MUNHUMUTAPA SCHOOL OF COMMERCE

DEPARTMENT OF ACCOUNTING AND INFORMATION

SYSTEMS

RESEARCH TOPIC
SECURITY AND PRIVACY IN CRYPTOCURRENCIES A CASE
STUDY OF BITCOINS AND ITS USERS.

BY
SIMBARASHE RAYMOND MUDUKUTI
(M133283)
SUPERVISOR: MR. C. KWENDA

SUBMITTED TO GREAT ZIMBABWE UNIVERSITY IN PARTIAL FULFILMENT

OF THE REQUIREMENTS FOR BACHELOR OF COMMERCE HONOURS’
DEGREE IN INFRORMATION SYSTEMS.
 RELEASE FORM

Student Name SIMBARASHE RAYMOND MUDUKUTI

Registration Number M133283

Programme Bachelor of Commerce Honours Degree in Information Systems

Project Title Security and Privacy in Cryptocurrencies a Case Study of

Bitcoin and its Users

Year 2017

Permission is hereby granted to Great Zimbabwe University library to produce single copies of
this project and lend or sell such copies to students for private, scholarly or scientific research
purposes only.

Signed …………………………………………

Date ……………………………………………

i
APPROVAL FORM
This is to certify that this research project entitled, “Security and Privacy in Cryptocurrencies
a Case Study of Bitcoins and its Users. Case of fourth year students under the faculty of
commerce at Great Zimbabwe University”, has been carefully supervised, read through,
assessed and approved as having met the necessary requirements for the award of the Bachelor of
Commerce Honors Degree in Information Systems at Great Zimbabwe University.

…………………………………………. ……......................................................

PROJECT SUPERVISOR DATE

………………………………………….. ………………………………………...

PROJECT CO-ORDINATOR DATE

………………………………………… ………………………………………..

EXTERNAL EXAMINER DATE

ii
 DECLARATION

I, hereby declare that this report has been solely done by me under the supervision of Mr. C
Kwenda. It has been submitted in partial fulfilment of the Bachelor of Commerce Honors Degree
in Information System to Great Zimbabwe University. The project has not been submitted before
any degree or examination to any other university. All texts consulted and other source materials
used in this work have been duly acknowledged on the references.

Signature ………………………………… Date ……………………………………….

In my capacity as supervisor of the candidate’s research project, I certify that the above statements
are true to the best of my knowledge.

Signature ………………………………… Date…………………………………………

Mr. C. Kwenda

iii
 DEDICATION

I dedicate this research project to my family and friends for their support and encouragement
during my research and for the inspiration that they gave me during the course of this research
project. This research project is also dedicated to the local authorities in Zimbabwe to show them
that their researches can make a difference on a global scale.

iv
 ABSTRACT

Bitcoins are becoming the next big thing and with so much attention it has been getting of
late, it deserves to honors to be research and besides that, the currency is proving to be highly
profitable.

1
Contents
APPROVAL FORM ........................................................................................................................ ii
DECLARATION ............................................................................................................................ iii
DEDICATION................................................................................................................................ iv
ABSTRACT ..................................................................................................................................... 1
CHAPTER 1 ........................................................................................................................................ 6
1.0 INTRODUCTION ....................................................................................................................... 6
1.0.1 What Is Bitcoin? ................................................................................................................ 6
1.0.2 What is e-commerce? ....................................................................................................... 7
1.1 BACKGROUND OF THE STUDY .................................................................................................. 8
1.2 PROBLEM STATEMENT ........................................................................................................... 10
1.3 RESEARCH QUESTIONS ........................................................................................................... 12
1.4 RESEARCH OBJECTIVES........................................................................................................... 13
1.5 STATEMENT OF HYPOTHESIS. ................................................................................................. 13
1.6 JUSTIFICATION OF THE RESEARCH .......................................................................................... 13
1.7ASSUMPTIONS. ....................................................................................................................... 14
1.7 DELIMITATIONS OF THE STUDY. ............................................................................................. 15
1.8 LIMITATIONS OF THE STUDY. ................................................................................................. 15
1.8.1Confidentiality ................................................................................................................. 15
Time ........................................................................................................................................ 15
Resources ................................................................................................................................ 16
ORGANISATION OF THE STUDY. ............................................................................................... 16
TIMEFRAME. ............................................................................................................................ 16
1.9.7 SUMMARY ...................................................................................................................... 18
CHAPTER 2 ...................................................................................................................................... 19
2.0 LITERATURE REVIEW .............................................................................................................. 19
2.0.1 INTRODUCTION ............................................................................................................... 19
2.0.2 CONCEPTUAL LITERATURE............................................................................................... 19
2.0.3 BITCOINS VS THREATS ..................................................................................................... 20
2.0.4 ADVANTAGES AND DISADVANTAGES OF BITCOINS .......................................................... 21
2.1 ALGORITHMS USED IN BITCOINS ............................................................................................ 25
2.1.1 BITCOIN TRANSACTIONS ................................................................................................. 25
2.1.2 What is Bitcoin Mining? .................................................................................................. 28
2.1.4 SHA-256(Secure Hash Algorithm 256) .............................................................................. 30
2.2 BITCOIN ADDRESSES .............................................................................................................. 31

2
 2.2.1 DETAILED EXPLANATION ................................................................................................. 31
2.2.2 COLLISIONS (LACK THEREOF) ........................................................................................... 32
2.3 HOW TO CREATE BITCOIN ADDRESS (Detailed)....................................................................... 33
2.3.1 STRENGTHS ..................................................................................................................... 35
2.3.2 WEAKNESSES .................................................................................................................. 37
2.4 IMPERICAL LITERATURE ......................................................................................................... 38
2.5 Double spending .................................................................................................................... 39
2.6 SUMMARY ............................................................................................................................. 41
CHAPTER 3 ...................................................................................................................................... 42
RESEARCH METHODOLOGY ......................................................................................................... 42
3.0 Introduction ........................................................................................................................... 42
3.1 Research Design..................................................................................................................... 42
3.1.1 Response errors. ............................................................................................................. 42
3.1.2 Qualitative approach ....................................................................................................... 43
3.1.3 Quantitative approach .................................................................................................... 43
3.1.4 Regression analysis ......................................................................................................... 44
3.1.5 Mixed research methodology .......................................................................................... 44
3.1.6 User Study Methodology ................................................................................................. 45
3.1.7 Reliability and Validity ..................................................................................................... 45
3.2 Data collection procedures .................................................................................................... 46
3.2.1 Online Survey .................................................................................................................. 46
3.2.2 Primary data ................................................................................................................... 46
3.2.3 Secondary data ............................................................................................................... 46
3.3 Data presentation and analysis .............................................................................................. 48
3.4 Population and sampling methods ......................................................................................... 49
3.4.1 Target population............................................................................................................ 49
3.4.2 Sampling ......................................................................................................................... 49
3.4.3 Sampling techniques ....................................................................................................... 50
3.4.4 Sample group and size .................................................................................................... 51
3.5 Research instruments ............................................................................................................ 51
3.5.1 Questionnaires................................................................................................................ 51
3.5.2 Interviews ....................................................................................................................... 54
3.6 Methods of Data Presentation ............................................................................................... 55
3.6.1 Tabular Presentation ....................................................................................................... 55
3.6.2 Graphical Presentation .................................................................................................... 56

3
 3.6.3 Pie Charts........................................................................................................................ 56
3.6.3 Advantages ..................................................................................................................... 56
3.7 Data Analysis ......................................................................................................................... 56
3.7.1 Problems encountered with data gathering..................................................................... 57
3.7.2 Solutions encountered with data gathering ..................................................................... 57
3.8 Conclusion ............................................................................................................................. 57
CHAPTER 4 ...................................................................................................................................... 58
DATA PRESENTATION, ANALYSIS AND INTERPRETATION .............................................................. 58
4.0 Introduction ........................................................................................................................... 58
4.1 Presentation of results ........................................................................................................... 58
4.1.1 Questionnaire Response Rate ......................................................................................... 58
4.1.2 Interview Response Rate ................................................................................................. 59
4.1.3 Demographic data ........................................................................................................... 60
4.1.4 Countries of participants ................................................................................................. 62
4.1.5 Academic qualifications................................................................................................... 64
4.1.6 Experience in using Bitcoins ............................................................................................ 65
4.1.7 General Bitcoin Usage ..................................................................................................... 66
4.1.8 Practices of Bitcoin Management .................................................................................... 67
4.2 Conclusion ............................................................................................................................. 71
CHAPTER 5 ...................................................................................................................................... 72
RECOMMENDATIONS AND CONCLUSION..................................................................................... 72
5.0 Introduction ........................................................................................................................... 72
5.1 Summary of the findings ........................................................................................................ 72
5.1.1 Research question 2: How do participants manage their Bitcoins and what are
participants’ current practices and how do they deal with security, privacy and anonymity? ... 72
5.1.2 Research question 4: What security breaches have affected users and how did they
recover their ............................................................................................................................ 73
Bitcoin keys and bitcoins .......................................................................................................... 73
5.1.3 Research question 5: What are the main usability challenges that users have to deal with
when using Bitcoin? ................................................................................................................. 73
5.1.4 Research question 1: What are the main usage scenarios of Bitcoin? .............................. 73
5.2 Significances of findings ......................................................................................................... 74
5.3 Conclusion ............................................................................................................................. 74
5.4 Recommendations ................................................................................................................. 75
5.4.1 Recommendations from the research findings ................................................................ 75
5.4.2 Recommendations for further work ................................................................................ 75

4
REFERENCES .................................................................................................................................... 77
QUESTIONNAIRE.......................................................................................................................... 81

5
CHAPTER 1
1.0 INTRODUCTION
Villasenor, J., Monk, C., & Bronk, C. (2011) “In today’s world, the increased connectivity
provided by the Internet has changed the nature of financial transactions. With recent
developments in social media, peer-to-peer software, and smartphone technology, we have
seen the definition of money extend beyond the traditional, physical tender of government-
backed currencies to include mobile payments, digital currencies, and virtual goods.” Joining
this revolution of payment technologies is Bitcoin. Brito J., & Castillo, A. (2013) “the world’s
first completely decentralized digital currency”, created by an unidentified programmer named
Satoshi Nakamoto in 2008.

1.0.1 What Is Bitcoin?

Bitcoin is a collection of concepts and technologies that form the basis of a digital money
ecosystem. Units of currency called bitcoins are used to store and transmit value among
participants in the bitcoin network. Bitcoin users communicate with each other using the
bitcoin protocol primarily via the Internet, although other transport networks can also be used.
The bitcoin protocol stack, available as open source software, can be run on a wide range of
computing devices, including laptops and smartphones, making the technology easily
accessible. Users can transfer bitcoins over the network to do just about anything that can be
done with conventional currencies, including buy and sell goods, send money to people or
organizations, or extend credit.

Bitcoins can be purchased, sold, and exchanged for other currencies at specialized currency
exchanges. Bitcoin in a sense is the perfect form of money for the Internet because it is fast,
cheap, and borderless. Unlike traditional currencies, bitcoins are entirely virtual. There are no
physical coins or even digital coins per se. The coins are implied in transactions that transfer
value from sender to recipient. Users of bitcoin own keys that allow them to prove ownership
of transactions in the bitcoin network, unlocking the value to spend it and transfer it to a new
recipient. Those keys are often stored in a digital wallet on each user’s computer. Possession
of the key that unlocks a transaction is the only prerequisite to spending bitcoins, putting the
control entirely in the hands of each user. Bitcoin is a distributed, peer-to-peer system. As such
there is no “central” server or point of control, because of this peer to peer network, it makes
transactions cheap than if a central node or authority like a bank was involved. Bitcoins are

6
used for E-commerce as we have noted from above, which makes them important for study
and scrutiny.

1.0.2 What is e-commerce?

E-Commerce or Electronics Commerce is a methodology of modern business, which addresses
the need of business organizations, vendors and customers to reduce cost and improve the
quality of goods and services while increasing the speed of delivery. E-commerce refers to the
paperless exchange of business information using the following ways:

 Electronic Data Exchange (EDI)

 Electronic Mail (e-mail)
 Electronic Bulletin Boards
 Electronic Fund Transfer (EFT)
 Other Network-based technologies

Bitcoins are created through a process called “mining,” which involves competing to find
solutions to a mathematical problem while processing bitcoin transactions. Any participant in
the bitcoin network (i.e., anyone using a device running the full bitcoin protocol stack) may
operate as a miner, using their computer’s processing power to verify and record transactions.
Every 10 minutes on average, someone is able 1 to validate the transactions of the past 10
minutes and is rewarded with brand new bitcoins. Essentially, bitcoin mining decentralizes the
currency-issuance and clearing functions of a central bank and replaces the need for any central
bank with this global competition.

The bitcoin protocol includes built-in algorithms that regulate the mining function across the
network. The difficulty of the processing task that miners must perform—to successfully record
a block of transactions for the bitcoin network—is adjusted dynamically so that, on average,
someone succeeds every 10 minutes regardless of how many miners (and CPUs) are working
on the task at any moment. The protocol also halves the rate at which new bitcoins are created
every four years, and limits the total number of bitcoins that will be created to a fixed total of
21 million coins. The result is the number of bitcoins in circulation closely follows an easily
predictable curve that reaches 21 million by the year 2140. Due to bitcoin’s diminishing rate
of issuance, over the long term, the bitcoin currency is deflationary. Furthermore, bitcoin
cannot be inflated by “printing” new money above and beyond the expected issuance rate.

7
Behind the scenes, bitcoin is also the name of the protocol, a network, and a distributed
computing innovation. The bitcoin currency is really only the first application of this invention.
As a developer, I see bitcoin as akin to the Internet of money, a network for propagating value
and securing the ownership of digital assets via distributed computation. There’s a lot more to
bitcoin than first meets the eye. In this chapter we’ll get started by explaining some of the main
concepts and terms, getting the necessary software, and using bitcoin for simple transactions.
In following chapters we’ll start unwrapping the layers of technology that make bitcoin
possible and examine the inner workings of the bitcoin network and protocol.

Explaining Bitcoins to a normal person on a normal day I would say it is a currency used to
transact anonymously that you buy using a wallet which helps you manage access to your
bitcoins, however, the access to your bitcoins needs to be secured so that they are not stolen or
unusable and that when transacting in bitcoins you need not to make mistakes, there is no room
for carelessness because transactions are not reversible. This chapter is under the following
subheadings:

i) Background of the study.

ii) Problem statement
iii) Research questions
iv) Research objectives
v) Justification of the research
vi) Methodology
vii) Assumptions
viii) Limitations
ix) Summary
x)

1.1 BACKGROUND OF THE STUDY

Bitcoins is probably the future currency, so I believe that in order for people to fully use it,
they have to trust it and in order to trust them, they must understand them so as to utilize
them to their full potential and expand the bitcoin network of users. Bitcoin has of recent
increased in popularity and use. Below is a diagram showing how many coins have been
mined so far compare to the past and probably future forecast of how usage might be.

8
In fig. 1 above, it shows when bitcoins were first introduced and show the rise in usage and the
probable forecast. If you can see clearly in fig. 1, the bitcoins will end at 21 million bitcoins.
This was what Satoshi Nakamoto the brains behind the bitcoin theory into practical transition
made them have a limit so as not to flood the market with too many bitcoins which may end
up making their price cheaper. Where there is money, fraud and theft is inevitable and in
bitcoins an added advantage to thieves is that there is anonymity involved, meaning if you
transfer someone’s coins to your account, there is no proof that you ever did it unless the person
knows your address.

There is also a perception among e-commerce users that bitcoins are a fraud scheme so they
end up not knowing what they really are and if they hear of such loopholes such as the one
identified above, the will end up not trusting the bitcoin currency and may not even use it or
may use it for smaller transactions.

Of recent, there has been an increase in hacking in the bitcoin network and wallets. This has
led to some bitcoin companies even closing.

Bitcoin Risk Analysis by Mariam Kiran (2011). In this paper, she, Mariam was looking at the
worst case scenarios that could come as a result of using Bitcoins. She was conducting an in-
depth analysis of what-if scenarios. Her conclusion was that Bitcoins were not worth taking
the risks that people were making since she believed that Bitcoins was a prototype of electronic
money.

9
Bitcoin in Islamic Banking and Finance by Charles W. Evans (2013). In his research, he was
focusing on Bitcoin or a similar system that it might be a more appropriate medium of exchange
in Islamic Banking and Finance. This paper analyses the relationship between a distributed,
autonomous block chain management systems. (BMS) like Bitcoin—also referred to as a
'virtual currency'—and Islamic Banking and Finance (IBF). It shows that a BMS can conform
to the prohibition of riba (usury)—as Bitcoin does—and incorporate the principles of maslaha
(social benefits of positive externalities) and mutual risk-sharing (as opposed to risk-shifting).
With regard to maslaha, the worlds unbanked number in the billions and represent the majority
of the world's adults.

