Gold collapsing. Bitcoin UP.

[Aquent]

Ray Dillineger (Bear) [1] on Cryptography mailing list @ metzworld.com
(bold is mine)

On 12/17/2015 04:05 AM, Jerry Leichter wrote:
> Ah. So you think owning Bitcoins is a bad idea, then?
At the moment, yes. I made some money on them, but I sold out.

Satoshi has enough that s/he has a huge target painted on his/her
butt, but even if you don't own enough for that to be an issue,
it's still a bad idea.

According to my math the protocol promotes mining consolidation,
and the winning tactic for a consolidated miner amounts to a
partial DDoS.

Once anyone has more than 1 - 1/Phi of the mining power, and
there is enough *actual* demand to fill more than half of each
block on average, then even if everybody else behaves optimally
(which they don't) that miner gets rich faster than all other
miners (at a higher rate of return on expense) by keeping the
blocks, on average, half full of transactions in order to force
up the fees other people pay. It will cost the consolidating
miner fees, of course, to prevent other miners from accepting
tx below that fee level - but he'll get whatever share of them
back that he's getting of the blocks, and he (and all other
miners too) makes more money on all the other tx.

In practice the tactic (durst call it an attack?) works even
better than that, for two reasons: first because doing it even
occasionally makes people reset their fees to "enough", and
then those settings stay high even when the miner isn't
inflating block chain traffic. Second because the consolidating
miner has a cost advantage in being set-up where expenses are
lower than average competition. Both factors dramatically
reduce the amount of mining power required to reach the
inflection point for consolidation and eventual monopoly.

In China bitcoin mining is essentially a way to launder stolen
tax money, (subsidized electricity is profligately used,
courtesy of the taxpayers, and then re-emerges as bitcoins
which the profligate users get to spend) so this stronger
centralization dynamic is definitely in effect.

Anyway, with the vast majority of bitcoin mining already being
done in China, and the entity whom I suspect is or soon will be
the consolidated miner present in that country masquerading as
multiple pools in order to prevent a panic, I think the Chinese
government is already in a position to allow or disallow pretty
much any transaction they care to. When the masqerade fails,
or when China exercises the coercion option, I expect bitcoin
values to drop precipitously.

Until then, it has become a sham. What Satoshi and Hal worked
so hard to bring about, has already failed, and it makes me sad.

[1] dillinger.com

Is he stating that this attack is only possible if demand is sufficient to fill half the block? Therefore, if we increase the blocksize along BIP101 lines, then this "attack" disappears?

Just thought to quote this exchange as well:

"> Unfortunately we're under heavy political pressure right now to raise
> the blocksize, or even remove the blocksize limit entirely. If this
> happens, the system risks being killed off through centralization as you
> suspect.
Heck, if it *doesn't* happen the partial-DOS works and the system
centralizes anyway. Pick your poison.

This isn't political pressure, this is math.

Bear"

The two seem to be talking past each other. Specifically, "if it doesn't happen the partial-DOS works". So if it does happen then it doesn't work, thus no centralisation/monopolisation, or am I missing something.

 

[rocks]

Todd says:
> Unfortunately we're under heavy political pressure right now to raise the blocksize, or even remove the blocksize limit entirely.

FFS. Finally! Hallelujah! About time!

He needs to learn that this will guarantee decentralization in the medium/long term by growing the ecosystem and the price, and businesses who will run full nodes. His nervous Nellie approach is what will kill decentralization if Bitcoin gets left behind in the crypto-race and becomes synonymous with MySpace.

Systems that are susceptible to political pressure eventually become the corrupt systems we are trying to escape. Just because the political pressure is for the thing we want today, does not mean it is good for Bitcoin to be able to be changed in this manner. What if the next time the "intense political pressure" is from the government to eliminate anonymity.

Political pressure to raise the cap, even if successful, does not change that fact that the current Dev leadership still have a very different idea on where to take bitcoin.

I've come to see a user/community led fork as being the best outcome here. It paves the way for a democratic majority to keep bitcoin on a path preferred by the people. Not by those with political influence wherever it may come from.

Today a merchant led fork would set a precedent for this. If next time the merchants are going in the wrong direction we would know we could fork it again.

 

[sickpig]

@rocks

we, as part of ecosystem, are putting political pressures. VCs on both side are exercising political pressure. A lot of others actors are involved and are making their part.

I see nothing wrong with it, to me such activities are the way the market is made.

Sure a system could become rigged as time pass but I see it as a evolving phase through which the things move to the next iteration.
[doublepost=1450605794,1450604878][/doublepost]

Ray Dillinger (Cryddit on BCT I think, who has been in Bitcoin since 2009) replies:

this precisely the reason why I reported his mail here. He definitely should have some clues of what is talking about.

