z1235
VIP Member
z1235
VIP Member
Joined: December 16th, 2012, 3:47 pm

July 6th, 2016, 10:45 am #21

SmilingDave wrote:The only reason anyone wants a bitcoin is because someone else wants it.

But it is also true of the Chinese, who see it as a way of hiding their money from the govt, or the Brits who assume it will not drop in price as badly as the pound. In other words, they are buying it because they plan to someday pass it on to the other guy.

The only thing to do with a bitcoin, ultimately, is to pass it on to the other guy. Which means that by buying a bitcoin you are making a huge assumption, that someone else will always be out there wanting it.
Yes, that's what money is and what it's supposed to do.
In short, we have the classical recipe for a bubble waiting to burst. Everyone talking about it? Check.
7 billion people are definitely NOT talking about it. No articles (or god forbid, cover pages) in WSJ, Bloomberg, or NY Times explaining how owning BTC is a no-lose no-brainer. Not even close. Maybe at $50k or $100k/btc.
Whoever buys it does it as a speculation? Check.
As is true with every asset in your portfolio, including gold and USD.
No earthly use for the thing per se? Check.
Not true, as I've repeatedly shown you the utility people derive from btc and even you mention it in your posts (Brexit, China, Greece, Venezuela, now Uber in Argentina using BTC to circumvent regulation there) -- and you repeatedly fail to respond and keep repeating how this utility is non-existent.
Wishing you great wealth, and Z too, for that matter,
No need to be so dramatic. No one is suggesting that you put your whole net worth into btc, just like no one is suggesting to do the same with gold or any other asset. A 1-10% allocation depending on your existing portfolio, your age and/or your potential for future earnings would not kill you if you're wrong and could provide a great hedge and upside if you're right. Diversification is a powerful antidote to the conceit of knowledge. It would be plain stupid not to use it.
Last edited by z1235 on July 6th, 2016, 1:45 pm, edited 1 time in total.
Quote
Like
Share

mik06
VIP Member
mik06
VIP Member
Joined: July 6th, 2016, 12:41 pm

July 6th, 2016, 12:45 pm #22

Dave, why do you insist there is no use for Bitcoin?

Bitcoin right now can do proofs of existence, in 1 year it will do smart contracts and micropayments, in 2 years will accept financial assets and in 3 years it will have sidechains.

there is so much usefulness that it will became a global currency relatively soon


whoever buys now will make x1000 on his investment in 2 decades
Quote
Like
Share

Joined: January 4th, 2013, 9:33 am

July 6th, 2016, 2:01 pm #23

I'm interested in it for the same reasons I take an interest in gold, silver, and to a lesser extent, cash. I want a portion of my portfolio to be devoted to quasi-money assets as insurance. Not so much for the speculative upside potential.
Quote
Like
Share

z1235
VIP Member
z1235
VIP Member
Joined: December 16th, 2012, 3:47 pm

July 7th, 2016, 4:20 pm #24

Not implying anything -- just a piece of data. This is what happened around the last bitcoin block reward halving...

Quote
Like
Share

z1235
VIP Member
z1235
VIP Member
Joined: December 16th, 2012, 3:47 pm

July 7th, 2016, 6:27 pm #25

Jon Irenicus wrote:I'm interested in it for the same reasons I take an interest in gold, silver, and to a lesser extent, cash. I want a portion of my portfolio to be devoted to quasi-money assets as insurance. Not so much for the speculative upside potential.
Nothing is certain/safe in this world. Diversification is insurance, even if implemented with "speculative" instruments. Here are BTC's recent correlations with other assets:

Quote
Like
Share

Joined: December 12th, 2012, 11:32 pm

July 9th, 2016, 12:38 pm #26

I think I solved the "what happens after we have 21M Bitcoins?" problem. Yes, it's a real, long-known problem.

First, the problem. After 21M Bitcoins have been mined, there will be no new blocks awarded. The blockchain will consist solely of distributed edits (appends) to the original 21 million blocks mined during Bitcoin's expansion-phase. During the current expansion-phase, miners are fighting for those new blocks because each newly mined block is worth (as of this writing) more than $16,000 (and will drop to $8,000 within an hour of my posting this). The hash-difficulty is calibrated so that a new block is mined approximately once every 10 minutes - that means that the network is paying out over $2M dollars per day to miners to keep them locked into a hashrate race against each other.