Bitcoin: Examining the Benefits and Risks for Small Business U. S. House Committee on
Small Business April 2, 2014 L. Michael Couvillion (2014). In this paper, he was looking at
the effects and benefits of Bitcoins on small business and giving predictions of how Bitcoins
might shape the future. He, Michael was looking at financial benefits and disadvantages.

To relate bitcoins to our country, Zimbabwe, we can see that currently as of when this paper is
being written, (October 2016 - May 2017), Zimbabwe is facing a serious problem in term of
cash, the society is used to transacting in real cash that is paper or notes, they are not used to
transacting in virtual cash because they still have a perception that its associated with many
risks and that it may fail just like the economic meltdown that happened in 2008.

If people in Zimbabwe are to be educated about bitcoins and they see what it has to offer, we
will be well off using such a currency which is not regulated by any central authority since the
central authority is bound to fail us. As we speak right now, bitcoins do not have a central
regulating authority, though my future predictions see it being regulated by greedy socialists
who would want to have authority on one of the world rising currencies. Because bitcoins do
not have a centralised authority, it means that if the economy of a certain country meltdown, it
will not crash a good example is in 2008 when USA was hit by the financial crisis which spend
globally because of the spill over effect of USA being more like a centralised monitor of world
currency, the currency being the US dollar.

1.2 PROBLEM STATEMENT

In Zimbabwe bitcoin usage is still in its infantry stage, its impact is not yet clearly understood
by many business people in Zimbabwe. Just a few people have gotten the grip of how it slightly

10
works. If people do not understand a concept, they tend to bad mouth it, which is the case to
those who do not fully understand bitcoins.

Understanding how bitcoins works will help gain trust in possible currency users and this
would lead to more people using this currency which we can depend on as a circulating
currency.

Matonis, J. (1995, April) “Additionally, it would be highly desirable for digital cash to be
widely accepted and to exist in a user-friendly form.” This shows that digital currency has to
be secure so as to be accepted by the normal day business people, but this had not been fully
the case in terms of bitcoins because in June 12, 2013 bitcoin got hacked and USD$375 000
worth of Bitcoins were lost and no coins were ever recovered. This lead to people losing their
trust in bitcoins. Theft of bitcoin has been documented on numerous occasions. At other times,
bitcoin exchanges have shut down, taking their clients' bitcoins with them. Meni Rosenfeld
(2011). “A Wired study published April 2013 showed that 45 percent of bitcoin exchanges end
up closing.”

On 19 June 2011, a security breach of the Mt. Gox bitcoin exchange caused the nominal price
of a bitcoin to fraudulently drop to one cent on the Mt. Gox exchange, after a hacker used
credentials from a Mt. Gox auditor's compromised computer illegally to transfer a large number
of bitcoins to himself. They used the exchange's software to sell them all nominally, creating a
massive "ask" order at any price. Within minutes, the price reverted to its correct user-traded
value. Accounts with the equivalent of more than US$8,750,000 were affected.

In July 2011, the operator of Bitomat, the third-largest bitcoin exchange, announced that he
had lost access to his wallet.dat file with about 17,000 bitcoins (roughly equivalent to
US$220,000 at that time). He announced that he would sell the service for the missing amount,
aiming to use funds from the sale to refund his customers.

In August 2011, MyBitcoin, a now defunct bitcoin transaction processor, declared that it was
hacked, which caused it to be shut down, paying 49% on customer deposits, leaving more than
78,000 bitcoins (equivalent to roughly US$800,000 at that time) unaccounted for.

In early August 2012, a lawsuit was filed in San Francisco court against Bitcoinica — a bitcoin
trading venue — claiming about US$460,000 from the company. Bitcoinica was hacked twice
in 2012, which led to allegations that the venue neglected the safety of customers' money and
cheated them out of withdrawal requests.
11
In late August 2012, an operation titled Bitcoin Savings and Trust was shut down by the owner,
leaving around US$5.6 million in bitcoin-based debts; this led to allegations that the operation
was a Ponzi scheme. In September 2012, the U.S. Securities and Exchange Commission had
reportedly started an investigation on the case.

In September 2012, Bitfloor, a bitcoin exchange, also reported being hacked, with 24,000
bitcoins (worth about US$250,000) stolen. As a result, Bitfloor suspended operations. The
same month, Bitfloor resumed operations; its founder said that he reported the theft to FBI, and
that he plans to repay the victims, though the time frame for repayment is unclear.

On 3 April 2013, Instawallet, a web-based wallet provider, was hacked, resulting in the theft
of over 35,000 bitcoins which were valued at US$129.90 per bitcoin at the time, or nearly $4.6
million in total. As a result, Instawallet suspended operations.

On 11 August 2013, the Bitcoin Foundation announced that a bug in a pseudorandom number
generator within the Android operating system had been exploited to steal from wallets
generated by Android apps; fixes were provided 13 August 2013.

March 2013 Bitcoin reached USD $1 billion in worth of bitcoins transacting, risk of losing
bitcoins again is countered by the introduction of complex key management technics leading
to low leverage.

Here are some of the risk associated with bitcoins. A risky situation is one which presents
potential exposure to danger, and the level of risk can be thought of as a measure of the assets
that would be affected as a result of a particular threat being realized through the system under
analysis. Various research teams and businesses have used risk analysis to manage and evaluate
their systems, allowing system security to be brought up to acceptable levels.

M. Hovestadt et al (2006) “Risk is commonly calculated either as a probability (a number

between 0 and 1), or specified in terms of 7 levels ranging from lower to higher priorities.
These levels can be further aggregated into three basic classifications which are Low risk: 1-2,
Medium risk: 3-5 and High risk 6-7.

1.3 RESEARCH QUESTIONS

 What are the main usage scenarios of Bitcoin?
 How do participants manage their Bitcoins? What are participants’ current practices
and how do they deal with security, privacy and anonymity?
 How do participants perceive Bitcoin-associated security risks?
12
  What security breaches have affected users and how did they recover their Bitcoin keys
and bitcoins?
 What are the main usability challenges that users have to deal with when using Bitcoin?

1.4 RESEARCH OBJECTIVES

 To investigate the usage scenarios of Bitcoins.
 To investigate current practices in key management and how do they deal with security,
privacy and anonymity.
 To investigate the main usability challenges users face when using Bitcoins

1.5 STATEMENT OF HYPOTHESIS.

The statement of hypothesis of this research is that bitcoin security has the positive impact
on the how people perceive them and possibly how many people use them, and have the
power to influence other people to use them too. Security concerns are an issue, so in other
words securing bitcoins will increase the perception on how people see them which leads
to high leverage or higher usage in conducting E-commerce.

1.6 JUSTIFICATION OF THE RESEARCH

Weathers (2016) “There is a chart making the rounds lately that claims the dollar lost 96.2%
of its value since 1900.” If we can recall in 2007-2009 there was a financial crisis that hit USA
first before it started spreading to its areas of influence. That financial crisis has led to a
widespread loss of trust in financial intermediaries of all kinds, perhaps helping to open the
way towards the general acceptance of alternative technologies. This section briefly
summarizes the cryptocurrency phenomenon, separating the ‘currency’ issues from the
potential technology benefits.

With respect to crypto currencies, the paper argues that these can’t undermine the ability of
central banks to conduct monetary policy. They do, however, raise consumer protection and
bank secrecy issues. In other words, Bitcoins provide the much needed customer protection,
confidentiality and secrecy issues because we do not transact knowing each other’s name or
personal credentials, but rather by knowing your wallet address of the transaction involved
which is a once off address. The anonymity features of the crypto-currencies also facilitate tax
evasion and money laundering, both of which are major public policy concerns. The technology

13
associated with crypto-currencies, on the other hand, could ultimately shift the entire basis of
trust involved in any financial transaction.

Former USA Federal Reserve chairman Ben Bernanke "But I think bitcoin itself has some
serious problems. The first is that it hasn’t shown to be a stable source of value. Its price has
been highly volatile and it hasn’t yet established itself as a widely accepted transactions
medium."The valuation of Bitcoins and price volatility issues are discussed, as well as
electronic theft, contract failures, etc., all of which could result in large losses to users and
hence ultimate costs to the users thereby reducing leverage and usage in E-commerce. These
security concerns like hacking make Bitcoins usage a gamble rather than a means of payment.
If addressed adequately, trust can be gained and if trust is gained, there is more leverage and
usage.

Bitcoins are relatively cheap, if not the cheapest, as compared to other buying methods that are
currently being used as of when this research was done. Bitcoin is an innovation that creates
the ability to carry out transactions without the need for a trusted third party; i.e. a move
towards trust-less transactions. This mechanism could work to eliminate the role of many
intermediaries, thereby reducing transactions costs by introducing much needed competition to
incumbent firms.

Speaking to Quartz, Bernanke offered muted praise and said that bitcoin is "interesting from a
technological point of view", pointing to wider developments in the emerging payments space.
From my own point of view, Bitcoin is going to be the next main E-commerce buying currency
and for people to be able to use it, they must understand it so as to have confidence to use it
that is trusting the currency. People usually do not feel secure if they know that there are
security issues involved in the currency they use, this will lead them to using alternative paying
methods like Pay Pal and MasterCard.

Bitcoin also provides near instantaneous (within 10 to 30 minutes) undeniable confirmation

that your money has been received or sent. No worrying about bounced checks. This makes it
a better currency to study because it might be the key if not the key to the new world E-
commerce currency for transacting in.

1.7ASSUMPTIONS.
This research on Bitcoins is based on the following assumptions:

14
  There will be a 100% expectancy on filing in questionnaires with complete, accurate,
and consistent data regarding to the research topic.

 The respondents of the questionnaires are eligible and very knowledgeable in the
Bitcoin industry, thus the attained information will be reliable.

 The organisations visited are those involved with Bitcoins on their day-to-day
operations leading to relevant data obtained.

 The respondents are fully committed and willing to participate in the research by
providing accurate and update information.

 The findings of this research will be a representative of all Bitcoin users

1.7 DELIMITATIONS OF THE STUDY.

The research will be limited to:

1. The study will be those who have transacted in Bitcoins only.

2. The study will focus on making Bitcoins a better currency in terms of security and
usability.

3. The research will be conducted from October 2016 to May 2017.

1.8 LIMITATIONS OF THE STUDY.

1.8.1Confidentiality
The businesses’ stakeholders may regard data required as confidential to the organisation and
so may be unwilling to cooperate fully. To counter this, the researcher will not use personal
details from findings to assure respondents of confidentiality. In some cases, pseudo names
will be used

Time
Due to possible delays in submissions of questionnaires the researcher will administer this
personally and ensure a 100% return of questionnaires. There is not enough time to carry out
this research.

15
Resources
Another limitation to this research is Limited resources. There is lack of adequate funds to
carry out the research. The researcher needs funds to purchases stationery, software, and
transport costs. This will hinder the progress of the research thereby leading to the poor
collection, presentation, and analysis of data.

1.7.1 Location

The location of the researcher is another limitation to the research. Organisations in the world
are used as case companies and the researcher is located in Mashava. This will affect the
research since a lot of time will be wasted trying to connect online to collect the required data
to do the research.

ORGANISATION OF THE STUDY.

This study proceeds as following. Chapter 2 reviews literature related to the research area. The
literature review is broken down into three major categories, which are; empirical framework,
theoretical framework, and conceptual framework. The conceptual framework outlines the
known facts and concepts in the area of the study. The theoretical framework outlines the
theories related to the area of study, and finally the empirical framework gives an outline of
previous researches related to the study.

Chapter 3 is the research methodology; an overview of the research strategy and methods is
given. This defines how the research will be carried out, that is, activities and procedures to be
undertaken during the course of the research will be specified. Research instruments that are
going to be used for data collection will also be discussed in this chapter.

Chapter 4 is data presentation, analysis and interpretation. It summarizes and analyses the
research’s data. It will give the researcher a chance to form his own inferences from the
collected data.

Chapter 5 covers three sections which are; summary where the whole project and major
findings of the research are highlighted, the conclusion arrived at based on the findings, and
the relevant recommendations are provided.

TIMEFRAME.
The following is the proposed timeline to carry out the research (Oct 2016-May 201

16
ACTIVITY Oct Nov Dec Jan Feb Mar Apr May

Problem
Identification

Reviewing
Literature

Devising
Objectives,
Questions,
Prepositions

Designing
Research

Writing
Research
Proposal

Submission
of Research
Proposal

Further
Literature
Review

Designing
and Pilot
Testing
Questionnaire

Documents
Review

Conducting
Interviews
and Focus

17
 ACTIVITY Oct Nov Dec Jan Feb Mar Apr May

Group
Discussions

Data
Analysis

Submission
of Draft
Research

Revision of
Draft
Research

Final
Submission

Figure 1

1.9.7 SUMMARY
This chapter introduced the research to be carried out. A background to the study was done and
it looked at the current status of Bitcoins and associated problems basing on the findings from
previous researches and journals. The research questions and the objectives of the research
were specified. The justification of the research provided an insight on the benefits of carrying
out a research on Bitcoins. The potential applications of the research findings was also outlined
in the research justification, however, this will be discussed in detail in chapter 5. Delimitations
of the research were discussed. This chapter also looked at the limitations of the research. The
organisation of the study gives an outline of how the entire project is going to be carried out.
The proposed timeframe to carry out the research was also outlined. The next chapter will be a
review of the related literature to the study. The literature review will include a theoretical
literature review, conceptual framework and the empirical framework.

18
CHAPTER 2
2.0 LITERATURE REVIEW

2.0.1 INTRODUCTION
Many researches have been done on Bitcoin and its related algorithms. This research will be
specific to making Bitcoin a better currency, in trying to improve security and usability. To
give a broad overview of Bitcoin, this chapter will look at the theoretical, conceptual and the
empirical literature on the topic.

2.0.2 CONCEPTUAL LITERATURE

2.0.2.1 BRIEF HISTORY OF BITCOINS
Bitcoin is a cryptocurrency and a payment system invented by an unidentified programmer, or
group of programmers, under the name of Satoshi Nakamoto. Bitcoin was introduced on 31
October 2008 to a cryptography mailing list, and released as open-source software in 2009.
There have been various claims and speculation concerning the identity of Nakamoto, none of
which are confirmed. The system is peer-to-peer and transactions take place between users
directly, without an intermediary. These transactions are verified by network nodes and
recorded in a public distributed ledger called the Block chain, which uses Bitcoin as its unit of
account. Since the system works without a central repository or single administrator, the
Director Financial Crimes Enforcement Network United States Department of the Treasury
before the United States Senate Committee on Banking, Housing, and Urban Affairs
Subcommittee on National Security and International Trade and Finance Subcommittee on
Economic Policy categorized Bitcoin as a decentralized virtual currency. Bitcoin is often called
the first cryptocurrency, although prior systems existed and it is more correctly described as
the first decentralized digital currency. Bitcoin is the largest of its kind in terms of total market
value.

Bitcoins are created as a reward in a competition in which users offer their computing power
of their machines to verify and record Bitcoin transactions into the Block chain. This activity
is referred to as mining and successful miners are rewarded with transaction fees and newly
created Bitcoins. Besides being obtained by mining, Bitcoins can be exchanged for other
currencies, products, and services. When sending Bitcoins, users can pay an optional
transaction fee to the miners. This may expedite the transaction being confirmed.

One of the first supporters, adopters, contributor to Bitcoin and receiver of the first Bitcoin
transaction was programmer Hal Finney. Finney downloaded the Bitcoin software the day it

19
was released, and received 10 Bitcoins from Nakamoto in the world's first Bitcoin transaction.
Other early supporters were Wei Dai, creator of Bitcoin predecessor b-money, and Nick Szabo,
creator of Bitcoin predecessor bit gold.

In the early days, Nakamoto is estimated to have mined 1 million Bitcoins. Before disappearing
from any involvement in Bitcoin, Nakamoto in a sense handed over the reins to developer
Gavin Andresen, who then became the Bitcoin lead developer at the Bitcoin Foundation, the
'anarchic' Bitcoin community's closest thing to an official public face. Based on Bitcoin's open
source code, other cryptocurrencies started to emerge in 2011.

2.0.3 BITCOINS VS THREATS

There are many threats to Bitcoins, such as acts of human error or failure, forces of nature,
deliberate acts of theft or extortion, etc. Various potential attacks on the Bitcoin network and
its use as a payment system, real or theoretical, have been considered. The Bitcoin protocol
includes several features that protect it against some of those attacks, such as unauthorized
spending, double spending, and tampering with the Blockchain. Other attacks, such as theft of
private keys, require due care by users or even losing the device with your encryption keys to
your Bitcoins.

Below are some of the biggest and most current threats to Bitcoins, divided into 2 categories:
deliberate acts and non-deliberate.