That said I haven't made my made around his math yet, but if he's right as long as we are able to have a max block size who is always double in size in respect of actual demand for txs inclusion we should be cool.

That said this having no limit will save from such attacks by definition.

So in the end we have found another BU supporter

 

[Peter R]

I recently completed a new paper analyzing @rocks's "mini-blockchain" idea. I renamed this idea "subchains," and examined some of its properties related to fees, equilibrium hash rates, orphaning risk, and the security of zero-confirmation transactions. I believe I've shown that security of zero-confirm transactions should be significantly enhanced (possibly neutering RBF in the process) and that fees will directly contribute to the PoW cost, refuting Maxwell's belief that “the fact that verifying and transmitting transactions has a cost isn’t enough, because all the funds go to pay that cost and none to the POW ‘artificial’ cost.” This last result is also important concerning the block size limit debate, because it was an argument used by small-block proponents in favor of a tight limit to drive up fees for security purposes.

The "subchain" technique is just one possible application of weak blocks—but it’s possibly the easiest to analyze mathematically, and it has the very nice property of adding measurable security to zero-confirmation transactions.

Hat tips to @awemany and @Gavin Andresen for reviewing this paper and @theZerg for hosting it on the Bitcoin Unlimited site.

The paper can be downloaded in PDF format here:

http://www.bitcoinunlimited.info/downloads/subchains.pdf

Or viewed with a web-browser here:

https://www.scribd.com/doc/293708577/Reduce-Orphaning-Risk-and-Improve-Zero-Confirmation-Security-With-Subchains

Here is the associated Reddit thread:

https://www.reddit.com/r/btc/comments/3xkok3/reduce_orphaning_risk_and_improve/

 

[Zarathustra]

@rocks

we, as part of ecosystem, are putting political pressures. VCs on both side are exercising political pressure. A lot of others actors are involved and are making their part.

I see nothing wrong with it, to me such activities are the way the market is made.

Yes, it's the pressures of the marketplace, which the core destroyers don't like. They just try to defame it by using the term 'political'.

 

[Zangelbert Bingledack]

@rocks

I know you're aware of this, but I'd like to restate some points on phrasing that cannot be overstressed:

Peter Todd is of course using emotionally charged and misleading language. As @Zarathustra said, the idea that "users walking away from Core = political pressure" is a manipulative frame and we should reject it completely every time it arises.

Precisely nothing can be correctly called politics in this space, because there are no central authorities, so the term should never be used as it guarantees confusion and derailment. Would Microsoft say it was under "political pressure" to revamp Internet Explorer because users are complaining, people are switching to Chrome/Firefox and techies are advising that IE will lose its dominant market share? No, it was under market pressure.

The very fact that Maxwell and Todd use the word "political" reveals that they're stuck in the paradigm of centralized control. The frame must be thrown off as soon as it is introduced, else every subsequent statement we try to make unwittingly supports them by reaffirming the notion that real centralized control even exists in Bitcoin.

Another frame is the overarching notion that "Core = Bitcoin," and it's one big blockers fall prey to all the time. Pressure on Core is not pressure on Bitcoin. The fact that Core could succumb to pressure from governments is all the more reason not to have one monolithic implementation, ensuring there is not even the appearance of being able to exert government pressure on Bitcoin itself.

These guys' bogus ideas arising from their having one foot still stuck in the central authority paradigm will readily sway onlookers if not called out, or at least if allowed to infect even the big block / dev decentralization side of the debate, because humans are so predisposed to centralist thinking.

Decentralization of development is not politics as Maxwell tried to claim on the mailing list in response to @Peter R; it's a rejection of politics and an embracement of the market. Core is experiencing *decentralization* pressure. I won't even say competitive pressure, because the frame then turns to "competition for what?" For the Iron Throne? The One Ring? Cast it into the fires. No, in fact it is a throne of paper, or a ring of paper, crumbling as soon as you dare to look at it.

 

[Justus Ranvier]

I wonder how much of the drama is driven by altcoins.

Someone who is fully invested in Bitcoin is not threatened by an unlimited success scenerio that doesn't leave any reason for other currencies to exist.

Those who are also invested in, for example, Litecoin, need to be careful to not let Bitcoin get become too successful.

"No man can serve two masters: for either he will hate the one, and love the other; or else he will hold to the one, and despise the other."