Now, here's where the problem comes in. After the 21M blocks have been mined, the idea is that miners will "magically" start fighting over transaction fees instead of over finding new blocks. But there is an inherent conflict between transaction fees and miner hashrate-race security - users want transaction fees to be as low as possible but the network security needs the hashrate to be high enough that no one actor can suddenly hijack the blockchain by swamping the network with overwhelming compute power (overwhelming hashrate). This means that the network cannot afford to have the hashrate "move up and down with the market", which is what tying the hashrate to transaction fees implies - lower network traffic means lower transaction fees means lower hashrate. But lower hashrate is just a security hole, it's just an opening to attack the network and hijack the blockchain (let's call this the "sleeping giant problem"). But if you price-fix the transaction-fees (to keep the hashrate race up), then the Bitcoin currency becomes a victim of the problems plaguing any price-fixing mechanism - surpluses and shortages caused by the currency's non-response to outside market forces (price fluctuations in other currencies and goods).

My thought is to set up a lottery system that will "taper in" as the old block mining begins to taper out. The way it works is this. A lottery is held to select Bitcoin blocks at random to be swept into a pot. (There are protocols for multiple agents to generate random numbers in such a way that every agent can be certain that the numbers finally generated are, in fact, random.) The amount of Bitcoin swept from any one user is minuscule, far smaller than a typical transaction fee. Now, the miners are racing to win the pot. How to divvy up or pool the pot I am ignoring as implementation details, but it should be comparable to the currently-working system, i.e. hash-difficulty calibrated to maintain regularized block payouts (say, once every ten minutes), and so on. Adjustments to the pot size (that is, mining payout) are made on the basis of security considerations alone, without regard to fluctuations in demand for Bitcoin or even network transaction loads; if a new compute technology (say, Quantum Computing) is just starting to become viable, you crank up the mining payout to secure the network against the tail-risk that a sleeping giant tries to build a doomsday hashing farm to swamp the network and hijack the blockchain.

The only disadvantage of this approach is that money that is stored long-term in Bitcoin will slowly taper down in nominal value. For example, you may purchase 5 BTC and, after 6 months, it may go down to 4.9998 BTC, or whatever, as a result of occasionally being hit by the mining lottery (due to randomization, this rate would actually be fairly predictable and could be calculated as an implicit storage-fee). The advantages are:

- You keep the same basic mining incentive structure that is currently in place, is well-understood and has been proven to work
- You do not "punish transactors" in order to "protect storers" - after all, both transactors and storers are demanding network security
- Network security does not hinge on demand for Bitcoin and does not fluctuate with transaction fees
- As a corollary to the last point, you keep the "sleeping giant problem" solved - it's always more profitable for a massive computational powerhouse to simply join the network and win pots by mining for them than it is to try to "outvote" the network to hijack the blockchain
Proverbs 26:4
Quote
Like
Share

AndrisBirkmanis
VIP Member
Joined: December 16th, 2012, 3:53 pm

July 10th, 2016, 2:11 am #27

So you suggest to replace monetary inflation with taxes ;)
Ye who walks with the Path of Bacon shall be blessed with more. Ye who follows the Way of the Tie shall be doomed to be dressed.
Quote
Like
Share

Joined: December 12th, 2012, 11:32 pm

July 10th, 2016, 9:16 am #28

AndrisBirkmanis wrote:So you suggest to replace monetary inflation with taxes ;)
Yes, but it is the ideal tax, IMO, because it does not remap economic incentives. There is a real economic cost to keeping the network secure that is above and beyond the mere cryptographic security of a given Bitcoin token - if you cannot reliably identify the real blockchain and you cannot reliably differentiate honest network agents from dishonest ones, your token is worthless, even though no one can "crack" it. Thus, it only makes sense that there should be a small, recurrent cost to holding a Bitcoin.
Proverbs 26:4
Quote
Like
Share

onebornfree
VIP Member
Joined: May 20th, 2013, 8:30 am

July 10th, 2016, 11:27 am #29

Clayton wrote: Yes, but it is the ideal tax,
An "ideal" tax. Hmm.. now where have I heard that line before? 8-)

Regards, onebornfree.
Onebornfree's Financial Safety Services: http://onebornfreesfinancialsafetyreports.blogspot.com/