2.0.3.1 Deliberate Acts

1. Fraud - In E-commerce, not every transaction happens and the goods or services get to
the other hand. Let’s say that you buy from an E-commerce site and pay for your goods
in Bitcoins but the seller never gets to send you the goods, if those governing the site’s
transactions decide to refund you your money, it’s not possible in Bitcoins because
there are no refund addresses. So does it mean your Bitcoins will be lost? A good
example is in late August 2012, an operation titled Bitcoin Savings and Trust was shut
down by the owner, leaving around US$5.6 million in Bitcoin-based debts; this led to
allegations that the operation was a Ponzi scheme. In September 2012, the U.S.
Securities and Exchange Commission had reportedly started an investigation on the
case.
2. Security - These issues relate to internal organizations or companies that manage your
wallets and interface between transactions done by the customer and the network.
Hackers can gain access to internal systems via their admin rights to your Bitcoin wallet

20
 and misuse the information they find their which may possibly be theft for example on
19 June 2011, a security breach of the Mt. Gox Bitcoin exchange caused the nominal
price of a Bitcoin to fraudulently drop to one cent on the Mt. Gox exchange, after a
hacker used credentials from a Mt. Gox auditor's compromised computer illegally to
transfer a large number of Bitcoins to himself. They used the exchange's software to
sell them all nominally, creating a massive "ask" order at any price. Within minutes,
the price reverted to its correct user-traded value. Accounts with the equivalent of more
than US$8,750,000 were affected.
3. Viruses and spyware - Malicious software and computer viruses are two of the biggest
threats. Viruses are normally from external sources and can corrupt or replicate
encryption keys of your Bitcoin wallet if introduced into the internal network. Viruses
can completely destroy a computer system and disrupt the operations of the wallet be it
a standalone application for example an apk your android phone or on a website such
as on www.Bitcoinwallet.org. Trojan horse is a malicious software that has the ability
to capture the client’s information, before any encryption software can take effect. They
can also impersonate a customer and pass over bad and malicious codes into your
wallet. Spyware which secretly collects the information on your device including
keystrokes and Bitcoin wallet addresses with their encryption and decryption keys.
4. Theft – If your device that contains information about your wallet which contains
addresses to Bitcoins is stolen, that is the end of your Bitcoins, they will have been lost
into the wrong hands and you will not recover them

2.0.3.2 Non- Deliberate Acts

1. Carelessness - People can send Bitcoins to the wrong addresses but because Bitcoins
do not have refund addresses it is impossible to recover them. This is not done
intentionally.
2. Loosing Devices- Our devices we use on our day to day activities may crash or even
get lost. If this happens, we would have lost access to our Bitcoins.

2.0.4 ADVANTAGES AND DISADVANTAGES OF BITCOINS

Currently, there are approximately 12 million Bitcoins in circulation. As of December 10, 2013,
a single Bitcoin is worth $918 USD—which represents a stunning 6,500% appreciation in value
from its market price a year ago. The entire market capitalization of all Bitcoins in circulation
amount to more than $11 billion, and the network sees roughly 70,000 transactions daily.

21
2.0.4.1 Advantages of Bitcoins in this context
What makes Bitcoins so attractive and why more and more people and businesses use this
payment system? Below are the advantages of using Bitcoins.

 Bitcoins are yours and only yours. The central authority can’t take your cryptocurrency,
because it does not print it, own it and control it correspondingly.
 Inflation is powerless in case with Bitcoins. Inflation decreases the value of money and
increases prices for services and goods. Central bank solves this problem usually by
printing additional amount of money to fill in the gap. As the central bank has nothing
to do with cryptocurrency, it can’t influence it. Supply and demand is the only
regulating mechanism defining its value. Besides, 21 million digital coins can’t be
exceeded. This limitation is another reason why electronic cash is inflationary.
 No Counterfeit Bitcoins, counterfeiting (which are standard practice in
banking/government finance systems) are completely impossible
 Fees to be paid for dealing with Bitcoins are significantly lower than bank charges. In
some cases, no fees are required at all. Saving money is not the last reason in favour of
cryptocurrency amid the global financial crisis.
 If you want to send Bitcoins somewhere or to receive them, neither location nor time
matters any more. Since no intermediates are involved, you are absolutely free to send
electronic cash at any moment and any place. Independence and freedom are the key
characteristics of Bitcoin system.
 As mentioned above, all transactions are recorded in the Blockchain. That makes
Bitcoin system absolutely transparent. Anyone can check all information related to
digital cash supply at any time. You can enter an address, block or transaction and get
a full report. Since all protocols are protected with the help of cryptography, nobody
can manipulate and change data. Under all information it is meant where transactions
were sent to and came from. Though, who is the owner of that particular Bitcoin address
is a secret that is not revealed by any means.
 When you decide on which bank to choose to deposit your money, you have to do
thorough researches to find that one you can rely on. You ask for recommendations and
study their rates and reputation. In case of digital currency, all these activities have no
sense. Mathematics will not fail, and Bitcoin system is totally independent on any
authorities. To trust or not to trust is no longer a question here.

22
  Bitcoins sent are Bitcoins lost. In other words, you can’t retrieve Bitcoins if the
recipient does not agree to send them back. That excludes fraud often happened while
using a credit card.
 Low collapse risk. Regular currencies depend on governments which fail occasionally.
Such events either cause hyperinflation or a complete collapse of a currency, which can
wipe out savings of a lifetime in day. Bitcoin is not regulated by any one government.
It's a virtual global currency.
 Safe, simple and cheap. The problem with traditional online transactions from the
perspective of the seller is that Credit cards, PayPal you and other online payment
systems allow buyers to claim their money back. You can use escrow services but that
makes things complicated and slow. With Bitcoins once you have the money you have
it and that's that. Buyers can not in any way take the money back and the seller can
safely ship the product or perform the service that the client purchased. From the buyer's
perspective the infrastructure for payments and sending money between accounts is
potentially going to be simpler and cheaper because it is peer-to-peer rather than done
through some intermediary.
 Easy to carry. Not a real problem that needs a solution, but you can carry a billion
dollars’ worth of Bitcoins on a memory stick in your pocket. You can't do that with
cash or even gold.
 Untraceable. This is both a benefit and a risk for Bitcoin. The benefit is that you don't
have to be afraid of any organization of being able to trace the source of your funds.
This is a clear benefit in many areas of the world because governments that are
supposed to guard against fraud are actually defrauding people by taking their savings
partially or fully. Regarding risks I will discuss them in the next section.

2.0.4.2 Disadvantages of Bitcoins

Pros for becoming a user of Bitcoin system are quite impressive. Though, it is not flawless and
has some features with a minus sigh to be kept in mind.

 A bitcoin has a high volatility. By comparison, in 2014 it was seven times higher than
gold and eighteen times higher that USD. Opinions why volatility is so great differ.
Some say it is due to absence of stabilization mechanism. Others think it is normal
because bitcoins are the first startup currency and is in process of stabilizing.

23
 Bitcoin is not well-defined as a currency in comparison to a dollar or yuan, and thus its
uniqueness is much less clear. The currency based on a mysterious algorithm whose
originator is anonymous. No one really knows whether the algorithm can be trusted to
generate Bitcoins as promised, or who would be accountable for errors or frauds; there
is no definitive monetary authority. Cryptocurrency is innovation, and nobody knows
what it will become in future. Uncertainty is high. Though, risks related to operating
with fiat money are not lower.
 Untraceable. This feature of Bitcoin of also attracts crime. People can buy and sell drugs
and other illegal items with significantly less risk of being tracked by authorities.
Bitcoins in this regard are similar to regular cash which is used by criminals. This fact
may bring unwanted attention from governments that will outlaw Bitcoin. Bitcoin
enables fraud and other criminal activities. This is absolutely the single most salient
feature of Bitcoin’s anonymity. Conventional currencies are indeed subject to
laundering and counterfeit. There is probably no way to eliminate those risks
completely. Bitcoin magnifies those risks because it can only be exchanged
anonymously. It dominates dark networks that have been known to traffic in narcotics.
Law enforcement efforts to shut those networks down will terminate the ability of any
financial actor to transact in Bitcoins even for legitimate reasons. When the network is
down, your Bitcoins are gone. Conventional currency doesn’t work that way in real
transactions. Banks and brokerages have offsite business continuity backups.
Securities exchanges and central banks maintain counterparty records. These
mechanisms lack Bitcoin’s anonymity but make up for that in resiliency and
trustworthiness.
 Easy to lose. If your credit card is stolen or somebody hacks into your bank account
there is a good chance you will not lose any money as banks will fix your balance. Even
cash can be potentially recovered if the police acts fast. But with Bitcoin if you lose it
you lost it for good. There is no mechanism to recover stolen or lost Bitcoins. If
somebody hacks into your wallet where you store your Bitcoins you lost them for good.
The best way to store your Bitcoins is on disk that is disconnected from the internet.
 Hard to trade. You can't just use a credit card to buy Bitcoins online specifically because
of the reasons outlined above. There is no easy way to buy them or sell them. There are
many exchanges that offer such services in various ways, but it's not as easy as

24
 transferring money to and from a PayPal account just yet. This is likely to improve fast
as more services will compete to offer convenient solutions.
 Can't buy stuff. There aren't a lot of places where Bitcoins are accepted as payment.
This is likely to change, but for now the average person will mostly buy Bitcoins as
investment.
 Too volatile. Currently Bitcoin prices are going up like crazy. It's likely that the price
will stabilize at around US$10 from the current US$200. Currently the price is going
up so fast a web shop would have to adjust their prices almost daily if they wanted to
accept Bitcoins. It's not very convenient.

2.1 ALGORITHMS USED IN BITCOINS

2.1.1 BITCOIN TRANSACTIONS

In simple terms, a transaction tells the network that the owner of a number of bitcoins has
authorized the transfer of some of those bitcoins to another owner. The new owner can now
spend these bitcoins by creating another transaction that authorizes transfer to another owner,
and so on, in a chain of ownership. Transactions are like lines in a double-entry bookkeeping
ledger. In simple terms, each transaction contains one or more “inputs,” which are debits
against a bitcoin account. On the other side of the transaction, there are one or more “outputs,”
which are credits added to a bitcoin account. The inputs and outputs (debits and credits) do not
necessarily add up to the same amount. Instead, outputs add up to slightly less than inputs and
the difference represents an implied “transaction fee,” which is a small payment collected by
the miner who includes the transaction in the ledger. A bitcoin transaction is shown as a
bookkeeping ledger entry in figure below.

25
Figure 2. Transaction as double-entry bookkeeping

The transaction also contains proof of ownership for each amount of bitcoin (inputs) whose
value is transferred, in the form of a digital signature from the owner, which can be
independently validated by anyone. In bitcoin terms, “spending” is signing a transaction that
transfers value from a previous transaction over to a new owner identified by a bitcoin address.

Transactions move value from transaction inputs to transaction outputs. An input is where the
coin value is coming from, usually a previous transaction’s output. A transaction output assigns
a new owner to the value by associating it with a key. The destination key is called an
encumbrance. It imposes a requirement for a signature for the funds to be redeemed in future
transactions. Outputs from one transaction can be used as inputs in a new transaction, thus
creating a chain of ownership as the value is moved from address to address (see Figure 3).

26
Figure 3. A chain of transactions, where the output of one transaction is the input of the next
transaction.

A proof of work is a piece of data which is difficult (costly, time-consuming) to produce but
easy for others to verify and which satisfies certain requirements. Producing a proof of work
can be a random process with low probability so that a lot of trial and error is required on
average before a valid proof of work is generated. Bitcoin uses the HashCash proof of work
system. Hashcash proofs of work are used in Bitcoin for block generation. For a block to be
valid it must hash to a value less than the current target; this means that each block indicates
that work has been done generating it. Each block contains the hash of the preceding block,
thus each block has a chain of blocks that together contain a large amount of work. Changing
a block (which can only be done by making a new block containing the same predecessor)
requires regenerating all successors and redoing the work they contain. This protects the block
chain from tampering. The most widely used proof-of-work scheme is based on SHA-256 and
was introduced as a part of Bitcoin. To understand how we got involved with SHA-256, we
have to understand what mining is in Bitcoins.

27
2.1.2 What is Bitcoin Mining?
Bitcoin is really three things. First it is a protocol (or set of rules) that defines how the network
should operate. Second it is a software project that implements that protocol. Third it is a
network of computers and devices running software that uses to protocol to create and manage
the Bitcoin currency.
According to David R. Sterry (2012) “Mining is defined in the protocol, implemented in
software, and is an essential function in managing the Bitcoin network. Mining verifies
transactions, prevents double-spending, collects transaction fees and creates the money supply.
Mining also protects the network by piling tons of processing power on top of past transactions.
Mining verifies transactions by evaluating them against the transactions that happened before.
Transactions cannot spend bitcoins that do not exist or that were spent before. They must send
bitcoins to valid addresses and adhere to every rule defined by the protocol.”
In simpler terms, mining is the process of validating the authenticity of bitcoins and transferring
the value from one owner to the other using many computers on a network and saving the
transaction on the Blockchain.

2.1.3 What are Bitcoin miners actually solving? What kind of math problems are they
solving and what do they achieve by solving them?

Miners are not so much solving a math problem as they are spending a lot of effort making
guesses until they guess correctly. Bitcoin works by having a linked set of "blocks" of
transaction records that document who has what bitcoin. To make bitcoin work, they needed
some way to ensure that the record of blocks is immutable, i.e. nobody can change it. The way
they accomplished this was to create the concept of mining as show in the diagram below.

28
Figure 4 shows the whole process of a transaction in a single bitcoin process.

According to the diagram above,

1. Bob makes a payment with bitcoins to Alice.

2. Both Alice and Bob send the transaction to the Bitcoin peer-to-peer network.

3. A miner receives the new transaction and verifies it.

4. The miner creates a set of new transactions, including that of step 1, and works to confirm
it.

29
5. The miner sends the new block of confirmed transactions to the Bitcoin peer-to-peer
network.

6. The rest of the Bitcoin users update their status including the transaction block, verifying
that the block is valid.

Miners take a current set of transactions, which includes a link to the last set accepted, and
make many trillions of guesses, each time putting a number into the "nonce" field of the block
header. The block header is run through a hash function, also known as a "one-way" or "trap-
door" function. In this case, the SHA-256 hash function is used, which is discussed in the
paragraph below.

If the output of the hash function is below a threshold value, then the block is valid, is accepted
by other miners, and the miner who guessed correctly is rewarded with the block reward,
currently 12.5 bitcoins. The lower the hash function output threshold, the harder it is to provide
a guess that will cause the output of the hash function to be low enough, and just how low the
threshold is determined by something called bitcoin "difficulty." Difficulty adjusts every two
weeks so that no matter how much mining is happening worldwide, a new block continues to
be created every 10 minutes on average.

It's a little hard to get your head around, but as soon as you do you'll see that bitcoin has created
the world's first immutable ledger, the Blockchain. What you write in it, stays in it. Bitcoin is
a currency that is the first asset tracked on the Blockchain, and because it is used to pay the
miners, Bitcoin and the Blockchain are intertwined. But as long as the Bitcoin ecosystem
continues to roar away, you can use the Blockchain to write anything down forever.

2.1.4 SHA-256(Secure Hash Algorithm 256)

SHA-256 is a member of the SHA-2 cryptographic hash functions designed by the NSA. SHA
stands for Secure Hash Algorithm. Cryptographic hash functions are mathematical operations
run on digital data; by comparing the computed "hash" (the output from execution of the
algorithm) to a known and expected hash value, a person can determine the data's integrity. A
one-way hash can be generated from any piece of data, but the data cannot be generated from
the hash.

SHA-256 is used in several different parts of the Bitcoin network:

30
  Mining uses SHA-256 as the Proof of work algorithm.
 SHA-256 is used in the creation of bitcoin addresses to improve security and privacy.

This takes us to how the current system addressing mode as of when the day of study was done
(May 2017).

2.2 BITCOIN ADDRESSES

This is a user’s virtual address, which contains bitcoins and which is used to make and receive
payments, similar to a bank account. A given user can have as many addresses as needed, and
they are identified by a public key. This section will look at how the system’s distinct concepts
are built from these cryptographic primitives.

A Bitcoin address is made up of a pair of ECDSA public and private keys. The address is
identified by the public key’s hash, to which the checksum is added. This is then encoded in a
modified version of base 5836, which maintains the zeros on the left when the encoding is
carried out. Thus, an address is identified in the following way:

$Version = 1 byte de ceros

$KeyHash = $Version + RIPEMD-160(SHA-256($PublicKey)

$Checksum = SHA-256(SHA-256($KeyHash)) [0-3]

$BitcoinAddress = Base58Encode ($KeyHash + $Checksum)

On being identified by the ECDSA public key, all the operations carried out with this address
have to be supported by the use of the associated private key.

Wallets are thus a grouping together of public and private keys. This does not suppose any
limit on the wallets being used to carry out other tasks, for example realizing transactions.

2.2.1 DETAILED EXPLANATION

A Bitcoin address is a 160-bit hash of the public portion of a public/private ECDSA keypair.
Using public-key cryptography, you can "sign" data with your private key and anyone who
knows your public key can verify that the signature is valid.

