecting to a global network to send a private message or a transaction and disconnecting from it without leaving a trace, if they so choose. Every interaction would be voluntary and there would be no political limits to any of them.

They also saw the nightmare scenario, a world in which governments and corporations installed automated digital systems on the network to inspect messages and gather transaction data without a court order or probable cause. That would make the network a runaway surveillance and censorship system where there is no privacy, no freedom of speech, and no operator input required. If the surveillance system does not approve of someone’s message, that person is automatically filtered and isolated and can only scream into the limitless digital void.

A Cypherpunk’s Manifesto

In 1993, Eric Hughes published “A Cypherpunk’s Manifesto,” giving a partial answer to “what is a cypherpunk?” In the Manifesto, he laid out both scenarios and the inventions needed to avoid the nightmare and manifest the dream: anonymous digital money and anonymous messaging systems. He proposed that cypherpunks are the ones who write the code for both and share it with everyone for free.

A cypherpunk is then no longer just an advocate for online privacy but someone who makes it their life’s purpose to promote the fundamental rights of online anonymity and online freedom of speech. To be able to speak in private and to send untraceable money to whomever one chooses online is to be truly free of government tyranny and whimsical corporate inspections.

Eric didn’t come up with the Cypherpunk’s manifesto on his own. In September 1992, he met up with two like-minded individuals in San Francisco and they discussed cryptography, the science of privacy. In short, cryptography describes how to create private digital messages by using math. The cypherpunk ideal of cryptography is convenient, reasonable anonymity. They never wanted perfect secrecy; that would be inconvenient and a drain on resources for the sender and the recipient. Instead, cypherpunks argued that cryptography should set a privacy standard that would be good enough to be used by the average consumer on widely accessible consumer hardware. They proposed that everyone should rely on mathematical laws rather than government laws to guarantee online freedom.

Founders of Cypherpunk

Besides Eric, the original cypherpunk group included Timothy C. May and John Gilmore, two tech researchers and advocates for digital human rights. They craved no recognition or glory, save those aimed at their ideas and proposals. Their writings and actions set the stage for other internet rebels and figureheads who will resist censorship and surveillance, such as Assange, Manning, and Snowden, all of whom have been reviled and punished by the US government for their actions and beliefs.

The word “cypherpunk” came from Jude Milhon, a magazine editor present at the early meetings. Though the members were no punks, they liked the portmanteau of “cypher” and “cyberpunk,” indicating anarchists who resist corporate and government control through cryptography. Timothy later commented in his Cyphernomicon that the name stuck around because it sounded good and “it gets us noticed by journalists and others,” but that the group is “actually not very ‘punkish’ at all.”

Timothy May

Timothy C. May, born 1951, worked for Intel prior to his early retirement, turning in his later years to writing science fiction and online posts to answer the question “what is a cypherpunk?” His science fiction novel was never completed, but his Crypto Anarchist Manifesto was in 1988. In it, May advocates for the free sharing of information, especially government secrets, intellectual property, and untaxable transactions. He predicted governments resisting this process and the technology, which came eerily true with Julian Assange’s arrest and detention, stated to be over a trivial intimate interaction in Sweden but which were in actuality due to Wikileaks, a website for whistleblowers sharing government secrets. Timothy eventually expanded his manifesto to a full-blown cypherpunk manual called “Cyphernomicon,” which he published in 2003 and whose title refers to Neal Stephenson’s 1999 novel “Cryptonomicon.”

John Gilmore

Another early retiree, John Gilmore, founded the EFF (Electronic Frontier Foundation), through which he educates the public about and fights for digital human rights, answering the question “what is a cypherpunk?” He sued the US government over infringements of constitutional rights and has appealed up to the Supreme Court, losing in all instances. At one time, he discovered the US government had enacted a set of laws regarding citizens’ freedom of movement. He sued to overturn them and found out that the laws are secret and the enforcers may use them to seize any property or person without having to explain or justify themselves. He also founded Cygnus Support, a company that provided tech support for free, open source software.

Where is Eric Hughes?

Despite our best efforts, we were unable to find the current whereabouts or interests of Eric Hughes. He seems to have become a digital ghost, a drop in the digital ocean. What we did find is his 2012 keynote address titled “Putting the Personal Back in Personal Computers'' that will be the subject of a separate article.

Cypherpunk Mailing List

Eric Hughes organized a mailing list in 1992 so the group could communicate online through email in a way that anyone could join in, no matter how radical and inflammatory their stances and arguments. The mailing list functioned much like subreddits or Facebook groups do today, except that there was no moderation, allowing for lively debates. Nobody was ever banned from the cypherpunk mailing list, no matter how much they ranted or what kind of language they used. A common prank at the time was to subscribe a random person to the mailing list, causing a deluge of emails to that person’s inbox and giving them an answer to the question what is a cypherpunk?