Onebornfree's Special Scam Alerts: http://onebornfree-mythbusters.blogspot.com/

Personal Freedom Consulting: "The Problem Solver: http://onebornfree.blogspot.com/

Onebornfree's 9/11 Research Review :http://onebornfrees911researchreview.blogspot.com/
Quote
Like
Share

AndrisBirkmanis
VIP Member
Joined: December 16th, 2012, 3:53 pm

July 10th, 2016, 11:44 am #30

Is randomness crucial? Why not just decay all extant Bitcoins uniformly?
Ye who walks with the Path of Bacon shall be blessed with more. Ye who follows the Way of the Tie shall be doomed to be dressed.
Quote
Like
Share

onebornfree
VIP Member
Joined: May 20th, 2013, 8:30 am

July 10th, 2016, 11:45 am #31

Jon Irenicus wrote:I'm interested in it for the same reasons I take an interest in gold, silver, and to a lesser extent, cash. I want a portion of my portfolio to be devoted to quasi-money assets as insurance. Not so much for the speculative upside potential.
The savings plan I use keeps 25% of the total permanently allocated in "cash" equivalents [specifically near-cash, fully liquid 90 day t-bills]. The same idea can be readily adapted to suit almost any currency.

For example, under the same concept, a UK resident would then permanently hold 25% of total savings in the shortest term, fully liquid UK equivalent of U.S 90 day T-bills.

[In my "warped" opinion, bitcoin and similar should only be used for speculations, that is, bought and sold strictly with money that the speculator can realistically afford to lose, whereas the 25% held in short term government securities briefly discussed above would be primarily bought/held using money that the individual _cannot_ afford to lose, as part of their long term savings plan, although, if the individual believed that those short term securities could profit in the near future, they might then buy even more of them, _but_, to do that, they would then only use money they could afford to lose to make that new speculation, so as not to disrupt the 25% still held as part of their long term plan.]

Regards, onebornfree
Onebornfree's Financial Safety Services: http://onebornfreesfinancialsafetyreports.blogspot.com/

Onebornfree's Special Scam Alerts: http://onebornfree-mythbusters.blogspot.com/

Personal Freedom Consulting: "The Problem Solver: http://onebornfree.blogspot.com/

Onebornfree's 9/11 Research Review :http://onebornfrees911researchreview.blogspot.com/
Quote
Like
Share

z1235
VIP Member
z1235
VIP Member
Joined: December 16th, 2012, 3:47 pm

July 10th, 2016, 11:47 am #32

Good idea, Clayton. Interesting how/why Satoshi didn't think this would be a problem while designing the system. Or maybe he did?
Clayton wrote: First, the problem. After 21M Bitcoins have been mined, there will be no new blocks awarded. The blockchain will consist solely of distributed edits (appends) to the original 21 million blocks mined during Bitcoin's expansion-phase.
Just to clarify some language you used. Blocks are comprised of BTC transactions and there's no limit for how many of them can be added to the blockchain. New BTC is what's currently awarded to the miners (not blocks).
Now, here's where the problem comes in. After the 21M blocks have been mined, the idea is that miners will "magically" start fighting over transaction fees instead of over finding new blocks.
Again, 21M blocks (of transactions) is not a limit. 21M BTC is.
But there is an inherent conflict between transaction fees and miner hashrate-race security - users want transaction fees to be as low as possible but the network security needs the hashrate to be high enough that no one actor can suddenly hijack the blockchain by swamping the network with overwhelming compute power (overwhelming hashrate). This means that the network cannot afford to have the hashrate "move up and down with the market", which is what tying the hashrate to transaction fees implies - lower network traffic means lower transaction fees means lower hashrate.
I don't get this. So if there were zero transactions -- like, everyone happy with their BTC right where they are -- for half an hour, then it would cost ZERO btc (or $, or computing power) to "take over" the blockchain? How would this happen, exactly?
But lower hashrate is just a security hole, it's just an opening to attack the network and hijack the blockchain (let's call this the "sleeping giant problem"). But if you price-fix the transaction-fees (to keep the hashrate race up), then the Bitcoin currency becomes a victim of the problems plaguing any price-fixing mechanism - surpluses and shortages caused by the currency's non-response to outside market forces (price fluctuations in other currencies and goods).
How are transaction fees calculated today? (They are non-zero, even though there's also new BTC being awarded to miners.)
My thought is to set up a lottery system that will "taper in" as the old block mining begins to taper out. The way it works is this. A lottery is held to select Bitcoin blocks at random to be swept into a pot. (There are protocols for multiple agents to generate random numbers in such a way that every agent can be certain that the numbers finally generated are, in fact, random.) The amount of Bitcoin swept from any one user is minuscule, far smaller than a typical transaction fee. Now, the miners are racing to win the pot. How to divvy up or pool the pot I am ignoring as implementation details, but it should be comparable to the currently-working system, i.e. hash-difficulty calibrated to maintain regularized block payouts (say, once every ten minutes), and so on. Adjustments to the pot size (that is, mining payout) are made on the basis of security considerations alone, without regard to fluctuations in demand for Bitcoin or even network transaction loads; if a new compute technology (say, Quantum Computing) is just starting to become viable, you crank up the mining payout to secure the network against the tail-risk that a sleeping giant tries to build a doomsday hashing farm to swamp the network and hijack the blockchain.
I think devaluing resting (non-transacted) BTC addresses like this would not be a good idea, and would defeat the advantages of limiting the BTC supply to 21M. As others noticed, you're simply replacing devaluation by inflation with devaluation by taxation. There surely are simpler and fairer ways to make the transactors pay for the cost of their transactions through fees. To me, this would be the only "ideal tax".
- You keep the same basic mining incentive structure that is currently in place, is well-understood and has been proven to work
- You do not "punish transactors" in order to "protect storers" - after all, both transactors and storers are demanding network security
How can a hijacker "steal" someone's stored BTC exactly?
- Network security does not hinge on demand for Bitcoin and does not fluctuate with transaction fees
Are you certain that security of the blockchain, as it currently is, hinges on a certain (required) volume of transactions (i.e. demand)?