A new keypair is generated for each receiving address (with newer HD wallets, this is done
deterministically). The public key and their associated private keys (or the seed needed to
generate them) are stored in the wallet data file. This is the only file users should need to

31
backup. A "send" transaction to a specific Bitcoin address requires that the corresponding
wallet knows the private key implementing it. This has the implication that if you create an
address and receive coins to that address, then restore the wallet from an earlier backup, before
the address was generated, then the coins received with that address are lost; this is not an issue
for HD wallets where all addresses are generated from a single seed. Addresses are added to
an address key pool prior to being used for receiving coins. If you lose your wallet entirely, all
of your coins are lost and can never be recovered.

Bitcoin allows you to create as many addresses as you want, and use a new one for every
transaction. There is no "master address": the "Your Bitcoin address" area in some wallet UIs
has no special importance. It's only there for your convenience, and it should change
automatically when used.

Bitcoin addresses contain a built-in check code, so it's generally not possible to send Bitcoins
to a mistyped address. However, if the address is well-formed but no one owns it (or the owner
lost their wallet.dat), any coins sent to that address will be lost forever.

Hash values and the checksum data are converted to an alpha-numeric representation using a
custom scheme: the Base58Check encoding scheme. Under Base58Check, addresses can
contain all alphanumeric characters except 0, O, I, and l. Normal addresses currently always
start with 1 (addresses from script hashes use 3), though this might change in a future version.
Testnet addresses usually start with m or n. mainline addresses can be 25-34 characters in
length, and testnet addresses can be 26-34 characters in length. Most addresses are 33 or 34
characters long.

2.2.2 COLLISIONS (LACK THEREOF)

Since Bitcoin addresses are basically random numbers, it is possible, although extremely
unlikely, for two people to independently generate the same address. This is called a collision.
If this happens, then both the original owner of the address and the colliding owner could spend
money sent to that address. It would not be possible for the colliding person to spend the
original owner's entire wallet (or vice versa). If you were to intentionally try to make a collision,
it would currently take 2^107 times longer to generate a colliding Bitcoin address than to

32
generate a block. As long as the signing and hashing algorithms remain cryptographically
strong, it will likely always be more profitable to collect generations and transaction fees than
to try to create collisions. It is more likely that the Earth is destroyed in the next 5 seconds,
than that a collision occur in the next millennium.

2.3 HOW TO CREATE BITCOIN ADDRESS (Detailed)

0 - Having a private ECDSA key

18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725

1 - Take the corresponding public key generated with it (65 bytes, 1 byte 0x04, 32 bytes
corresponding to X coordinate, 32 bytes corresponding to Y coordinate)

0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522
CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6

2 - Perform SHA-256 hashing on the public key

600FFE422B4E00731A59557A5CCA46CC183944191006324A447BDB2D98D4B408

3 - Perform RIPEMD-160 hashing on the result of SHA-256

010966776006953D5567439E5E39F86A0D273BEE

4 - Add version byte in front of RIPEMD-160 hash (0x00 for Main Network)

00010966776006953D5567439E5E39F86A0D273BEE

(Note that below steps are the Base58Check encoding, which has multiple library options
available implementing it)
5 - Perform SHA-256 hash on the extended RIPEMD-160 result

445C7A8007A93D8733188288BB320A8FE2DEBD2AE1B47F0F50BC10BAE845C094

33
6 - Perform SHA-256 hash on the result of the previous SHA-256 hash

D61967F63C7DD183914A4AE452C9F6AD5D462CE3D277798075B107615C1A8A30

7 - Take the first 4 bytes of the second SHA-256 hash. This is the address checksum

D61967F6

8 - Add the 4 checksum bytes from stage 7 at the end of extended RIPEMD-160 hash from
stage 4. This is the 25-byte binary Bitcoin Address.

00010966776006953D5567439E5E39F86A0D273BEED61967F6

9 - Convert the result from a byte string into a base58 string using Base58Check encoding. This
is the most commonly used Bitcoin Address format

16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM

34
2.3.1 STRENGTHS
2.3.1.1 Distributed trust
In traditional models, trust is deposited in an authority or entity which controls all the relevant
information. In Bitcoin, conversely, there is no such authority; rather, information is managed
by the users as a whole. In this way, whenever more than half of the users of the system are
honest, the “rules” set out by the system cannot be broken by any dishonest users.

35
2.3.1.2 Incentives
By convention, until the limit of 21 million bitcoins is reached, when a miner builds a new
block they are rewarded with a predefined amount of bitcoins. In this way all the nodes have
an incentive to support the network, and a way of creating and distributing cash is defined,
which is necessary given that there is no central authority minting new money,.

These incentives can also be provided through fees for the verification of transactions, such
that the user who creates a valid block receives as a payment a part of the money involved in
the verified transaction.

2.3.1.3 Cryptography
The use of a strong asymmetric cryptographic system, like ECDSA, and of robust hash
algorithms, like SHA-256, guarantees the current integrity of the system. But taking into
account that computing capacity increases year on year, in addition to the appearance of new
advances in cryptographic and cryptanalytic theory, it is not unreasonable to believe that
algorithms that are secure today will not be tomorrow. It is for this reason that the system is
designed in such a way that the cryptographic system used can be changed, using the same
peer-to-peer protocol and transaction management. It is simply a question of allowing, should
it be necessary, new transactions to use a different cryptographic system54.

2.3.1.4 Scalability
As has already been seen, Bitcoin works with peer-to-peer communications, for which its
growth is based on the adhesion of new nodes to the network.

However, it must not be forgotten that Bitcoin’s functioning is based on cryptography, and
specifically on the use of ECDSA (leaving aside the RIPEMD-160 and y SHA-256 operations,
which are sufficiently rapid not to have to take them into account with regard to scalability).
Calculations carried out on the implementation of ECDSA indicate that some 8,000
verifications of digital signatures a second can be carried out by a current desktop processor.
The most recent data from Bitcoin Watch show that around 2,500 transactions an hour – about
0.7 per second – are performed. The network would have to experience spectacular growth
indeed to reach the theoretical limits of its functioning.

When it comes to scalability, storage necessities also need to be taken into account. Bitcoin
keeps a list of all the transactions that have been realized in the network since its beginning.
This suggests that the Blockchain will grow in time without limit. Nevertheless, it should be

36
remembered that most transactions can be eliminated from the Blockchain, allowing the size
of this to fall notably.

According to the original paper describing Bitcoin, where it was anticipated that the block
header would be 80 bytes, and taking into account the creation of blocks every ten minutes, the
chain will grow 4.2MB a year (80 bytes * 60 minutes/10 minutes * 24 hours * 365 days).

2.3.1.5 Transparency
As its own wiki observes, Bitcoin is probably the most transparent electronic payment system
that has ever existed. This is due to the fact that anyone is able to consult the complete
transaction history, and know where each amount of money has come from and where each has
gone. This, for example, permits the “marking” of stolen money, or money which has been
used in illegitimate activities, in such a way that any potential payee can subsequently reject it.
Nevertheless, this is not always seen as positive.

2.3.2 WEAKNESSES
2.3.2.1 Vulnerabilities
Throughout the Bitcoin network’s life, vulnerabilities have been discovered in the different
implementations that have appeared, which can be exploited by malicious users for different
ends, from the theft of bitcoins or double-spending, to causing the whole network to
malfunction. A table of the five most serious vulnerabilities is shown in Appendix II; and a full
list of vulnerabilities can be found in the Open Sourced Vulnerability Database.

2.3.2.2 Theft from wallets

The design of the Bitcoin wallet as such does not entail its encryption, since this is a security
measure left to the discretion of the user. By default, most wallets are stored unencrypted,
which makes the appearance of malware specifically designed to rob wallets possible.
However, there are exist wallets which include the option of encryption.

In this respect, special care needs to be taken with regard to back-up copies of wallets: owing
to how the system functions, bitcoins stored in a more recent wallet version could be accessed
through a back-up copy with an old password.

37
2.3.2.3 Unencrypted traffic
Communication between peers is unencrypted. Although this does not impact on Bitcoin
strongly (any user can connect to the network and access the totality of transactions), it is
something to be borne in mind, since according to the needs of the user, complementary
security measures should be implemented. According to how Bitcoin functions, a malicious
user can spy on another user’s traffic and identify the transactions they carry out by simply
comparing incoming and outgoing transactions.

2.3.2.4 Energy Consumption

The value of a bitcoin is inextricably related to the consumption of energy. Mining is carried
out through computing operations, and to do this equipment has to be functioning and
connected to an energy source, with the consumption of energy that this supposes.

Taking into account the increasing difficulty that the network introduces for the mining of
bitcoins and the cost of electricity, in the long-term mining will cease to be profitable. For this
reason, transaction fees will have to increase to keep the system sustainable. This lowering of
profitability, however, may also make users abandon the network for others with lower costs.

2.3.2.5 Anonymity and privacy

Although Bitcoin as such does not require the user to enter identifying data to use it, the level
of anonymity the system provides can be significantly reduced through independent means
based on the construction and functioning of the system itself; means, therefore, at times
difficult to prevent. Although a thorough management of Bitcoin addresses can mitigate this
problem, doing this effectively can turn out to be difficult.

Taking this into account, given that the amount of cash in bitcoins in any address is publically
available information, not only can the money owned by a person whose identity has been
compromised be deduced, but where that money has come from and where it has gone can also
be known too. Without any doubt, this supposes a serious danger for people’s privacy (and
even integrity) should Bitcoin ever be taken up on a massive scale.

2.4 IMPERICAL LITERATURE

We build upon already existing work by contributing the first user study with Bitcoin users.
Eskandari et al. (2015) presented a first look at the key management of Bitcoin by providing a
set of evaluation criteria for Bitcoin wallets and a cognitive walkthrough of selected wallets
38
using their, C. Wharton, J. Rieman, C. Lewis, and P. Polson (1994) methods they wrote about.
The work by Eskandari et al. (2015) can be considered a first look at the usability of Bitcoin.
Moore et al. (2013) conducted an empirical analysis of Bitcoin exchange risks. They examined
the track record of 40 Bitcoin exchanges and found that 18 had been closed, with customer
account balances often wiped out. They also found that popularity is a strong indicator to
predict the lifetime of an exchange, i.e. popular exchanges have a longer lifespan. Baur et al.
(2015) conducted exploratory interviews with individuals of distinct groups and found that
most stakeholders perceived the ease of use still as rather low. They also found that the
experienced usefulness varies according to the user group. However, no empirical study has
been performed to examine user perceptions of Bitcoin security, privacy and anonymity. For a
cryptographic currency like Bitcoin, public key cryptography is required. Vis-à-vis the
usability of key management and encryption in the context of e-mail various studies have
shown that there are numerous usability issues regarding the successful usage of public key
cryptography in Bitcoins. At this time, for neither domain a fully usable concept has been
successful. Human aspects of key management have already been studied in other domains that
is by S. L. Garfinkel and R. C. Miller (2005). For the Bitcoin ecosystem however, secure key
management alone is not sufficient, as communication is not channel-independent but an
integral part of the security concept.

El Khyari Yasmine and Reis Benjamin (2012) agree that attacks are being made in the Bitcoin
system and these attacks are being done by those who have detailed knowledge on how the
Blockchain works. They identify loop holes in the system and make use of those to gain on the
not suspecting newcomers or those who do not know of the vulnerability. One of these attack
is double spending.

2.5 Double spending

The double spending is an attack that consists in paying two different sellers with the same
bitcoins. One of the transactions won't be valid and will be rejected. Therefore one of the sellers
will have offered his service for free. An attacker can also decide to create a transaction using
those same bitcoins and send them to himself. If the attack succeeds he won't have spent any
bitcoin but will nevertheless earned freely the service of the 1st buyer.

39
Figure 5: Sketch of a double spending attack.

They, go on to provide a solution “In fact, it is advised to wait for 6 blocks to be created make
sure that no other branch in the block chain will be validated. This takes approximately one
hour. Once the seller is sure that the transaction is valid he can offer his service and be confident
about the payment.”

On the same issue of double spending, Dibyojyoti Mukherjee et al (2015) agree with El Khyari
Yasmine and Reis Benjamin(2012) that double spending is possible and go on to suggest a
better solution “…But, a better solution for preventing this attack is to have a timestamp server.
A timestamp server works by taking a hash of a block of item to be timestamped and widely
publishing the hash. Timestamp proves that the data must have existed at the time.” The next
figure shows block chain structure with timestamp.

40
Figure 6: Blockchain with a timestamp to avoid double spending.

2.6 SUMMARY
The chapter has highlighted the conceptual literature related with this research. Empirical
literature has been included to show related studied that have been conducted by other scholars
and the niche into which this study has looked at. The following chapter will look at the
methodology used in this research in detail.

41
CHAPTER 3
RESEARCH METHODOLOGY

3.0 Introduction
This chapter focuses on research methodology, the description of the various methods and
research instruments that were used to collect and analyse data. Data sources such as primary
data and secondary data were also used in the research methodology. In this chapter,
methodology for the study is presented. It defines how the research will be carried out assuming
activities and procedures undertaken during the course of the research. The research design
used in carrying out the research is presented. The research methods which will be used to
gather necessary data to answer the research questions outlined in chapter one will be
discussed. The pros and cons of the research methods used in data collection are also discussed.

3.1 Research Design

Bryman and Bell, (2007), defines research design as the blueprint on how one goes about
answering the objectives of the study. Research design also refers to the way in which the study
was designed and method used in carrying out the research. Research design is a plan and
structure of investigation conceived to obtain answers to research questions. The research
design gives the framework of the researcher’s plan of action for the entire study. Babbie
(2005), define descriptive research as studies designed to obtain information directed towards
determining the nature of a situation as it exists at the time of the study. It also accords the
researcher a chance to employ different data collection techniques used since it provides an
accurate description of the variables in the problem model.

3.1.1 Response errors.

This occurs when the respondents do not provide accurate answers. Factors, which may lead
to this, are:
• Deliberate factors: some respondents purposely misreport their answers. Usually such
answers may be a response to sensitive questions that might whistle blow the company to
relevant authorities or which are personal to the company. Some respondents just not disclose
information because they will not be sure of the uses of the information even if they are assured
that the information is only for academic purposes. However the questionnaires were designed

42
in such a way to avoid sensitive questions was used to ensure the respondents that the
information will be purely for academic purposes.
• Non deliberate factors: these may be caused by fatigue especially to managers who
usually work under pressure. It may also be due to question format or content. The
questionnaire was made simple to understand by use of simpler terms.

3.1.2 Qualitative approach

A qualitative approach involves describing in detail a specific situation using research tools
such as interviews, observations and surveys that has no involvement of figures or numerical
explanations. According to Myers and Avison (2002), “the qualitative research methods were
developed in the social sciences to enable researchers to study natural phenomena”. This
methodology is associated with the social constructivist paradigm. The findings are based on
data collected through interviews, observations and surveys. Qualitative research is the
research that produces findings not arrived at by means of statistical procedures or other means
of quantification (Strauss and Corbin, 1990). On data collection qualitative methodology
makes use of theories or patterns. Open ended questionnaires will be used in qualitative
research although some researchers quantify the answers during the analysis phase (Ngumi,
2013). The questionnaires do not contain any boxes to tick but instead leaves a blank section
for the respondent to write an answer finding out what people think. Interviews also will be
used in qualitative research.

3.1.3 Quantitative approach

A quantitative approach requires quantifiable data involving numerical and statistical
explanations in describing a specific situation analysed using statistical and mathematical
methods. Some phenomena lends themselves to quantitative analysis because they are already
available as numbers (Aliaga, 2005). For example increase in the number of Bitcoin users
holding degrees related to Information Technology can be expressed in numbers. Benbasat
(1987) states that quantitative research methods were developed in the natural sciences and
were used on the study of natural phenomena. Quantitative research methods are survey and
experiments, laboratory experiments and formal methods. Quantitative method relates to
aspects that can be quantified or can be expressed in terms of quantity (numerical values) for
example number of ladies and gents who complete and return research questionnaires. It is
generally associated with the positivist paradigm. Quantitative methodology makes use of

43
hypotheses which predicts possible relationships between variables. Data gathered using
quantitative research techniques include gender, in-depth interviews, story completion tests,
sentence completion test, and word association tests. Quantitative approach is linked to
deductive method of theory testing while qualitative approach is characterised by inductive
testing (Saunders, et al., 2003). Anything that can be expressed in terms of numerical values is
quantitative data. Closed ended questionnaires will be used generate statistics in quantitative
research. These questionnaires follow a set format and can be scanned straight into a computer
for ease of analysis stage. There are standard answers to these questions and might be used to
find how many people use a service making data analysis easier.

3.1.4 Regression analysis

This method involves determining the strength of the relationship between two variables or
more.
To carry out the research, qualitative and quantitative research methods will be used so as to
get a systematic understanding of the research question.