The mailing list owes its success to government scrutiny and corporate hesitation to host or share incendiary content, prompting cypherpunks to work on their own, independent solutions. By 1994, the cypherpunk mailing list was fairly active and sent up to 60 messages a day to its 700-strong members, burdening the server hardware run by volunteers. Server outages soon caused the participant list to dwindle.

John will later create Freedom Boxes, small home servers that can help people use the internet without relying on government or corporate benevolence. Others took the hint and created Raspberry Pi, a cheap, palm-sized home computer that can be used to tinker with robotics and automation or do nifty stuff with home internet traffic, such as blocking ads on all home devices and in all apps.

Outages and other scaling problems caused headaches for the mailing list operators; the idea worked only while the group was small. By the late 2000s, mailing lists were becoming obsolete, but their deployment revealed some interesting findings and set the stage for anonymously receiving not just emails but digital money and internet traffic as well.

Cypherpunk Distributed Remailer

In traditional email systems, the email server holds all the power. The server knows the identities of all senders and recipients and may read their emails, deciding to reject some based on content, senders, or recipients. The email server also bears all the burden and represents the central point of failure — if it is compromised, all identities and all content on it might be compromised as well. If it has an outage, the line of communication between all users is broken. To remedy those flaws, cypherpunks devised what they called a “remailer,” which functions like a cryptocurrency mixer that hides the identities of cryptocurrency owners.

Remailers work by receiving an encrypted email, decrypting one part of it using the instructions that came with the email, and sending the remainder of the email to the next destination indicated in the decrypted part. In that way, a remailer takes on the role of the email server without knowing the sender, the entire contents of the email, or the ultimate recipient. However, the remailer still has a flaw — someone who can analyze the email traffic can guesstimate the senders, the recipients, and even the content. That led to the creation of Type II (Mixmaster) and Type III (Mixminion) remailers, which tumble the incoming emails and send them out in batches to prevent traffic analysis.

The first cypherpunk remailer was made by Eric over the weekend. According to Timothy, Eric spent one whole day learning just enough Perl to write the remailer. The idea was taken on by other contributors, such as Karl Kleinpaste, who made their own remailers. The remailer concept would later inspire the creation of Onion routing and the Tor network, which mix and tumble internet traffic, but it didn’t originate with cypherpunks.

David Chaum

David Chaum is an American founder, inventor, and visionary. Born in 1955, he attended UC Berkeley, where he received a PhD in Computer Science. It was Chaum who first proposed the use of “mixes” to anonymize digital traffic or digital data in 1981, which is how cypherpunks got the idea for remailers. His papers revealed the answer to “what is a cypherpunk?” and served as a starting point for an astounding number of inventions in the digital sphere, such as cryptocurrency wallet addresses, blockchain, digital cash, and digital signatures.

One seminal text that defined the core philosophy of cypherpunks was his paper “Security Without Identification: Transaction Systems to Make Big Brother Obsolete.” Published in the October 1985 issue of “Communications of the ACM” magazine, Chaum’s paper details the emergence of a society in which the surveillance system has a digital dossier on every person without the person ever having access to it. Every habit, association, and lifestyle choice is recorded in the dossier that is accessible to system operators, who may decide to blackmail, manipulate, or intimidate the person using that intimate knowledge. Even if there is no ill intention from system operators, the data may be wrong and the person would have no way to correct it.

Pseudonyms

Chaum’s proposed solution was to create a slew of digital identities for each person called “pseudonyms.” Instead of using their one real identity with all organizations, exposing personal data to collection and abuse, each person would have different identities for different purposes. For example, Alice might go as “Alina” when using one bank but then be “Lucille” with another bank and “Clara” when dealing with the government. In that way, the two banks cannot exchange information on Alice to track and analyze her shopping or spending habits. If the government tried to compel both banks to hand over “Clara’s” data for comprehensive surveillance or profiling, the banks would not be able to comply, “We don’t have any records on such a person.”

Some pseudonyms could be disposable, allowing people to have incidental contact with various organizations without worrying that their information will forever stay in the system or leak outside it. Those pseudonyms would serve as a replacement for various security tokens, such as passwords, bank cards, or identity documents. Rather than the issuing organization creating those tokens with embedded security measures, each person could devise his or her own security measures that would make mass hacking all but impossible.