I have to admit, I'm not fully convinced on the answers to the above questions myself.
Quote
Like
Share

Joined: December 12th, 2012, 11:32 pm

July 11th, 2016, 12:25 am #33

@z: I'm on my phone, so will reply in full later. I understand how miners are awarded. When I say they are awarded a new block, I mean they are awarded a block of BTC de novo - by construction, this is the only way that new Bitcoin can be created. This is not just a protocol rule, it is built into the crypto - every valid chain in the Blockchain is a cryptographic extension of a block that was originally mined in order to be awarded new Bitcoin. I was wrong to imply there will be 21M chains as there will be far fewer than that. Right now, there are 420,000 chains and these cover all the extant Bitcoins which I think is around 16.5M. In short, there are two distinct usages of the word "block" - one refers to the original block in a chain (and there are many chains in the Blockchain), and one refers to any block in the Blockchain.

Satoshi specifically noted somewhere (I dont remember where) that one goal of Bitcoin is to create an interim solution for digital distributed currency while a more permanent solution is found. I don't think he envisioned Bitcoin per se as the last word and I think he understood that a fundamental change in Bitcoin would have to be made before the 21M limit was reached. There were and are two basic ways to solve the problem - a non-anonymous, validated network or an anonymous network. As long as we choose to keep anonymity (in principle) as a core part of Bitcoin, the Sybil attack will be an ever-present threat. The end of new block mining will fundamentally alter the current system for preventing this attack - keep the miners so busy (collectively) that the Sybil attack is absurdly costly vis-a-vis using the same compute power to simply mine Bitcoin. If you built a compute farm equivalent to 50% of the combined power of all miners as of today, you could earn $1M per day by using it for honest mining (instead of trying to hijack the Blockchain). That means a would-be brute-force attacker must not only have access to government-scale compute power but must also be so single-minded in their pursuit of destroying Bitcoin that they are willing to walk away from $1M per day.