3.1.5 Mixed research methodology

Mixed approach involves collecting and analyzing quantitative and qualitative data in two
successive stages in one study, (Creswell, 2009). As argued by Johnson and Turner, (2003) the
fundamental principle of mixed methods research is that multiple kinds of data should be
collected with different methods and strategies. The data will be gathered using qualitative
method hence assisting the researcher in gaining a deeper understanding of the problem and
connections among bitcoin user, mainly bitcoin miners and normal transaction users.
Thereafter the qualitative data will be linked with quantitative data in the data analysis phase
of the investigation by use of the statistical program, the SPSS.

Qualitative approach will be conducted first for exploration purpose, followed by quantitative
approach based on qualitative findings for testing purpose. The qualitative approach strives to
understand the perspective of the respondents. The study will take qualitative approach to
provide a more realistic feel of the findings which cannot be quantified by using interviews and
observation. Quantitative design makes effort to control for bias so that facts can be understood
in an objective way. A mixed method design combines the strength of both quantitative and
qualitative research approaches. On their own, though quantitative and qualitative methods

44
have some strengths, but more benefits are realised when they are brought together. This point
is further highlighted by Connelly (2009) who wrote that “the goal of mixed methods research
is to draw on the strengths and minimise the weaknesses of both types of research”. Many
researchers tend to use a combination of both open and closed questions. That way it is possible
to find out how many people use a service and what they think about the service on the same
form, (Ngumi, 2013).

3.1.6 User Study Methodology

The goal of this study is to empirically investigate end user perceptions and behavior in the
Bitcoin ecosystem with an emphasis on security practices as well as coin and key management
with the involved security risks. We designed an online questionnaire and additionally
conducted qualitative interviews. We derived specific research questions from already existing
literature on Bitcoin as well as from a qualitative content analysis of threads from online forums
and mailing lists.
Furthermore, we revised the available Bitcoin users and their capabilities and used them as
inspiration for our questions and the design of the security and privacy risk scenarios. We focus
on Bitcoin as it was by far the most popular cryptographic currency at the time we conducted
this study (August 2016 - May 2017). While the online survey was intended to broadly measure
user experiences with Bitcoin security and privacy, the interviews were conducted to get a
deeper understanding on key usability issues, causes of common security incidents and if and
how they managed to recover their keys, that is, key management.

3.1.7 Reliability and Validity

Leeds (1997) indicates that validity is concerned with the soundness, effectiveness of the
measuring instruments. Reliability is the consistency with which a measuring instrument
performs. However, reliability is concerned with the degree of fit between construct and data.
Phillips in Baley (1982) notes that, a measurement of a given phenomenon is viewed as valid
if it successfully measures the phenomenon it sets out to measure. The validity of a
questionnaire relies on the relevance or content validity, of the questionnaire to the researched
topic.
During the construction of the questionnaire, an examination of the items was done by the
researcher to ensure that the questions in the questionnaire and interview focused on the
required information. In addition, to ensure reliability and validity of the questionnaire and

45
interview questions, the researcher also approached senior scholars who assisted in the phrasing
and elimination of some of the questions in order to meet the objectives of the study.

3.2 Data collection procedures

3.2.1 Online Survey

We conducted our online survey over April 26 - May 7, 2017. Our survey consisted of both
closed- and open-ended questions and covered the following topics: (1) Bitcoin usage and
management, (2) CMT choice and usage, (3) security, privacy, anonymity and backup
behaviour, (4) risk perception, and (5) demographics. The full set of questions is presented in
Appendix B. The open-ended questions were coded independently by the researchers
independently. After agreeing on a final set of codes, we coded all answer segments for the
final analysis. Coding refers to categorizing qualitative data to facilitate analysis and is a
common practice in human-computer interaction research.
Cooper and Schindler (2003), define data as the facts presented to the researcher from the study
environment. From this data, the researcher draws conclusions to the research study. Two
forms of data are set namely primary data and secondary data.

3.2.2 Primary data

Primary data can be referred to as data structures of variables specifically collected and
assembled for the current research problem. The researcher will collect relevant data to his
study that is compiled by no one. Higher level of accuracy is obtained as the researcher will
gather data only relevant to the study. According to Kothari (1985), primary data is original
information collected for the first time.

3.2.3 Secondary data

Data at hand prior to the research is known as secondary data. The data would not have been
collected to give answers to the research questions but information can be drawn from such
sources. Secondary data already exists at the time of the research and is not originally gathered
to answer the problem at hand. According to Jewel B (1997), secondary data refers to already
available and collected data. This means it is data gathered and collected prior to and for a
purpose other than this research project. Secondary information is obtained from textbooks,
financial reports, the internet, journals and newspapers, magazines and newsletters. Secondary
information provides a useful source of data from which to answer or begin to answer research
questions. This forms most of the literature review on this research project. The researcher can
extract useful information from respectable authorities, theorists and other researchers outside
46
Zimbabwe. Secondary data will help the researcher to find out more about the research topic
quickly and easily through the use of the internet, journals and textbooks.

To carry out this research, the researcher will use both primary and secondary data. Primary
data will be collected by carrying out his own survey through the use of a user study consisting
of an online survey and qualitative interviews. Secondary data will be collected from previous
researches relevant to the area of study. The data collected will be sufficient to provide answers
to the research questions under study. Polit and Beck (2003) said that secondary research
involves the use of data gathered in a previous study to test new hypotheses or explore new
relationships. They also indicate that secondary analysis of existing data is efficient and
economical because data collection is typically the most time-consuming and expensive part
of a research project. Secondary data used to validate the findings from analysis of primary
data which was collected using online questionnaires and interviews. The strategy of using
both primary and secondary data to address the same study objectives is meant to improve the
interpretive coherence and improve both communicative and pragmatic validity of the study
results, (Ngumi, 2013).

3.2.3.1 Advantages of secondary data

 The researcher benefited from this because most magazines and journals used are up
to date thus closing the gap that exists between current trends and what is in the
textbooks.

 Secondary information provides insight into what has already been researched and thus
provide some guidelines on what should be done and avoiding repetitions so the
researcher was doing her research basing on those guidelines to avoid writing
unnecessary data.

 Secondary data is the cheapest, easy, and faster way to find out more about the research
topic, since the researcher does not have money this was a great benefit.

 The internet provides extensive information on every subject and it is updated more
frequently than any other source.

47
3.2.3.2 Disadvantages of secondary data
 It is difficult to circumvent biased opinions expressed in the secondary sources of
information as biases and inaccuracies cannot be checked so the researcher had to go
through difficulty challenges to check if the information was accurate or not.

 Accessing internet services from the internet cafes is costly, the researcher is just a
student so paying for the internet costs was a problem.

 Can be difficult to gather data especially if there are few authors who have addressed
the issue, the researcher had to move from one library to another in search of data from
different books.

 The data is historical and is not representative of the future, some data which the
researcher found was of no use it was obsolete and out dated.

 It is time consuming process to go through various publications, because there is need

to compile all the gathered information to become one document so it won’t be easy to
work come up with it.

3.3 Data presentation and analysis

Data analysis refers to examining what has been collected in a survey or experiment and
making deductions and inferences. Newman (2006) defines data analysis as a “search for
patterns of data, recurrent behaviour, objects or body of knowledge”. When analyzing the data
the researcher examines, sorts, categories, evaluates and compares synthesizing data. Data
presentation provides a greater visualisation at the acquired data, making it easier to see what
happened and as well make interpretations from the data. It is an efficient way to show the
obtained data to others.

Both qualitative and quantitative data analysis techniques will be used in analysing and
presenting the data. Using qualitative technique the researcher will identify several topics from
the entire interview. These topics then become primary categories or category labels. Using
quantitative data analysis, the researcher will arrange data into groups after correcting errors
on the questionnaire. A clear representation of what data will look like will help the researcher
in discussing the research findings.

48
Data is going to be presented by the use of tables, graphs and pie charts. Narratives will also
be used and these will aid in the reading, understanding and summarizing findings of data
gathered in a more narrative way. Data collected will be analyzed by use of graphs, charts and
tables. Responses gathered through questionnaires and interviews will be analyzed using the
Statistical Package for Social Scientists (SPSS).

When doing a research a single method can never adequately shed light on a phenomenon. To
validate the data on this research, methodology triangulation will be used. According to Patton
(1999), this type of triangulation checks for consistency of findings generated by different data
collection methods. Bekhet et al (2012) methodology triangulation has been found to be
beneficial in providing confirmation of findings, more comprehensive data, increased validity
and enhanced understanding of studied phenomena.

3.4 Population and sampling methods

3.4.1 Target population

In research, population is the total collection of elements on whose reference is made.
Population refers to the whole spectrum of individuals from whom research data can be
collected. Cooper and Schindler (2003), define population as the total collection of elements
about which we wish to make some inference. According to Grinell (1993) population refers
to the entire group of people, events or things of interest that the statistician wishes to
investigate/study. Ngechu (2004) defined a population as a set of well-defined set of people,
services, elements and events, group of things or households that are being investigated. The
total group of potential participants in a research study to whom a researcher would want to
generalize the results of an empirical study is called the population, (Welman, Kruger &
Mitchell, 2010). A research population thus refers to the total set of units in which the
investigation is interested. In this research, the population consists of only people who have
used the Blockchain that is people who have transacted in Bitcoin before.

3.4.2 Sampling
Sampling is the technique of selecting suitable representative part of a population for the
purpose of determining characteristics of the whole population. A sample is a representative
part of a target population taken to show what the rest of the population is like. According to
Wagner (1995), it is ideally synonymous with entire population conveniently scaling down the
study elements where it is impossible to study the whole population. Sekeran (1992) defines a
sample as subset of the entire population. Grinell (1993) defines a sample frame as that

49
collection of units- people objects, events that has a possibility of being selected. The subjects
of the research are the participants that were used to carry out the study and include a population
from which the sample was chosen.

3.4.3 Sampling techniques

There are several sampling methods that can be used to come up with a study sample. Three
types of sampling will be described by the researcher as below:

 Probability sampling gives each sample the same probability of being chosen. It helps
the researcher to select units from a population that he is interested in studying.
Collectively, these units form the sample that the researcher will use in collecting data
for the research.

 Purposive sampling also known as selective sampling is a non-probability sample that

is selected based on characteristics of a population and objectives of the study. In
purposive sampling, sampling is done with a purpose in mind. According to Yamane
(1967), purposive sampling is a non-probability method of sampling where probability
cannot be assigned to the units objectively. Using purposive opinions of the target
population are likely to be obtained. It is very useful in situations where there is need
to reach a target population quickly.

 Multistage sampling combines various probability techniques in the most efficient and
effective possible manner. The process of estimation is carried out stage by stage using
the most appropriate methods of estimation at each stage. According to Raj (1968), in
multistage sampling, for a given number of elements, greater precision is attained by
distributing the elements over a large number of clusters than by taking a small number
of clusters and sampling a large number of elements from each one of them.

The researcher will use purposive sampling as a sampling technique. The researcher will use
a technique that provides a range of methods to reduce the amount of data to be collected, by
considering only data from a sub-group rather than all possible cases or elements. Purposive
or judgmental sampling enables the researcher to use his judgment to select cases that will best
enable him to answer the research questions. Purposive sampling allows the researchers to
choose the sample based on who they think would be appropriate for the study. This is used
primarily when there are a limited number of people that have expertise in the area being

50
researched. This form of sample is often used when working with very small samples such as
in case study research and when you wish to select cases that are particularly informative,
(Neuman, 2005). Judgmental sampling technique is a technique where participants who are
viewed as the best source of information are chosen by the researcher, (Leedy, 1997). This
method will make data gathering faster as the researcher knows exactly what to include and
what not to include in the sample.

3.4.4 Sample group and size

Sekeran (1992) defines a sample as subset of the entire population. Nachmias (1985) defines
a sample frame as that collection of units- people objects, events-that has a possibility of being
selected. The total group of potential participants in a research study to whom a researcher
would want to generalize the results of an empirical study is called the population. The subjects
of the research are the participants that were used to carry out the study and include a population
from which the sample was chosen. The sample is assumed to be a representative of the total
population. Sampling can be defined as the deliberate choice of a group of people, events,
behaviors and other elements with which to conduct a study Nachmias (1985).
This research is intended to be only for those who have knowledge of how the Bitcoin protocol
works. This includes people who have transacted more than once in Bitcoins

3.5 Research instruments

Two instruments will be used to collect data in the research, namely interviews and self-
administered questionnaires. The instruments will be used concurrently in order to increase the
validity of the research outcome. This is in line with Cohen et al (2007)’s contention that if two
or more different data collection instruments are used, then the validity of the research results
is not only increased but assured. A brief presentation of how each of the two instruments will
be used is included below.

3.5.1 Questionnaires
Questionnaires technique is used for gathering information. They are used to collect most of
the primary data. A structured questionnaire will be used. The questionnaire was uploaded to
the internet and the link was shared in different forums and group communication of people
who transact in Bitcoins. The researcher will issued out the questionnaire with a cover letter
meant to explain the purpose of the research in more detail. Internet calls and e-mails will be
made to respondents to pave way for the timely completion of the questionnaire, to confirm

51
receipt of the questionnaire and to follow up on the completed questionnaire. The questionnaire
will contain both closed ended questions and open ended questions. The researcher will provide
guidelines on how to answer questions by means of instructions in order to solve the wrong
interpretation problems.

Closed ended questions are useful for eliciting factual information. It ensures that the
respondent sticks to the matter addressed and is asked to choose, among a possible set of
answers, the response that most closely represents his/her viewpoint. The respondent is usually
asked to tick or circle the chosen answer.

Open ended questionnaires are useful for seeking opinions, attitudes and perceptions. These
types of questions promote critical thinking and increase the respondent’s participation.
Answers are recorded in full, either by the interviewer or, in the case of a self-administered
survey, the respondent records his or her own entire response.

The researcher will prepare and design questionnaires with questions, accurate and
straightforward responses that will be uploaded online for the Bitcoin users to answer. Using
questionnaires as a research instrument will motivate accuracy due to anonymity,
standardization and uniformity from the Bitcoin users. The respondents which are the Bitcoin
users can thoroughly think about a question because they are not under pressure to respond
immediately. This will help the researcher to obtain less manipulated or corrupted responses
since respondents will give a personal opinion without the researchers or other people’s
influence. Anonymity and privacy encourage honest and unbiased responses. Questionnaires
prove to be cost and time effective when dealing with large sample sizes because the researcher
can send them through emails or post. Data analysis will be made easy by using questionnaires
as each respondent will receive the identical set of questions, which will give standardized
responses. A questionnaire is the best tool to use to obtain data from the Bitcoin users because
they will be able to air their views without fear.

However the response rate might be low and there is need to keep following up in the Bitcoin
Forums and groups to ensure that they fill in the questionnaire. Since the researcher will select
his target sample randomly not looking at qualification levels some of the respondents might
not fully understand the questions. The questionnaire will be uploaded online, the researcher
might not be able to get more information from the respondents’ gestures and actions as the
respondents will fill out the questionnaire on their own. Since the questionnaires are done
online, another component of connectivity may hinder the smooth from of data collection since

52
the investigated parties have to be connected for it to go well. Using information obtained on
questionnaires the researcher cannot ask for further clarification on issues raised by the Bitcoin
users.
3.5.1.1 Advantages

i. Questionnaires will be designed to focus specifically on a particular problem, the

problem which the researcher is trying to come up with the information on user
experiences with Bitcoin.
ii. They give respondents ample time for responding as compared to other methods like
telephone interviews that could be chocking, by doing so it has a great advantage to the
researcher because she was able to get the accurate information from the respondents.
iii. A questionnaire is in a better position to provide empirical information as it could be
presented quantitatively and can have deeper detail as explanations can be given.
iv. The influence of the interviewer is absent, this is a great benefit because the respondents
will be stating their actual feelings and this led to getting the actual information without
no one to change their mind-sets.
v. It can be used easily and distributed to cover many respondents, that is, a larger sample
of respondents can be reached, since the researcher wanted to get information in
different places.

3.5.1.2 Disadvantages

i. Some respondents may be unwilling to impart confidential information on the

questionnaire, as they will not be aware of who would read the information. The risk is
high on the open-ended questions. Unwillingness to respond can be a result of lack of
appreciation of what is happening. Another reason is the uncertainty about information
security, suspecting invasion of privacy, though a cover letter from the university would
be provided to accompany the questionnaire, one might still doubt.

Other actors such as stress and pressure from other assignments at work may cause
unwillingness to respond especially in a case in which respondents are operating tight schedules
to meet deadlines.

53
3.5.2 Interviews
Interviews are the best technique to acquire deeper information from respondents. The main
objective of the interview is to verify the findings obtained with the help of questionnaires.
According to Kothan (2009), interviews are the verbal conversation between two people with
the objective of collecting relevant information for the purpose of research. According to
Panneerselvam (2008), interviews make the researcher feel that the data collected is true,
honest and original by nature because of the face-to-face interaction.