 

[Zangelbert Bingledack]

@Justus Ranvier

That would explain the lack of top altcoins advertizing their big blocks to capitalize on this debate: if they push too hard, they know that very pushing of the idea that Bitcoin is pointlessly stuck will cause Bitcoin to respond. They have to walk a fine line. Look at Charlie Lee and Warren Togami of Litecoin, which has 4x more block capacity.

Also, the most vocal and prominent small blockers have a lot of non-maximalists among them:

- Mark Friedenbach (Blockstream) developed Freicoin

- Warren Togami (Blockstream) is Litecoin lead dev

- Btcdrak developed Viacoin

- Peter Todd is/was Viacoin advisor

- Adam Back (Blockstream) missed the whole boat despite inventing Hashcash. That's gotta hurt, both intellectually and financially.

- EDIT: Jorge Timon (Blockstream) was Freicoin co-dev (and perhaps his and Mark's impulse toward including demurrage in Freicoin is a strike against their economic understanding, but I can't presume the spirit in which they included that feature)

 

[cypherdoc]

Someone informed me the other day that Adam has a startup also but I can't remember the name of it. The implication was that it's a conflict but the fact that i don't remember it may be am indication that I didn't think much of it. Although even I am somewhat beaten down by all the hypocrisies.

 

[chriswilmer]

@cypherdoc : Adam is listed as a Chief Cryptography Officer of a bitcoin mining company, Spoondoolies Tech.

http://www.spondoolies-tech.com/pages/team

I'm not really sure if that's a conflict of interest or not, or if it matters.

 

[Justus Ranvier]

Peter Todd is certainly busy trying to push irrelevant issues while making fundamental changes to the viability of Bitcoin as a long term store of value all of a sudden.

 

[AdrianX]

I recently completed a new paper analyzing @rocks's "mini-blockchain" idea. I renamed this idea "subchains," and examined some of its properties related to fees, equilibrium hash rates, orphaning risk, and the security of zero-confirmation transactions. I believe I've shown that security of zero-confirm transactions should be significantly enhanced (possibly neutering RBF in the process) and that fees will directly contribute to the PoW cost, refuting Maxwell's belief that “the fact that verifying and transmitting transactions has a cost isn’t enough, because all the funds go to pay that cost and none to the POW ‘artificial’ cost.” This last result is also important concerning the block size limit debate, because it was an argument used by small-block proponents in favor of a tight limit to drive up fees for security purposes.

The "subchain" technique is just one possible application of weak blocks—but it’s possibly the easiest to analyze mathematically, and it has the very nice property of adding measurable security to zero-confirmation transactions.

Hat tips to @awemany and @Gavin Andresen for reviewing this paper and @theZerg for hosting it on the Bitcoin Unlimited site.

The paper can be downloaded in PDF format here:

http://www.bitcoinunlimited.info/downloads/subchains.pdf

Or viewed with a web-browser here:

https://www.scribd.com/doc/293708577/Reduce-Orphaning-Risk-and-Improve-Zero-Confirmation-Security-With-Subchains

Here is the associated Reddit thread:

https://www.reddit.com/r/btc/comments/3xkok3/reduce_orphaning_risk_and_improve/

Very nice @Peter R just reading the abstract I can see it works within the existing incentive design with one caveat.

Orphan risk is reduced by allowing agreed "mini blocks". The natural consequence of this is miners can increase fee revenue by including what would otherwise be risky transactions that would increase orphan risk.

The net result would be greater demand for block space. What are your thoughts in consideration to space as it's ultimately a free resources for miners and the only deterrent I know to ensure it's used effectively is an increase in orphan risk if it's "abused"

On the increased 0 confirmation security that's a nice by-product. It's also conceivable that such a change would increase demand for the use of more trivial transactions creating even more demand block space.

What are your thoughts that Subchains will optimizes market forces to encourage to accelerated consumption of block space?

 

[albin]

Someone who is fully invested in Bitcoin is not threatened by an unlimited success scenerio that doesn't leave any reason for other currencies to exist.

This reality has got to make Viacoin at least to some degree a factor in all of this. As far as I can tell, the niche that Viacoin is trying to fill is metalayer assets, by basically integrating Counterparty directly into the reference client. The rationale I remember for Viacoin even existing in the first place was uncertainty of 40 vs 80 byte OP_RETURN.

It follows that there is literally no reason for Viacoin to even exist unless Bitcoin is hamstrung in some way from the inside.

 

[Peter R]

Very nice @Peter R just reading the abstract I can see it works within the existing incentive design with one caveat.

Orphan risk is reduced by allowing agreed "mini blocks". The natural consequence of this is miners can increase fee revenue by including what would otherwise be risky transactions that would increase orphan risk.