More tomorrow ...
Proverbs 26:4
Quote
Like
Share

Joined: December 12th, 2012, 11:32 pm

July 11th, 2016, 12:41 am #34

AndrisBirkmanis wrote:Is randomness crucial? Why not just decay all extant Bitcoins uniformly?
Because Bitcoins exist in blocks that are highly non-uniform in size. The entire Blockchain would have to be continually crawled in order to sample all the Bitcoins, adding huge costs to mining. By randomly sampling, only a small subset of live blocks would need to be touched at any given time. But I grant that your solution is logically equivalent, it's just a question of technological efficiency.
Proverbs 26:4
Quote
Like
Share

Joined: December 12th, 2012, 11:32 pm

July 11th, 2016, 12:24 pm #35

z1235 wrote:
Now, here's where the problem comes in. After the 21M blocks have been mined, the idea is that miners will "magically" start fighting over transaction fees instead of over finding new blocks.
Again, 21M blocks (of transactions) is not a limit. 21M BTC is.
Correct. I misspoke.
But lower hashrate is just a security hole, it's just an opening to attack the network and hijack the blockchain (let's call this the "sleeping giant problem"). But if you price-fix the transaction-fees (to keep the hashrate race up), then the Bitcoin currency becomes a victim of the problems plaguing any price-fixing mechanism - surpluses and shortages caused by the currency's non-response to outside market forces (price fluctuations in other currencies and goods).
How are transaction fees calculated today? (They are non-zero, even though there's also new BTC being awarded to miners.)
There's a certain amount of hashing required to confirm Bitcoin transactions. The miners perform this hashing in addition to the hashing-search for new blocks and they receive transaction fees for this service. As I understand it, transaction fees are just market rates and can be set on a transaction-by-transaction basis. From the Bitcoin Wiki, "Transaction fees are voluntary on the part of the person making the bitcoin transaction, as the person attempting to make a transaction can include any fee or none at all in the transaction. On the other hand, nobody mining new bitcoins necessarily needs to accept the transactions and include them in the new block being created. The transaction fee is therefore an incentive on the part of the bitcoin user to make sure that a particular transaction will get included into the next block which is generated."
... As others noticed, you're simply replacing devaluation by inflation with devaluation by taxation. There surely are simpler and fairer ways to make the transactors pay for the cost of their transactions through fees. To me, this would be the only "ideal tax".
That's the very point in contention.
- You keep the same basic mining incentive structure that is currently in place, is well-understood and has been proven to work
- You do not "punish transactors" in order to "protect storers" - after all, both transactors and storers are demanding network security
How can a hijacker "steal" someone's stored BTC exactly?
You can't. But you can cause a "false fork" in the blockchain if you can command more than 50% of compute resources in the network. If there is a fork in the blockchain (two or more versions of the blockchain, simultaneously), the Bitcoin clients will "believe" whichever blockchain is the "longest" in the technical sense of having required the most hashing. Since hashing requires non-trivial amounts of time to perform, the idea is that this is a way for the network participants (miners) to "vote with their CPUs", and allow clients to simply follow the majority vote. The weakness in this approach is that a "sleeping giant" could build a doomsday compute farm and use it to hijack the whole blockchain, thus allowing him/her to double-spend their own previously purchased Bitcoins. While such an attack would be quickly detectable, it would not be recoverable - the entire network would very quickly collapse and the value of all Bitcoins would essentially go to zero. While nobody can "steal" your stored Bitcoins, they would become worthless (basically, equivalent to being lit on fire).
- Network security does not hinge on demand for Bitcoin and does not fluctuate with transaction fees
Are you certain that security of the blockchain, as it currently is, hinges on a certain (required) volume of transactions (i.e. demand)?
That's not what I'm saying. What I'm saying is that idle hashing resources are a security threat because they can be pooled and if enough of them were to go idle, they could be used to hijack the blockchain, resulting in the doomsday scenario I described above - double-spends galore followed by network collapse. Your ability to use your Bitcoins presupposes that the blockchain is valid and that the network is operational. If either of those conditions does not hold, then your Bitcoins are useless/valueless. Thus, you need the network to "keep going" at all times. An unexplained gap in blocks (say, an hour or two with no new blocks generated) would be a serious cause for concern - what in the world was everybody doing for that time? How is it possible that nobody managed to find a new block in that period of time?? This would be a sign of a hijacked blockchain/network.
Proverbs 26:4
Quote
Like
Share

AndrisBirkmanis
VIP Member
Joined: December 16th, 2012, 3:53 pm

July 11th, 2016, 5:26 pm #36

Clayton wrote:
AndrisBirkmanis wrote:Is randomness crucial? Why not just decay all extant Bitcoins uniformly?
Because Bitcoins exist in blocks that are highly non-uniform in size. The entire Blockchain would have to be continually crawled in order to sample all the Bitcoins, adding huge costs to mining. By randomly sampling, only a small subset of live blocks would need to be touched at any given time. But I grant that your solution is logically equivalent, it's just a question of technological efficiency.
I think it is not necessary to discount eagerly - the discounting can be applied lazily, at the moment of actual access to the coin - so it's effective value is its nominal value times exp(-lambda*deltaT). Not too confusing, too - except it's in reverse with how physical coins got debased, with older coins being more valuable :)