Interviews will be conducted with some users to find out their opinions relating to their
experiences with Bitcoin. The researcher will use interviews to reinforce the data collected
from questionnaires, help fill in unanswered questions from questionnaires and to obtain
information from Bitcoin Org responsible for the Bitcoin currency usage and its originality and
other persons of interest. Using interviews will help the researcher collect data relatively
quickly as the researcher will get immediate feedback. Interviews are language flexible as the
researcher can explain to the respondents in a language understood by the samples Bitcoin
users therefore bringing easier communication.

The study will figure out important information from respondents, incidental information,
voice tones, and attitudes. Advantages of using interviews include a high question completion
rate, because of personal contact. The fact that the respondents cannot ignore a person they are
talking to than a written questionnaire by itself gives the questionnaire completion rate of 100%
as well as the response rate. Respondents answers will be recorded by taking down notes, voice
recording and clarification will be made by the researcher when need arises.

However as a student, it will be difficult for the researcher to set appointments especially with
the guys from Bitcoin Org because they are mostly be busy and unwilling to spare time for the
interview. The Bitcoin Org might not use “utmost of good faith” when responding so that they
will not tarnish their firm’s reputation. Since the interviews are done online, another component
of connectivity may hinder the smooth from of data collection since we both have to be
connected for it to go well. Interviews can be time consuming especially when dealing with the
older population that need extra clarity to understand what they are required of.

In an effort to ensure validity and reliability of interviews, the researcher will reduce the hallow
effect by effectively using simple and straight forward English language without any jargon in
all the dialogues.

54
3.5.2.1 Advantages
i. Supports one-on-one series of meetings, that is respondent can express him-self freely,
the researcher enjoyed this advantage since interviewees were comfortable and
expressed themselves to the fully extent.

ii. Provides detailed information about a particular problem or area under study, the
interview were able to give important information which was so useful to the research.

iii. Easy to detect the emotions and feelings of the respondent as he can explain himself,
because of face to face interaction the researcher was able to note the facial expressions

iv. Provides a platform for clarification, the researcher was able to probe further for better
explanations.

v. Data collection is immediate, that is, interview saves on time, the researcher did not
have to go back to collect information.

3.5.2.2 Disadvantages
The major disadvantage of interviews as a data collection method is the presence of
interviewer’s influence, which may influence the manner in which the questions are going to
be answered, this researcher noted that some of the interviewees were uneasy.

Also some respondents might be biased towards the sensitivity of the research topic during
interviews as they fear to divulge information that will whistle blow to the relevant authorities,
the respondents had a tendency of making the interview too informal such that they could easily
distort the subject question due to the sensitivity of the research topic however The researcher
tried to create an environment of trust by disclosing the purpose of the study and assuring
respondents that the information obtained will be used solely for the purpose of the research.

3.6 Methods of Data Presentation

In this research, tabular, pie charts and graphical presentations were used to present data.

3.6.1 Tabular Presentation

In this study, data were presented in tabular form. Tables are generally superior to text for
presenting statistics, although they should be accompanied by comments directing the reader’s
attention to important figures. Tables facilitate quantitative comparisons and provide a concise,
efficient way to present numerical data Coopers (2003).

55
3.6.1.1 Advantages
Tables are also easy to read and compare data so this will help the researcher to analyze data
quickly.

3.6.2 Graphical Presentation

Comparing graphs to tables, graphs show less information and often only approximate values.
However, they are more often read and remembered than tables. Their great advantage is that
they convey quantitative values and comparisons more readily than tables Coopers
(2003).SPSS was used to generate graphs used in this study.

3.6.2.1Advantages
The researcher uses the graphs and line graphs because they enable her to have an easy
comparison and it will serve time of the user to make quick comparison of large data.
Comparison and trends will be easier to see.

3.6.3 Pie Charts

A pie chart is a circular graph that shows the relative contribution that different categories
contribute to an overall total. A wedge of the circle represents each category’s contribution,
such that the graph resembles a pie that has been cut into different sized slices. Every 1%
contribution that a category contributes to the total corresponds to a slice with an angle of 3.6
degrees.

3.6.3 Advantages
The pie chart provides a functioning as a visual aid to help the researcher to examine and
interprets the data being presented. Also since it permits visualization the researcher is able to
check the reasonableness and accuracy of accuracy of data

3.7 Data Analysis

According to Miles and Huberman (1994) data analysis is an iterative process. Data analysis
consists of three activities: Data reduction, Data display, and Conclusion drawing/verification”.

Data reduction, this process is applied to qualitative data and focus remains on selection,
simplification and transformation of data. In this continuous process the data is organized
throughout the research to draw and finalize a conclusion Miles and Huberman (1994). In this

56
research, the data was reduced from critical elements in user experiences with Bitcoin security
and privacy.

In data display the data is shown in an organized way or the data has to be put into a format
which can easily draw the conclusion. Tables, pie charts and graphs are used to indicate distinct
frequencies of various factors of related with user experience in Bitcoin specifically looking at
security and privacy.

After collecting the data, it was edited, coded and checked to have the required quality,
accuracy and completeness. Then data was analyzed using SPSS program which provided
descriptive outputs. It was seen to be a good method for this study because; firstly it does not
disturb the setting in any way and secondly the method can be used without arousing anyone’s
interest on the matter that is under research. The method is relatively easy to use since it
involves using the data that was already collected by the participants themselves

3.7.1 Problems encountered with data gathering

i. The Bitcoin users that were sampled were not sure of how the information would be
used and were thus reluctant to disclose information to outsiders.

ii. Some respondents took too long to respond to the questionnaires. This was due to
pressure to meet their own work’s deadlines.

3.7.2 Solutions encountered with data gathering

i. The researcher came up with the solution of using a header on top of the questionnaire
stating that this was purely for academic purposes.

ii. The researcher made a follow up through the phone and internet to speed up the
responses.

3.8 Conclusion
The chapter gave an insight into the research design, the data collection methods, the research
population, the sampling techniques, methods of analyzing and lastly how the data will be
presented in the research study. Merits and demerits of the data collection methods the
researcher will use were indicated. The validity and reliability of the methods used for data
collection and compilation depends on time, cost and quality of data to be generated. The next
chapter will focus on detailed data analysis and presentation

57
CHAPTER 4
DATA PRESENTATION, ANALYSIS AND INTERPRETATION

4.0 Introduction
The previous chapter focused on the research methodology that was used by the researcher in
carrying out the study. It gave a report on the methods that were used by the researcher to
collect data from respondents. This chapter forms an integral part of the research work as it
presents the results of the research. It focuses on the presentation and analysis of data collected
from interviews, questionnaires and secondary data. Furthermore, it also presents the data in
the form of tables, graphs and charts. In this chapter the data that was collected will be tabulated
and the findings discussed. Rankings and percentages of frequency of occurrence will also be
used in data analysis. The data that was collected from questionnaires and interviews will be
analysed and presented using statistical software called (SPSS).

4.1 Presentation of results

4.1.1 Questionnaire Response Rate

The response rate shows the magnitude or the degree of response from the data collection
methods which were used by the researcher. These data collection methods include
questionnaires and interviews. These methods were weighed and found considerably
resounding. The questionnaire was online so there are no questionnaire that we not filled in. It
either you submitted after answering all questions or you did not submit. However there was
an expected minimum figure which the researcher thought would be the expected response

𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑞𝑢𝑒𝑠𝑡𝑖𝑜𝑛𝑛𝑎𝑖𝑟𝑒𝑠 𝑎𝑛𝑠𝑤𝑒𝑟𝑒𝑑 100

Expected Response Rate = x
𝑁𝑢𝑚𝑏𝑒𝑟 𝑜𝑓 𝑞𝑢𝑒𝑠𝑡𝑖𝑜𝑛𝑛𝑎𝑖𝑟𝑒𝑠 𝑒𝑥𝑝𝑒𝑐𝑡𝑒𝑑 1

58
 Frequenc Percent Valid Cumulative
y Percent Percent
responded 36 36.0 72.0 72.0
Expected
(50- 36) 14.0 28.0 28.0
response

Total 50 50.0 100.0

Figure 2

36 𝟏𝟎𝟎
Response rate = x
50 𝟏

= 72%
The expected response for the questionnaires was 50. Out of the 50 expected, 36 managed to
answer the questionnaires making it 72% response rate. The 72% response rate shows that
data compiled have the majority views of the respondents and this is reliable enough to arrive
at generalizations of the research findings.

4.1.2 Interview Response Rate

Table 4.2 below shows the response rate from the interview conducted with the Bitcoin users.
𝑵𝒖𝒎𝒃𝒆𝒓 𝒐𝒇 𝒊𝒏𝒕𝒆𝒓𝒗𝒊𝒆𝒘𝒔 𝒉𝒆𝒍𝒅 𝟏𝟎𝟎
Response Rate =𝑵𝒖𝒎𝒃𝒆𝒓 𝒐𝒇 𝒆𝒙𝒑𝒆𝒄𝒕𝒆𝒅 𝒂𝒕𝒕𝒆𝒏𝒅𝒂𝒏𝒄𝒆 x 𝟏

Frequenc Percent Valid Cumulative

y Percent Percent
conducted 7 7.0 70.0 70.0
not
Valid 3 3.0 30.0 30.0
conducted
Total 10 10.0 100.0

7 𝟏𝟎𝟎
Response rate = x
10 𝟏

=70%

59
A total of 10 interviews were scheduled to be conducted with Bitcoin users. 7 of the
interviews were successful and 3 failed making it a 70% response rate.

4.1.3 Demographic data

4.1.3.1 Gender of the questionnaire respondents

Questionnaires

FEMALE 8.30%
Gender

MALE 91.70%

% of respondence

Fig 4.1: Gender questionnaire

As shown in figure 4.1, 91.7% of the respondents were males and 8.3% were females. Dixit
(2010) cited a study by Pew Internet & American Life Project (2002), where there is high risk,
but high return, men are more likely to invest than women. The findings of the study showed
that men are somewhat more likely to transact using Bitcoins than women.
4.1.3.2 Gender of the interview respondents

Interviews

FEMALE 14.30%
Gender

MALE 85.70%

0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00% 90.00%
% of Respondence

Fig 4.2: Gender and interviews

60
As shown in figure 4.2, 85.7% of the respondents were males and 14.3% were females. The
findings of the study further supported the notion that men are somewhat more likely to transact
using Bitcoins than women as had been the situation with questionnaires.
4.1.3.3 Age range
Table 4.3 Age of respondents in questionnaires

Frequenc Percent Valid Cumulative

y Percent Percent
below 18 0 0.0 0.0 0.0
18-25
15 15.0 41.6. 41.6.
years
Valid 26-40
21 21.0 58.4 58.4
years
above 40 0 0.0 0.0 0.0
Total 36 36.0 100.0

From the table above, it shows the age range of the respondents of which 0% were below 18
years of age. The highest percentage of the age range is 58.4 % which represent age range 26
to 40 years. 41.6% of the respondents are aged between 18 and 25 years and 0% is in the age
range of 40 years and above. The above information shows that the young ones and the oldest
are not willing to take risks. This might be because the youngest ones may not know enough
information about what Bitcoins are and not willing to invest in what they have not understood
yet. As age increases people generally tend to be late adopters of technology so the oldest one
may not invest in Bitcoins because they have seen many Ponzi schemes and fear being part of
this still developing currency. For both the age groups, that is 18 and less and 41 and above,
with 0% the reason might be because of insufficient and non-existent training respectively, on
how to use the technology. To further confirm this issue, interviews clarified this issue.

61
Table 4.4 Age of respondents in interviews

Frequenc Percent Valid Cumulative

y Percent Percent
below 18 0 0.0 0.0 0.0
18-25
2 2 28.6 28.6
years
Valid 26-40
5 5 71.4 71.4
years
above 40 0 0.0 0.0 0.0
Total 36 36.0 100.0

The interview that were held showed that the below 18 and above 40 group had zero
participants. With this in mind, we can positively conclude that these two group have little to
no knowledge about how Bitcoins operate, this is for the below 18 group or that they have little
to no trust in the currency based on perceptions that it can one day collapse going away with
their money as we have seen in the past, basing on Ponzi Schemes.

4.1.4 Countries of participants

4.1.4.1 Country of respondents in questionnaires
We put a section in our in our questionnaire for our participants to show us their country of
origin. This was to make sure that we all had enough data to put a conclusion to our study .The
diagram below shows us where the participants of our survey were located. Most participants
of both interviews and questionnaire came from developing countries and developed countries.
Zimbabwe was an exception here because the researcher made a follow up of those who he
knew could help him locally.

62
 12

Number of Participants
10
8
6
4
2
0

Country Of Participants

Fig 4.3: Nationality and questionnaires

4.1.4.2 Country of respondents in interview

Interviews
3.5

3
Number of participants

2.5

1.5

0.5

0
USA India Zimbabwe Others
Country of Participants

Fig 4.4: Nationality and interviews

63
4.1.5 Academic qualifications
4.1.5.1 Questionnaires

Questionnaires 6%
22%

47%

25%

High School College/Diploma Bachelors Degree Masters Degree

Fig 4.5: Educational level of questionnaire participants

Fig above shows the academic qualifications of the respondents. 47% of the respondents were
degreed, 25% had a Diploma or graduate from College and 22% managed to reach High School
with the remainder 6% having attained Master Degrees. This also explains the well informed
answers the researcher was getting from the questioners.

4.1.5.2 Interviews

Interviews 0%

29%

71%

High School College/Diploma Bachelors Degree Masters Degree

Fig 4.6: Educational level of interview participants

Fig above shows the academic qualifications of the respondents during interview sessions. 71%
of the respondents were degreed and the remaining 29% managed to reach High School. The

64
High School respondents had certificate qualifications as part of their credentials, this was only
stated after the researcher had asked during an interview

4.1.6 Experience in using Bitcoins

Questionnaires:Experience in using
Bitcoins

5+ years

1-4 years

less than 1 year

0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00%

Fig 4.7 Experience of Bitcoins in Questionnaires

As illustrated by the pie chart above 30.6% of the Bitcoin users indicated that their Bitcoin
usage is less than a year and the other 58.3% between 1 to 4 years. The minority making up the
last 11.1% indicated that they have used this innovation for more than 5 years. Basing on these
findings it shows that only people started using Bitcoins long back when they were introduced
in 2009.

Interviews:Experience in using
Bitcoins

5+ years

1-4 years

less than 1 year

0.00% 10.00% 20.00% 30.00% 40.00% 50.00% 60.00% 70.00% 80.00%

Fig 4.8 Experience of Bitcoins in Interviews

As illustrated by the pie chart above 28.6% of the Bitcoin users indicated that their Bitcoin
usage is less than a year and the majority, 71.4% had 1 to 4 years’ experience in using Bitcoins.
65
There were no interviewees that had used bitcoins for more than 5 years, this could mostly be
that these guys are the one responsible for teaching others who have no idea of how Bitcoins
work because they are more experienced with Bitcoins more than anyone else in the industry.
So I concluded that they may have been very busy with their work or that they avoided
interview at the least cost since most of them want to remain anonymous.

4.1.7 General Bitcoin Usage

Most participants reported to use Bitcoins for tips and donations (38.0%), followed by virtual
goods, such as web hosting, online newspapers (33.3%), online shopping (27.5%), altcoins
(26.5%), gambling (26.5%) and Bitcoin gift cards (19.9%). About 5% self-reported to buy or
have bought drugs with bitcoins. A point to note is that a person can select more than one option
on Bitcoin usage.

General Bitcoin Usage

40%
35%
30%
25%
20%
15%
10%
5%
0%
Tips and Virtuals Online Gambling Gift cards Drugs
Donations Goods Shopping

General Bitcoin Usage

Fig 4.9 General Bitcoin Usage

30.2% of our sample reported to use Bitcoin at least once a week, 25% stated that they use
Bitcoin at least once a month and 19% at least once a day. The remainder of the participants
indicated to use Bitcoin at least once a year or even less. These results suggest that the majority
within our survey frequently uses Bitcoin. We also asked our participants about the amount of
bitcoins they are currently holding. Most of the participants did not want to specify. According
to their reports, our sample holds approximately 800 Bitcoins in total. The majority of users
(70%) started to use Bitcoin between 2013 and 2015. 17% started between 2011 and 2012.
58.0% reported to use other crypto currencies in addition to Bitcoin, most frequently Dogecoin
and Litecoin. The most popular Bitcoin exchanges in our sample are BTCE (20.9%), Bittrex
(14.0%) and Bitstamp (13.0%). 11.4% of our participants are currently mining bitcoins. Most

66
of them started mining after 2014. Many of those who started earlier have stopped mining as
they currently consider it infeasible. All participants from our qualitative interviews are
frequent Bitcoin users, and some of them are active in the local Bitcoin association. Most
interviewees mentioned that the decentralized nature of Bitcoin was among the main reasons
to start using Bitcoin. The second-most mentioned reason was simply curiosity. Some
participants also mined Bitcoins some years ago when it was still profitable to mine at small
scale and most of these participants were in the class that had used for more than 4 years.