Equal Protection for All

What is revolutionary in Chaum’s paper is that he proposes equal protection of sensitive information for all parties. Currently, a bank customer cannot access sensitive bank information, such as how the bank’s internal systems work or the personal information of bank employees. The bank justifies that level of secrecy with the need to maintain its operations and provide reliable transactions. However, the same bank does not consider the possibility that the customer might not be able to function if his or her personal data is compromised.

In Chaum’s vision, everyone has equal protection of all their data before, during, and after transactions, and the protections are based on math rather than trust or a flimsy measure such as a handwritten signature, which is easily forged. When transactions are done, both parties use their own personal card computer, which has a keyboard, a display, and a short-range transmitter.

When Alice wants to buy something from Bob, Bob’s device sends the transaction request to Alice’s personal card computer. The transaction amount appears on Alice’s computer’s display, and she authorizes it by providing her digital signature. The key advantage is that the personal card computer is built by its owner from scratch, allowing each person to customize his or her device’s security features. There is no need to carry documents or provide personally identifiable information; as long as the transaction is properly authorized, the transaction is valid.

Digital Signatures

To stop parties from double spending (issuing transactions and claiming they were never sent), Chaum elaborates on the concept of digital signatures. He compares digital signatures to two halves of a codebook: one half of the codebook is the private key kept by Alice, while the other half is the public key given to Bob. When Alice approves the transaction to Bob, she “signs” the transaction information by encoding it with her half of the codebook, creating a message that is readable only by decoding it with Bob’s half.

Now for the beautiful part: because Alice can use a different digital signature with each seller and use a different pseudonym for each transaction, she can immediately tell who leaked her information. If she sees her private information appearing in public but tagged with “Clara,” she knows it’s someone from the government. By going through her transaction logs, Alice can pinpoint which transaction was compromised and reveal it to the public. Others who experienced the same problem with the same organization can step forward, helping triangulate the precise cause.

Every transaction is secure for all involved parties while doubling as a mandatory system integrity test for banks and governments. If a bank or a government office is vulnerable to data leaks or mass hacking, that is exposed in real time, not decades later. After an incident, there is no years-long government investigation that will end up as a report buried in some filing cabinet; everyone whose privacy was compromised becomes an instant expert witness, providing mathematical, unfalsifiable proofs for the wrongdoing and exposing vulnerable systems.

Implementation in Bitcoin Blockchain

The problem with the above transaction method is that Alice and Bob might not want to reveal their pseudonyms or transaction logs. That problem was solved by the blockchain, which is the public record of all transactions involving a cryptocurrency. The most notable blockchain is the Bitcoin one.

Bitcoin’s blockchain is simply a public, immutable, indelible record of all Bitcoin transactions and all pseudonyms used to make those transactions. Everyone can scrutinize the Bitcoin blockchain and discover how much Bitcoin was sent to which wallet. Everyone can run their own Bitcoin blockchain, in which case Bitcoin has an elegant solution — only the longest blockchain is valid. As long as someone has a copy of the Bitcoin blockchain, Bitcoin will live.

What

Cypherpunk's Contributions to Cryptography

The cypherpunk movement is credited with numerous inventions and ideas, but cypherpunks had a hand in only a fraction of them. Their most important contribution to cryptography was the popularization of terms and ideas that will later become practical concepts and tools.

Alice and Bob

A common question by newbies joining the cypherpunk mailing list besides “what is a cypherpunk?” was, “Who are Alice and Bob?” To make cryptographic and networking examples more relatable, cypherpunks started using Alice (as in, “party A”) and Bob (as in, “party B”), popularizing the two names. Other stand-in names are:

● Eve (as in, “E for eavesdropper”)

● Vic (as in, “V for verifier”)

● Paul (as in, “P for prover”)

Cypherpunks might not have been the first to use those names in those roles, but they certainly helped popularize them.

PGP

PGP (Pretty Good Privacy) is the first publicly available encryption tool, serving to popularize cryptography and becoming the foundation for modern consumer-grade cryptographic security. The first cypherpunk meeting coincided with the PGP 2.0 release, which Timothy described as “practical, usable, understandable” and the “first truly useful version of PGP.” Diskettes of PGP 2.0 were apparently shared in the first cypherpunk meeting. This was at the time when the US government considered encryption tools munitions and investigated PGP’s creator, Phil Zimmermann, for munitions export without a license. To spite the US government, Phil published the entire PGP source code as a book, allowing anyone to scan the pages and compile PGP for free on their computer.

Digital Cash

On May 27, 1994, a press release announced the world’s first electronic cash payment over computer networks. The release touted the revolutionary ability for anyone to send money to friends or buy pizzas, software, and services over the internet by using Windows, Mac, and UNIX systems. The releasing company was DigiCash, owned by none other than David Chaum.