But I still do not understand - what is the difference between ongoing monetary inflation vs. ongoing redistribution - other than more constant value? Or is constant value the entire point here?
Ye who walks with the Path of Bacon shall be blessed with more. Ye who follows the Way of the Tie shall be doomed to be dressed.
Quote
Like
Share

z1235
VIP Member
z1235
VIP Member
Joined: December 16th, 2012, 3:47 pm

July 11th, 2016, 8:09 pm #37

Clayton wrote:
z1235 wrote: Are you certain that security of the blockchain, as it currently is, hinges on a certain (required) volume of transactions (i.e. demand)?
That's not what I'm saying. What I'm saying is that idle hashing resources are a security threat because they can be pooled and if enough of them were to go idle, they could be used to hijack the blockchain, resulting in the doomsday scenario I described above - double-spends galore followed by network collapse. Your ability to use your Bitcoins presupposes that the blockchain is valid and that the network is operational. If either of those conditions does not hold, then your Bitcoins are useless/valueless.
Couldn't the "honest" miners and users just agree to hard-fork away from the hijacked blockchain onto a new one that excludes the double-spend transactions (beyond a certain place in the chain)? My "stored" BTC would be consistent with and recognized on BOTH blockchains. It would be up to me to decide which chain I decide to patronize with them. So would everyone else.
Thus, you need the network to "keep going" at all times. An unexplained gap in blocks (say, an hour or two with no new blocks generated) would be a serious cause for concern - what in the world was everybody doing for that time? How is it possible that nobody managed to find a new block in that period of time?? This would be a sign of a hijacked blockchain/network.
I don't get it. Why is it catastrophic if no one wanted to (or couldn't) add transactions to the chain for a period of time? (Maybe due to a huge global blast from the Sun frying all power for a day?) How would a rogue agent use this situation to hijack the blockchain?

I'm not being argumentative -- just learning.
Quote
Like
Share

z1235
VIP Member
z1235
VIP Member
Joined: December 16th, 2012, 3:47 pm

July 14th, 2016, 9:11 am #38

The guy seems smart. Not sure if he's heard of Mises' regression theory but makes some good points -- especially when debunking the whole "blockchain tech" idiocy going around.

It's Not About the Technology, It's About the Money
I think this may explain the origin of “blockchain technology”. It lets people talk as if clones of Bitcoin are important without having to remind themselves of Bitcoin. If someone says “blockchain technology” to me I give him the benefit of the doubt and write him off as someone who doesn't know what he's talking about. If I find out that he's intelligent, then he's most likely a con artist.1

When people say “blockchain technology” to you, you can often replace it with “mana”, or “chakras”, or “quantum” and it makes sense the same way. “Blockchain technology” has evolved into a sound Bitcoiners use to extract money from venture capitalists and one another, similar to the way that male birds use a song to attract females. It's a phrase for people who know there is a lot of money around, but don't exactly know where it's coming from.
Quote
Like
Share

Joined: December 12th, 2012, 11:32 pm

July 14th, 2016, 10:17 am #39

z1235 wrote:
Clayton wrote:That's not what I'm saying. What I'm saying is that idle hashing resources are a security threat because they can be pooled and if enough of them were to go idle, they could be used to hijack the blockchain, resulting in the doomsday scenario I described above - double-spends galore followed by network collapse. Your ability to use your Bitcoins presupposes that the blockchain is valid and that the network is operational. If either of those conditions does not hold, then your Bitcoins are useless/valueless.
Couldn't the "honest" miners and users just agree to hard-fork away from the hijacked blockchain onto a new one that excludes the double-spend transactions (beyond a certain place in the chain)? My "stored" BTC would be consistent with and recognized on BOTH blockchains. It would be up to me to decide which chain I decide to patronize with them. So would everyone else.
An "emergency hardfork", while conceivable, would at least entail massive capital losses for everyone involved... like Weimar Republic kind of losses. It's not something that has any value in being talked about, IMO, because it's a contingency plan only in the same sense that amputating your own leg because it got stuck in a rock crevice in the remote wilderness is a contingency plan.
Thus, you need the network to "keep going" at all times. An unexplained gap in blocks (say, an hour or two with no new blocks generated) would be a serious cause for concern - what in the world was everybody doing for that time? How is it possible that nobody managed to find a new block in that period of time?? This would be a sign of a hijacked blockchain/network.
I don't get it. Why is it catastrophic if no one wanted to (or couldn't) add transactions to the chain for a period of time? (Maybe due to a huge global blast from the Sun frying all power for a day?) How would a rogue agent use this situation to hijack the blockchain?