4.1.8 Practices of Bitcoin Management

4.1.8.1 Bitcoin Wallets and Backup Behaviour
CMT stands for Coin Management Tools, which is basically the Bitcoin equivalent of a bank
account. It allows you to receive bitcoins, store them. The table below shows the most widely
used Bitcoin wallets. The participants could mention multiple wallets as it is a common
scenario that users use more than one wallet. The table also shows the number of participants
from our sample who use a certain wallet as well as the percentage, and then send them to
others. A point to note is that a person can have more than one CMT.

Table 4.5 Properties of the most frequently used wallets mentioned by our participants.
CMT Number Percentage Bitcoins
Coinbase 24 33.8 % 115
Bitcoin core 18 25.4% 230
Xapo 13 18.3% 98
Electrum 9 12.7% 103
MyCelium 4 5.8% 35
Others 4 4% 72

Furthermore, the table below shows whether the users protect their wallets with a password
and if these wallets are encrypted.

Table 4.5 Properties of the most mentioned CMTs in terms of encryption.

67
In the table above, the three blocked columns contain information on whether the CMT is
encrypted, if it is backed up, whether there exists an additional backup and the mentions in
percent (Yes, No and I don’t know (IDK)). The rightmost column contains the sum of
bitcoins stored in a respective CMT by our participants. Our findings show that the majority
of users protect their wallets with a password. In case of web clients, we observed a lack of
background knowledge. For example, 47.7% of Coinbase users in our sample say that their
wallet is encrypted and 34% claim that they do not know if it is encrypted. We observed a
similar trend for Xapo which is the third-most used wallet in our sample. Just like Coinbase,
it is also a webhosted tool and, similarly to Coinbase, only about half of the users say it is
encrypted and about a third does not know if it is encrypted. Regarding backups, only a third
of Coinbase users and 43% of Xapo users backup their wallets. 33.9% of Coinbase and
28.5% of Xapo users do not know whether their wallet is backed up. We also found that
Bitcoin users with more than 0.42B (100 USD) do not backup their CMT more often than
users with less bitcoins.

4.1.8.2 Anonymity
We found that 32.3% of our participants think that Bitcoin is per-se anonymous while it is in
fact only pseudonymous. 47% thinks that Bitcoin is not per-se anonymous but can be used
anonymously. However, about 80% think that it is possible to follow their transactions. 25%
reported to have used Bitcoin over Tor to preserve their anonymity. We also asked
participants if they take any additional steps to stay anonymous. 18% reported to frequently
apply methods to stay anonymous on the Bitcoin network. Most of them reported to use
Bitcoin over Tor followed by multiple addresses, mixing services, multiple wallets and VPN
services.

4.1.8.3 Risk Perception

We were also interested in user perceptions of risks associated with Bitcoin. We provided the
participants with 3 risk scenarios. We selected the risk scenarios based on findings from

68
scientific literature and evidence from online resources. For each risk scenario, we provided an
easy-to-understand description and asked the participants whether they think the risk is likely
or unlikely to occur. The graph below shows the participants’ risk estimation. Our results show
that the participants consider value fluctuation as the highest risk, followed by vulnerabilities
in hosted wallets and Bitcoin theft via malware. Our participants estimated the risk for
cryptographic flaws as the lowest, followed by double-spending attacks and Denial of Service
attacks on the Bitcoin network.

Fig 5.0 User perceptions of risk scenarios in percentage of participants (N = 36).

4.1.8.4 Security Breaches

About 22.5% indicated to have lost bitcoins or Bitcoin keys at least once. Of those, 43.2%
mentioned that it was their own fault (e.g., formatted hard drive or lost a physical device with
Bitcoin keys). 26.5% reported that their loss stemmed from a hardware failure (e.g., a broken
hard drive), followed by software failure (24.4%; e.g. key file corruption) and security breaches
(18% e.g., malware, hacker). The majority (77.6%) among those who lost bitcoins did not want
to indicate whether they were able to recover their keys. Of those who provided an answer,
65% were not able to recover their keys. Overall, our participants reported to have lost about
46.6873 bitcoins. However, it must be taken into account that we did not ask when the coins

69
were lost. Hence, interpreting this result we must take into consideration that the Bitcoin
exchange rate is highly volatile and it is therefore hard to provide an overall estimation in
USD. About 40% of our participants reported to have lost money due to a self-classified major
security breach. 13.1% of our overall sample reported to have lost bitcoins in HYIPS (high-
yield investment programs) and pyramid schemes. 7.9% lost money at Mt. Gox.
During the interviews, we gave our participants the opportunity to describe how they dealt with
the incident. Most participants stated that they did not do anything to recover their keys and
simply accepted the loss. Some argued that the financial loss was not worth the effort to take
further steps or that they felt helpless as they didn’t know what to do. Those who actually took
action most frequently mentioned that they filed claims and contacted the exchange or online
wallet provider. Those who lost money to a malicious online wallet reported to have moved to
other types of wallets instead of hosted/online wallets. The participants who lost money in
HYIPS mostly stated that they started to use less risky investments and learned from their
previous mistakes. Irrespective of the security breach, many participants reported to have
spread the word over forums on the Internet and shared their experiences with other affected
users.
Some of the participant statements were as follows:
 “I follow the ‘do not invest more than you’re ready to lose’ rule.”
 “I just had to accept that my money was stolen ... and that I learned my lesson to never
use exchanges as wallets. Keep everything in your own hand.”
 “Just learned from it. It was exceedingly stupid on my part.”

One participant from our qualitative interviews reported that he have already experienced an
intentional or accidental key and/or Bitcoin loss. Two participants were affected from the Mt.
Gox security breach.
4.1.8.5 Perceptions of Usability
Even though most participants of our qualitative interviews were very much concerned about
security and privacy aspects of Bitcoin management, two of them said that they would
recommend web wallets and deterministic wallets to non-tech-savvy Bitcoin users.
Convenience and easiness of use were highlighted as the main benefits. One participant said
that he would definitely recommend a wallet where the private key is stored on a central server
to make key recovery easier and to obviate the need for comprehensive backups as well as that
mnemonics would help. The same two interviewees from above also said that they would

70
recommend MyCelium14 as the most usable wallet. Those who had already used MyCelium
consider the paper backup procedure as the most usable and secure way. To create a paper
backup with MyCelium, the user has to print out a template that contains some parts of the key
and then lets the user fill out the empty spots manually. One participant expressed initial
discomfort when she used paper wallets.
Most interviewees also highlighted the need for fundamental education in early years of
childhood. P2 said that Bitcoin is inherently complex, that the fundamental idea of public key
cryptography should be taught in school and monetary systems are a matter of culture.
Another participant also highlighted that user interfaces should be simplified and minimalized.
To support that other participants also stated that for a fast proliferation of Bitcoin, simple and
intuitive User Interfaces are more important than security. They argued that computers
proliferated even though most people do not know how computers work and that security is
not necessarily an argument for large-scale adoption. They provided examples such as cars in
the 1940s, computers, credit cards and WhatsApp. They also said that the amount of money
that is circulating in the Bitcoin network is low enough to take the risk of losing it and compared
this scenario to the risk of losing cash. Some participants also proposed a dedicated device with
an intuitive User Interface for key management and think that such an artefact would be the
most secure and usable option.
4.1.8.6 Participant Statements
 “It somehow didn’t feel right for me to go out of the digital realm.” (interviewee X on
paper wallets)
 “Children learn about our monetary system in their very early days in primary school.
This is why society knows how to use cash and credit cards. I’m sure it could be the
same thing with a decentralized crypto-currency.”

4.2 Conclusion
This chapter was used to present and analyse and interpret the data collected from the field.
Quantitative and qualitative data analysis were used. Effort was made to make the analysis easy
to understand and interpret by means of graphs and tables (Visualization). The next chapter
will highlight the findings of the research, conclusions drawn from the analysis and the
recommendations from research findings will be provided.

71
CHAPTER 5
RECOMMENDATIONS AND CONCLUSION

5.0 Introduction
This chapter, summarises the whole study, research findings, draw some conclusions from the
findings, thereby trying to answer objectives. The researcher concluded coming up with
recommendations basing on the findings of this research.

5.1 Summary of the findings

This research study was motivated by the effects of security and privacy over the influence it
possessed to user and possibly potential users. The goal of this research was to answer the
research questions provided in chapter 2 in order to understand how users interact with the
Bitcoin ecosystem. The research focused on user experiences with Bitcoin security and privacy,
and he gathered useful insights.

5.1.1 Research question 2: How do participants manage their Bitcoins and what are
participants’ current practices and how do they deal with security, privacy and
anonymity?
Regarding Bitcoin management tools and practices to answer this question, we found that two
of the most widely used CMTs were web-hosted solutions that obviate the need for users to
deal with key management and backups. Our results show that our participants had clear
preferences regarding their choice of CMT. In contrary, this is not the case for Bitcoin
exchanges. Our data shows that the Bitcoin exchanges chosen by our participants were almost
evenly distributed. Even though our data reveals a clear tendency towards webhosted solutions,
these CMTs do not host the majority of our participants’ bitcoins. According to our
participants’ self-reported data, the highest amount of accumulated bitcoins is hosted in
Armory. At the time of writing, if used correctly, Armory is one of the most secure solutions.

For the two most widely used web-hosted CMTs, about a third of our participants are unaware
of whether their wallet is encrypted or backed up. In such a scenario, users shift responsibilities
to a third party. Even though this seems to be a convenient and usable solution for non-expert
users, it implies that the user trusts these third parties to take care of their security. About 50%
of web client users indicated to use an additional local client to store their virtual assets.
According to our results, users that have a higher number of bitcoins do not necessarily back
up their wallets more often. Also, Mycelium

72
Users back up their wallets more often than others. Hence we conclude that backup motivation
and respectively fatigue depend highly on usability and not on the number of coins.

5.1.2 Research question 4: What security breaches have affected users and how did they
recover their

Bitcoin keys and bitcoins

As the answer to this question indicates, participants have already lost money to malicious
hosted-wallet providers. Also, our participants perceived vulnerabilities in hosted wallets as
the second highest among our risk scenarios. Some participants from our qualitative interviews
said that they would recommend inexperienced users to start with a hosted wallet due to the
usability benefits as for most other solutions users are required to have at least a basic
understanding of the underlying basics of Bitcoin and the Blockchain. Bitcoin is a
pseudonymous system, whereas a wide-spread myth says that it is per-se anonymous. More
than a third of our participants still believe in this myth and reported that they think that Bitcoin
is fully anonymous. About half of our participants are aware that Bitcoin is not per-se
anonymous, but that it can be used anonymously.

Regarding anonymity measures, many users reported to use Bitcoin over Tor, which in fact
creates an attack vector for deterministic and stealthy MITM attacks.

5.1.3 Research question 5: What are the main usability challenges that users have to
deal with when using Bitcoin?
Our results also suggest that our participants trust the cryptography behind Bitcoin and are
aware of risks according to value fluctuation and software vulnerabilities. Poor usability and
the lack of knowledge are major contributors to security failures. Almost a fourth of our
participants indicated that they had already lost bitcoins or Bitcoin keys at least once.

To our surprise, almost half of those who lost bitcoins due to a self-induced error which
indicates that state of the art CMTs are sometimes still difficult to use or require users to
manually take care of security tasks, such as backups and encryption.

5.1.4 Research question 1: What are the main usage scenarios of Bitcoin?
Our results also indicate that the Bitcoin ecosystem is mostly utilized for tipping and donations
as well as acquiring digital goods, but to some extend also for criminal activity and adventurous
gambling. This has given the researcher the conclusion that people use Bitcoins where they
feel that if their information or identity is discovered, they will be compromised for example

73
buying drugs. Another conclusion from the results we got is that today, there many E-
commerce website that transact on line and what they do we our personal information has led
others not to trust E-commerce sites with your personal information especially your credit card
information. So they end up using Bitcoins that use a once of address every time you transact.

5.2 Significances of findings

The research was significant enough to be used by other authors for their publication and also
for being used to make Bitcoin a better currency so as to have more people have trust in it and
thereby using the cryptocurrency. The significance of the research come in the fact that its user
who make Bitcoin a better currency and for them to use it, they want security and guarantee
that their Bitcoins are safe and that in case they are lost, they can be recoverable. Lastly, people
do not like using complicated processes to keep their investments safe that why we looked at
challenges associated with usability and how they manage security risks associated. So in order
to create or design a better way of key management and usability, we first have to know
challenges they are currently facing in order to rectify them.

5.3 Conclusion
In this work we presented the user study to examine how users interact with the Bitcoin
ecosystem in terms of security and privacy. We conducted an online questionnaire with 36
Bitcoin users and qualitative interviews with a subset of 7 participants. Furthermore, we
introduced the term Coin Management Tools (CMTs) to describe tools that let users manage
their virtual assets (keys) and interact with the Bitcoin network. We found that managing
bitcoins is still a major challenge for many users, as many of them do not apply sufficient
security measures such as encryption and backups. We found that many participants were not
even aware of security features provided by their used CMT. Two of the most widely used
CMTs among our participants were webhosted solutions. About half of their users reported to
use such solutions exclusively, while the other half also used local clients. Even though web
clients ought to be a usable and convenient solution, they require a certain level of trust and
shift the responsibilities of encryption and managing backups to a third party. We also found
that 22.5% of our participants have already experienced security breaches and lost bitcoins.
About half of them mentioned a self-induced error as the reason, which highlights that users
find it still difficult to manage their bitcoins in a secure way.

We believe that our insights and suggestions are an important first step towards improving the
usability of Bitcoin security. In order to guarantee secure interactions with the Bitcoin
ecosystem to both expert and non-expert users, we must re-think the concept of Bitcoin
74
management, since it is more than just the secure handling of secret keys. Bitcoin is a
decentralized system where the interactions between peers and the propagation and verification
of messages and data is important. If this aspect is ignored, Bitcoin would just consist of signed
numbers without value.

5.4 Recommendations

5.4.1 Recommendations from the research findings

This research has brought about the following recommendations to find ways of making
Bitcoins recoverable just in case someone loses them. This came to be after carrying out the
research and finding that most people were faced with problems of losing their wallets and
not being able to recover them.

This research has thrown up an issue of CMT usability so the recommendation from this
research is that there should be a standard CMT design so that people can be taught how to
use them and in case they switch to another CMT, they will still be able to use the next CMT
without any hustles.

Lastly, the findings has concluded that people do not really fully understand the concept of
Bitcoins, because during the interviews, some thought that Bitcoins were anonymous, they
were confusing it with the term that Bitcoins can be used anonymously. So a simpler paper
can be written to explain what Bitcoin is to a simple man without useless jargon.

5.4.2 Recommendations for further work

This paper has attempted to provide an overview of some key dynamics areas of security
and usability within Bitcoin and how users perceive them. The technology is still new, but it
is apparent that there are potentially empowering uses of it in certain contexts. Nevertheless,
while the community around this technology is enthusiastic and experimental, it is still prone
towards the elitist, tech-centric outlook of disruptive technology start-up cultures. One
Blockchain does not fit all.

A good starting point would be to build new research into the following.

1. The ongoing development and deepening of global Bitcoin markets, tracing to what extent
those in developing country contexts are actually adopting it. There is a definite need for
baseline studies of usage, against which future changes can be measured.

75
2. The challenges and potentials for the Bitcoin system’s usage from a financial inclusion
perspective. This includes its use as a remittance system and as an alternative bank account.
This can be complemented with studies on the extent to which Blockchain-based property
title systems (such as land registries), have the potential to open up normal bank financing
to people who otherwise cannot get access to credit from financial institutions.

3. The extent to which Bitcoin as a currency system could interact in the future with
Blockchain 2.0 smart-contract technology to create collectively-run and also how they can
be made to interact, that is cryptocurrencies as a whole.