For over 40 years, Chaum has been providing a steady trickle of proposals that have materialized as various features of Digital Cash or eCash, which we now call “cryptocurrencies.” He wrote a series of papers about his proposals, such as the 2022 paper “eCash 2.0.” In the paper, he proposes using digital cash for offline purchases by combining smartphones with a “non-chip physical card.”

Chaum’s idea on pseudonyms from the Big Brother paper became cryptocurrency addresses. One person may have an infinite number of wallet addresses, with the rule of thumb to use each only once to prevent spending analysis. Satoshi Nakamoto will draw heavily on Chaum’s ideas to create Bitcoin.

Tor (The Onion Routing)

In 2002, five US scientists who were behind The Tor Project released the first stable version of the Tor internet browser. Tor applies the remailer concept to internet traffic, allowing users to tumble their internet packets through hundreds or thousands of nodes in an attempt to stay anonymous. The name comes from layered encryption and security in the network — just like peeling an onion never reveals the center but only the next layer, so too the attacker can never reveal the real identity of users, their locations, or the contents of any packets.

Edward Snowden’s leaked slides show that the NSA tried to analyze Tor traffic by setting up Tor nodes. According to those slides, the NSA can detect who is using Tor and push them to NSA-operated Tor nodes but never succeeded in penetrating the security below that. In theory, the NSA could have zero-day Tor exploits running on those nodes, but those are probably reserved for high-profile targets.

Digital Human Rights

Despite all the cryptographic advancements in the 21st century, digital human rights are in a sorry state and are rapidly deteriorating. Governments are jailing people over social media messages and are constantly expanding the meaning of terms to criminalize every possible action. In the US, the definition of “wire fraud” is so wide that it applies to Elizabeth Holmes as well as any girl who uses Instagram filters on her selfies to get a date. Whether a US citizen gets prosecuted for wire fraud depends solely on the US government’s desire to make an example of someone that day.

Corporations are doing the best they can to lend tyrannical governments a helping hand and treat everyone like a criminal. Facebook may ask its user to show an ID to use the website, citing “foreign political influence” as a reason. Facebook uses “manual review” to process the ID, meaning a poorly paid verifier looks at the ID and can record and abuse personal information on it. Google tracks everyone through ads to the point of rolling out changes that disable adblockers in Google Chrome. The internet traffic itself is being controlled by gatekeepers, such as Cloudflare, that may block you in an infinite CAPTCHA loop if they don’t like your IP address or your browser.

PlasBit and the Cypherpunk Movement

In the current state of affairs, we all have to struggle with our complacency. Tyrannical corporations serve as agents of tyrannical governments, creating large, automated systems that draw us in and make us play by their rules. In those systems, abuse runs rampant, which is why we must fight for our digital human rights and self-sovereignty until our last breath.

We at PlasBit believe that governments and corporations cannot be trusted. Centralized systems, financial in particular, have poor transparency and kafkaesque appeals processes. There is very little you can do to appeal to Cloudflare’s, Google’s, or Facebook’s decisions to block you from their services, effectively isolating you from the internet.

We need to use cypherpunks’ ideas and innovations, leveraging the power of code and cryptographic software as the path forward for humanity. We need to build autonomous, unbreakable, zero-trust digital systems where we participate voluntarily and where our privacy is protected. When it comes to finances, we should be able to transact freely and in the spirit of true financial freedom. Above all, we need to promote digital human rights, such as the right to privacy and the right to freedom of association.

As for our services, we respect your privacy and urge you to protect your identity and personal information from abuse. We believe you have the right to decide whether or not to provide private details about yourself. We will never ask you for information that is not essential to providing you with the specific service you want from us.

We will never share any details regarding our customers to any external parties, especially not for money-making purposes. We are self-funded; we answer to no one and we will not share any information regarding our customers with no one.

Envision the Cypherpunk Dream

Dreamers and visionaries are an essential part of every functioning society. They see a glimpse of things nobody else does but can’t explain them. It is up to the next generation to decipher their ramblings and create their future based on that. That’s who cypherpunks were — a generation of dreamers who caught a glimpse of what was to come with the internet.

Cypherpunks saw the internet as an extraordinary chance to free humanity from trust-based systems and usher in a new age of math-based identities. If not, tyrants will seize the chance first, creating the nightmare scenario where we’re all domesticated and brainwashed through the internet because of our blind trust.

Our dream is to offer services that implement cypherpunk ideals, becoming strong enough to survive all tyrannical attempts at manipulation and demolition. Our vision is to create an ecosystem that can't be destroyed or interfered with. We invite you to envision that future with us and build on your dream until it becomes a reality.