I'm not being argumentative -- just learning.
I wouldn't use the word "catastrophic". In the case of a global EMP-like event shutting down networks for, say, 24 hours, that probably wouldn't be an unrecoverable event for the blockchain, since everybody would know why the network was down. What I'm asserting is that an unexplained/unexplainable gap of time in the blockchain is a sign that the blockchain itself has been hijacked. That itself is not necessarily catastrophic unless it's true. But until it was explained, nobody could be sure it wasn't true!
Proverbs 26:4
Quote
Like
Share

Joined: December 12th, 2012, 11:32 pm

July 19th, 2016, 7:19 pm #40

I was glancing over the Bitcoin Script language today and I had some thoughts.

Bitcoin MainNet has made the right choice to restrict Script to a handful of predefined standard scripts; this retains rigor and eliminates needless risks. My one objection is to Bitcoin's use of OP_RETURN. This is a glaring security hole in respect to privacy and, potentially, security. Any form of "side-channel" is dangerous in a secure system because it introduces the possibility of undetected private-information leaks (see the Heartbleed bug, for example). The "sub-nets" that are utilizing this communication channel may use similar techniques to inadvertently elicit private-information from third-parties who are using OP_RETURN communication in an insecure way - in other words, there is a security-dependency on the reliability of the miners' software, which is bad. If a miner is handling transaction data insecurely, this insecurity should be contained to that miner only, localizing the damage and protecting the wider network. OP_RETURN makes it possible for such vulnerabilities to spread across multiple miners. In addition, OP_RETURN also makes it possible for a determined adversary to conceal adversarial coordination in the form of "routine-looking" messages. While this is also possible through the use of Bitcoin transactions, the point is that the transactions are "contained" within the protocol, whereas, OP_RETURN messages are part of the protocol. Transactions cannot swamp the Bitcoin network (because the network is always able to "spam filter" bogus transactions and legitimate transactions move through in an effectively bandwidth-controlled manner, where the control is TX fees + hashing-cost). "Routine-looking", yet bogus, protocol communications could, in principle, be used to DDoS the Bitcoin network.

Bitcoin TestNet allows unrestricted use of Script code, but you can't perform real transactions with TestNet. I think you need an intermediate, "opt-in" layer between MainNet and TestNet, let's call it ScriptNet. The idea is that MainNet's use of Script is "dead stupid" - you can't break it because there's just nothing there to break... the "Script" is nothing more than an if-else statement selecting between one of a few possible transaction types. That's exactly what you want in order to survive the worst-case network-attack scenarios. But it's far more conservative than it needs to be in the general case. The key is that the hypothesized "ScriptNet" should restrict itself to the use of code with provable properties. To do this, ScriptNet should utilize Hoare logic to construct Script code-patterns that are allowed to be executed. Before Script is executed in ScriptNet, it is first checked with some checking function, let's call it ScriptCheck(). This function utilizes a set of rules derived through Hoare-logic formal methods (possibly by hand) that ensure that the code to be executed satisfies certain conditions, such as (a) that it terminates, (b) that its stack-size never exceeds a certain limit value, (c) that its result is a boolean value, (d) that the stack has one and only one item as a result, and so on.

I think this approach makes more sense than Ethereum. The idea of "charging per instruction" doesn't make a lot of sense to me. A distributed computation is occurring precisely because everybody in the network has some incentive to keep that network going. The set of code-patterns that are "demanded" would, of course, but a subset of the set of code-patterns that are "safe/permissible". But you can't demand something that doesn't exist (Say's Law), so it has to be possible to execute a wider set of Script in order for this set to become used in "smart-contract" or other distributed-computation tasks.

Somebody's probably already working on this idea, but it just came to mind.
Proverbs 26:4
Quote
Like
Share