76
REFERENCES
1) Aliaga and Gunderson (2005) ‘Interactive Statistics ‘3rd Edition
2) W. Baur, J. B¨uhler, M. Bick, and C. S. Bonorden. Cryptocurrencies as a disruption?
Empirical findings on user adoption and future potential of bitcoin and co. In Open and
Big Data Management and Innovation, pages 63–80. Springer, 2015.
3) Cooper, D.R. & Schindler, P.S. (2003) Business research methods (8th ed.).Boston:
McGraw-Hill.
4) Creswell J.W (2009) Research design: Qualitative, Quantitative and mixed methods
approaches, Los Angeles, Sage.
5) Carl Weathers (2016) https://disqus.com/by/disqus_BgLaXgudnZ (Visited on
3/5/2017).
6) cgminer. https://github.com/ckolivas/ cgminer. (Visited on 12/13/2014).
7) Crypto-currency market capitalizations. http:// coinmarketcap.com/. (Visited on
12/13/2014).
8) Intel sha extensions | intel developer zone. https://software.intel.com/en-us/
articles/intel-sha-extensions. (Visited on 12/13/2014).
9) Elli Androulaki, GhassanO. Karame, Marc Roeschlin, Tobias Scherer, and Srdjan
Capkun. Evaluating user privacy in bitcoin. In Ahmad- Reza Sadeghi, editor, Financial
Cryptography and Data Security, volume 7859 of Lecture Notes in Computer Science,
pages 34{51. Springer Berlin Heidelberg, 2013.
10) Ittay Eyal and Emin G•un Sirer. Majority is not enough: Bitcoin mining is vulnerable.
CoRR, abs/1311.0243, 2013.
11) Reuben Grinberg. Bitcoin: An innovative alternative digital currency. Hastings Science
& Technology Law Journal, 4:160, 2011.
12) Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geo Lowney,
Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. Pin: Building customized
program analysis
13) tools with dynamic instrumentation. In Proceedings of the 2005 ACM SIGPLAN
Conference on Program-ming Language Design and Implementation, PLDI '05, pages
190{200, New York, NY, USA, 2005. ACM.
14) Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. May 2009,
Bitcoin.org

77
15) Meni Rosenfeld. Analysis of bitcoin pooled mining reward systems. CoRR,
abs/1112.4980, 2011
16) Villasenor, J., Monk, C., & Bronk, C. (2011). Shadowy Figures: Tracking Illicit
Financial Transactions in the Murky World of Digital Currencies, Peer-to-peer
Networks, and Mobile Device Payments. Brookings Institution. Retrieved from
http://bakerinstitute.org/media/files/Research/d9048418/ITP-pub-
FinancialTransactions 082911.pdf.
17) Brito J., & Castillo, A. (2013). Bitcoin: A Primer for Policymakers.
18) Retrieved from
http://mercatus.org/sites/default/files/Brito_BitcoinPrimer_embargoed.pdf.
19) 12 N. Hajdarbegovic, “Warren Buffett: Bitcoin is Not a Currency”, [online] 2014,
http://www.coindesk.com/warren-buffet-bitcoincurrency/ (Accessed: 6 April 2017)
20) https://www.tutorialspoint.com/e_commerce/e_commerce_tutorial.pdf(Accessed: 6
April 2017)
21) Matonis, J. (1995, April). Digital cash and monetary freedom. Institute for Monetary
Freedom. Retrieved from http://libertarian.co.uk/lapubs/econn/econn063.pdf.
22) M. Hovestadt, N. Lerch, H. Nitsche, and K. Voss. First steps of a monitoring framework
to empower risk assessment on grids. Kracow Grid Workshop, 2006.
23) "Statement of Jennifer Shasky Calvery, Director Financial Crimes Enforcement
Network United States Department of the Treasury Before the United States Senate
Committee on Banking, Housing, and Urban Affairs Subcommittee on National
Security and International Trade and Finance Subcommittee on Economic Policy"
(PDF). fincen.gov. Financial Crimes Enforcement Network. 19 November 2013.
Retrieved 1 March 2017.
24) Carr, I., ‘Anonymity, the internet and criminal law issues’, in C. Nicoll, J.E.J.Prins,
.J.M. van Dellen (Eds). Digital Anonymity and the Law, The Hague: T M C Asser
Press, pp. 197-206 (2003).
25) http://www.movable-type.co.uk/scripts/sha256.html
26) Mastering Bitcoin by Andreas M. Antonopoulos Unlocking Digital crypto-currencies
Copyright © 2010 Andreas M. Antonopoulos LLC.
27) Introduction to Bitcoin Mining A Guide For Gamers, Geeks, and Everyone Else By
David R. Sterry 2012

78
28) D. Bayer, S. Haber, W.S. Stornetta, "Improving the efficiency and reliability of digital
time-stamping,"
29) El Khyari Yasmine and Reis Benjamin New attacks on Bitcoin (2012)
30) S. Eskandari, D. Barrera, E. Stobert, and J. Clark. A first look at the usability of bitcoin
key management. In Workshop on Usable Security (USEC), 2015.
31) Wharton, J. Rieman, C. Lewis, and P. Polson. The cognitive walkthrough method: A
practitioner’s guide. In Usability inspection methods, pages 105–140. John Wiley &
Sons, Inc., 1994.
32) T. Moore and N. Christin. Beware the middleman: Empirical analysis of bitcoin-
exchange risk. In Financial Cryptography and Data Security, pages 25–33. Springer,
2013.
33) S. L. Garfinkel and R. C. Miller. Johnny 2: a user test of key continuity management
with s/mime and outlook express. In Proceedings of the 2005 symposium on Usable
privacy and security, pages 13–24. ACM, 2005.
34) S. Eskandari, D. Barrera, E. Stobert, and J. Clark. A first look at the usability of bitcoin
key
35) management. In Workshop on Usable Security (USEC), 2015.
36) Wharton, J. Rieman, C. Lewis, and P. Polson. The cognitive walkthrough method: A
37) practitioner’s guide. In Usability inspection methods, pages 105–140. John Wiley &
Sons,
38) Inc., 1994.
39) T. Moore and N. Christin. Beware the middleman: Empirical analysis of bitcoin-
exchange risks. In Financial Cryptography and Data Security, pages 25–33. Springer,
2013.
40) W. Baur, J. B¨uhler, M. Bick, and C. S. Bonorden. Cryptocurrencies as a disruption?
empirical findings on user adoption and future potential of bitcoin and co. In Open and
Big Data Management and Innovation, pages 63–80. Springer, 2015.
41) Baley (1982). Research Methods in Education. Routledge.London.
42) Leeds, S (1997) Research in Education. McMillan, London.
43) Nathan Binkert, Bradford Beckmann, Gabriel Black, Steven K. Reinhardt, Ali Saidi,
Arkaprava Basu, Joel Hestness, Derek R. Hower, Tushar Krishna, Somayeh Sardashti,
Rathijit Sen, Korey Sewell, Muhammad Shoaib, Nilay Vaish, Mark D. Hill, and David

79
 A. Wood. The gem5 simulator. SIGARCH Comput. Archit. News, 39(2):1{7, August
2011.

44) Babbie E.R (2005) The basics of social research, 3rd edition, Wadsworth.
45) Bekhet et al (2012) Methodology triangulation: An approach to understanding data,
Marquette University College of Nursing, Milwaukee, Wisconsin, USA.
46) Bryman, A. & Bell, E. (2007) Planning a research project and formulating research
questions. In: Business Research Methods. New York. Oxford University Press.
47) Bryman, A. & Bell, E. (2007) Business research strategies. In: Business Research
Methods. New York. Oxford University Press.
48) Grinell R.M (1993) Social work research and evaluation, Peacock Publishers.7
49) Kothari, C.R. (1985) Research Methodology—Methods and Techniques. Wiley Eastern
Limited, New Delhi.
50) Leedy P.D, Newby T.J and Ertmel P.A (1997) Practical research: Planning and
Design, 9th Edition, Prentice Hall.
51) Nachmias, R., Mioduser, D., & Chen, D. A cognitive –Curricular Model for teaching
computer programming to children. WCCE/85 World conference of computers in
Education, Virginia 1985.
52) Neuman L (2005) Social research methods: Quantitative and Qualitative Approaches,
1st Edition, Pearson.
53) Raj. D (1968) Sampling theory, McGraw-Hill Book Company, New York
54) Sekaran, U. And Boogie, R. (2010). Research methods for business, a skill building
approach”, New York NY. Willey.
55) Sha-2 - wikipedia, the free encyclopedia. http: //en.wikipedia.org/wiki/SHA-2. (Visited
on 12/13/2014).

80
QUESTIONNAIRE

GREAT ZIMBABWE UNIVERSITY

Online QUESTIONNAIRE

My name is Simbarashe Raymond Mudukuti a student at Great Zimbabwe University, doing

Bachelor of Commerce Honours Degree in Information Systems. I am undertaking a Research
Project titled: Security and Privacy in Cryptocurrencies a Case Study of Bitcoin and its
Users

For this cause I am carrying out data collection on the subject mentioned by way of this online
questionnaire. Information collected form you will be used strictly for academic purposes only.
Your responses will not be released to anyone and they will be regarded as confidential.

………….......... Date…………….
The Researcher (Simbarashe Raymond Mudukuti)

B Interview Questions

81
Questions with answer options as ”( )” are multiple choice checkboxes whereas answer

possibilities marked alphabetical e.g. ”a)” are single selections.

B.1 BTC Demographics

Q1 Please input which year you started using Bitcoin:

a) 2009 b) 2010 c) 2011 d) 2012 e) 2013 f) 2014 g) 2015

Q2 Select which main features are responsible for you using Bitcoin (multiple selections

possible):

( ) The opportunity of financial gain

( ) Curiosity

( ) Anonymous nature

( ) Decentralized nature

( ) A friend/colleague suggested to me to start using Bitcoin

( ) The possibility to internationally transfer money with relatively low fee

( ) The possibility to accept bitcoins for my services or for my products

( ) Other:

Q3 What is the estimated sum of bitcoins you are holding?

a) I hold approximately b) I do not want to specify

Q4 Please provide what services or products you pay for with bitcoins (multiple selections

possible):

( ) Bars, restaurants

82
( ) Bitcoin gift cards

( ) Donations, tipping

( ) Drugs

( ) Gambling sites

( ) Hotels, travel

( ) Online marketplaces and auctions

( ) Online shopping (Newegg, ...)

( ) Altcoin (e.g. Litecoin, ...)

( ) Physical stores that accept bitcoins

( ) Underground marketplaces

( ) Virtual goods (webhosting, online newspapers, ...)

( ) Medium for currency exchange

( ) Other:

Q5 What do you think are the most likely risks associated with Bitcoin?

Q6 Please select the crypto currencies you are holding or using besides Bitcoin (multiple

selections possible):

( ) I do not use other crypto currencies

( ) BanxShares

( ) BitShares

( ) BlackCoin

( ) Bytecoin

( ) Counterparty

83
( ) Dash

( ) Dogecoin

( ) Litecoin

( ) MaidSafeCoin

( ) MonaCoin

( ) Monero

( ) Namecoin

( ) Nxt

( ) Peercoin

( ) Primecoin

( ) Ripple

( ) Startcoin

( ) Stellar

( ) SuperNET

( ) Vertcoin

( ) YbCoin

( ) Other

Q7 Select the Bitcoin exchanges you have used in the past or you are using on regularly

(multiple selections possible):

( ) None

( ) BanxIO

( ) Bitcoin Exchange Thailand

( ) Bittrex

84
( ) Bitcoin Indonesia

( ) bitcoin.de

( ) Bitfinex

( ) Bitstamp

( ) BitX South Africa

( ) BTC-e

( ) BTC38

( ) BTCChina

( ) CCEDK

( ) Cryptsy

( ) Gatecoin

( ) hibtc

( ) Kraken

( ) Mt. Gox

( ) OKCoin

( ) Poloniex

( ) QuadrigaCX

( ) The Rock Trading

( ) VirWox

( ) Other:

Q8 What do you think are the greatest benefits of Bitcoin?

Q9 How often do you perform Bitcoin transactions?

85
a) At least once a day b) At least once a week c) At least once a month d) At least

once every six months e) At least once a year f) Less than once a year

B.2 BTC Wallets

Q10 Please tick which wallets you are ¡b¿currently¡/b¿ using (multiple selections possible):

( ) Airbitz

( ) Armory

( ) Bitcoin Core

( ) Bitcoin Wallet (Schildbach Wallet)

( ) BitGo

( ) Bither

( ) breadwallet

( ) Circle

( ) Coinapult

( ) Coinbase

( ) Coinkite

( ) Coinomi

( ) Electrum

( ) Green Address

( ) Hive

( ) Ledger Nano

( ) mSIGNA

( ) MultiBit

( ) Mycelium

86
( ) Ninki

( ) TREZOR

( ) Xapo

( ) Not in list

Q11 Why did you choose to use multiple wallets to manage your bitcoins?

B.3 Wallet Usage

For every selected wallet in Q10 we asked the following questions.

Q12 Why did you choose wallet - name to manage your Bitcoins?

Q13 How many bitcoins do you have approximately in this wallet?

a) I hold approximately _____(specify) bitcoins. b) I do not want to specify

Q14 Is this wallet password protected?

a) Yes b) No c) I do not care d) I do not know

Q15 Is this wallet encrypted?

a) Yes b) No c) I do not care d) I do not know

Q16 Is this wallet backed up?

a) Yes b) No c) I do not know

B.4 BTC Mining

Q17 Are you currently mining bitcoins?

87
 a) Yes, since b) No, but I have mined from-to c) No, I have never mined bitcoins

Q18 How many bitcoins have you mined in total?

a) I mined approximately b) I do not want to specify

Q19 Do you or have you participated in mining pools?

a) Yes b) No

Q20 Please tick the names of the mining pools you have or are participating in (multiple

Mentions possible):

( ) 21 Inc.

( ) AntPool

( ) Bitcoin Affiliate Network

( ) BitFury

( ) BitMinter

( ) Bitsolo

( ) BTCChina Pool

( ) BTC Guild

( ) BTC Nuggets

( ) BW.COM

( ) EclipseMC

( ) Eligius

( ) F2Pool

( ) GHash.IO

( ) Kano CKPool

88
( ) KnCMiner

( ) MegaBigPower

( ) P2Pool

( ) Slush

( ) Telco 214

( ) Other:

B.6 BTC Security Risks

Q23 How would you estimate the risk of monetary loss for Bitcoin compared to credit

cards?

(7 Point Likert-Scale from ”High” to ”Low”)

Q24 How high do you think is the risk of becoming a victim of a successful double

spending attack?

(7 Point Likert-Scale from ”High” to ”Low”)

Q25 How high or low would you estimate the risk for malware that steals your Bitcoins?

(7 Point Likert-Scale from ”High” to ”Low”)

Q26 How would you estimate the risk of monetary theft in case the device with your

wallet gets lost or stolen?

(7 Point Likert-Scale from ”High” to ”Low”)

Q27 How would you estimate the risk of de-anonymization?

89
(7 Point Likert-Scale from ”High” to ”Low”)

Q28 How high do you think the risk of cryptographic flaws is?

(7 Point Likert-Scale from ”High” to ”Low”)

Q29 How high do you think is the risk of security vulnerabilities in hosted/web wallets

or Exchange services?

(7 Point Likert-Scale from ”High” to ”Low”)

Q30 How high do you think is the risk of key loss due to a device failure?

(7 Point Likert-Scale from ”High” to ”Low”)

Q31 How high do you think is the risk that the Bitcoin network is temporarily not

available?

(7 Point Likert-Scale from ”High” to ”Low”)

Q32 How high do you think is the risk of a centralization of mining?

(7 Point Likert-Scale from ”High” to ”Low”)

Q33 How high do you think is the risk of a strong fluctuation in the Bitcoin exchange

rate (e.g. BTC to USD and vice versa)?

(7 Point Likert-Scale from ”High” to ”Low”)

B.7 BTC Anonymity

90
Q34 Do you think that Bitcoin usage is anonymous?

a) Yes, Bitcoin is fully anonymous b) No, Bitcoin is not anonymous c) Not per se,

but it can be used in an annonymouse manner

Q35 Do you think it is possible to follow your transactions?

a) Yes b) No

Q36 Have you ever used Bitcoin over Tor title=”Tor is free software and an open Network that
helps you defend against traffic analysis, a form of network surveillance that threatens personal
freedom and privacy, confidential business activities and relationships, and state security. More
info at www.torproject.org”

a) Yes b) No

Q37 Do you take additional steps to ensure your privacy using Bitcoin?

a) Yes b) No

B.8 BTC Security Breaches

Q38 Have you ever lost your bitcoins or Bitcoin keys?

a) Yes b) No

Q39 Please select the reason for your key/Bitcoin loss (multiple selections possible):

( ) Hardware failure (e.g. hard drive broke, etc)

( ) Software failure (e.g. keyfile corruption, etc)

( ) Self induced event (e.g. hard drive formatted, physical device lost, etc)

( ) Malicious event (e.g. malware, hacker, etc)

( ) Other

91
Q40 Have you been able to recover your keys?

a) Yes, b) No,

Q41 How many bitcoins did you loose due to this incident?

a) bitcoins b) I do not want to specify

Q42 Please select the security incidents you have been affected by (multiple selections

possible):

( ) None

( ) Mt. Gox incident

( ) Silk Road bust

( ) inputs.io hack

( ) Pony botnet malware

( ) Pyramid schemes / HYIPS (High yield investment programs)

( ) Mining hardware scams (Labcoin, Active Mining Corporation, Ice Drill,

AsicMiningEquipment.

com Dragon-Miner.com, ...)

( ) Mining pool scams

( ) Scam wallets

( ) Bitcoin exchange scam

( ) Other:

Q43 How did you deal with the incident?

92
Q44 What was the approximate value of your lost bitcoins in USD?

a) USD b) I do not want to specify c) I do not know

B.9 Demographics

Q45 Please provide your age:

Q45 Please provide your gender:

a) Female b) Male c) Do not want to specify

Q46 Please select your highest completed level of education:

a) High School b) College/Diploma) c) Bachelor’s

Degree e) Master’s Degree f) Not Sure

Q47 Do you work or study in a computer science related field?

a) Yes b) No

93