The net result would be greater demand for block space. What are your thoughts in consideration to space as it's ultimately a free resources for miners and the only deterrent I know to ensure it's used effectively is an increase in orphan risk if it's "abused"

On the increased 0 confirmation security that's a nice by-product. It's also conceivable that such a change would increase demand for the use of more trivial transactions creating even more demand block space.

What are your thoughts that Subchains will optimizes market forces to encourage to accelerated consumption of block space?

Great questions, Adrian! I had been working on this paper for a long time, and I was convinced at first that weak blocks would reduce the marginal cost of a TX for the reasons you said. But now I don't think so (or at least if there's an effect I suspect it is small). Ultimately, the miners are worried about orphaning strong blocks. Since they can't predict before hand whether they'll find a weak or a strong one, I think the weak blocks will be built using the same considerations as for strong blocks. This is explained mathematically in Section 4.

It's quite possible that I'm still missing something here though...

What are your thoughts that Subchains will optimizes market forces to encourage to accelerated consumption of block space?

I think they will...and this would be a good thing. I think this will happen by shifting the demand curve up, and not by decreasing the marginal cost of block space (for the reasons I mentioned above).

 

[VeritasSapere]

@rocks

I know you're aware of this, but I'd like to restate some points on phrasing that cannot be overstressed:

Peter Todd is of course using emotionally charged and misleading language. As @Zarathustra said, the idea that "users walking away from Core = political pressure" is a manipulative frame and we should reject it completely every time it arises.

Precisely nothing can be correctly called politics in this space, because there are no central authorities, so the term should never be used as it guarantees confusion and derailment. Would Microsoft say it was under "political pressure" to revamp Internet Explorer because users are complaining, people are switching to Chrome/Firefox and techies are advising that IE will lose its dominant market share? No, it was under market pressure.

The very fact that Maxwell and Todd use the word "political" reveals that they're stuck in the paradigm of centralized control. The frame must be thrown off as soon as it is introduced, else every subsequent statement we try to make unwittingly supports them by reaffirming the notion that real centralized control even exists in Bitcoin.

Another frame is the overarching notion that "Core = Bitcoin," and it's one big blockers fall prey to all the time. Pressure on Core is not pressure on Bitcoin. The fact that Core could succumb to pressure from governments is all the more reason not to have one monolithic implementation, ensuring there is not even the appearance of being able to exert government pressure on Bitcoin itself.

These guys' bogus ideas arising from their having one foot still stuck in the central authority paradigm will readily sway onlookers if not called out, or at least if allowed to infect even the big block / dev decentralization side of the debate, because humans are so predisposed to centralist thinking.

Decentralization of development is not politics as Maxwell tried to claim on the mailing list in response to @Peter R; it's a rejection of politics and an embracement of the market. Core is experiencing *decentralization* pressure. I won't even say competitive pressure, because the frame then turns to "competition for what?" For the Iron Throne? The One Ring? Cast it into the fires. No, in fact it is a throne of paper, or a ring of paper, crumbling as soon as you dare to look at it.

I do think this is politics and we should not think of politics as being a dirty word. Lets define the word politics, from Wikipedia:

Politics is the practice and theory of influencing other people. Politics involves the making of a common decision for a group of people, that is, a uniform decision applying in the same way to all members of the group. It also involves the use of power by one person to affect the behavior of another person. More narrowly, it refers to achieving and exercising positions of governance — organized control over a human community, particularly a state. Furthermore, politics is the study or practice of the distribution of power and resources within a given community (a usually hierarchically organized population) as well as the interrelationship(s) between communities.

I think it is more helpful recognizing the role that this plays within Bitcoin, since I do think that this definition certainly does apply to the blocksize debate. The governance of Bitcoin is a form of politics, even without centralized authorities. Instead of denying the political nature of what is happening here or exhibiting disdain towards this phenomena we should embrace it. Allow it to empower our thinking, within Bitcoin political thought can actually be a way to guaranty the continued freedom and decentralization of the protocol.

I do agree with you however that Core is indeed stuck in the thought paradigm of centralized control, which for many people is difficult to escape, after all it is the only type of politics most people are used to, so attempting a paradigm shift away from this type of thought is not always easy. Even Jeff Garzik whom seems to now support our cause on many of the important points still seems to also be stuck in this paradigm.

This is an extreme moral hazard: A few Bitcoin Core committers can veto increase and thereby reshape bitcoin economics, price some businesses out of the system. It is less of a moral hazard to keep the current economics [by raising block size] and not exercise such power.

This seems to imply that he thinks that Core has such power, which might be true, however this is part of what needs to change. Core only has such power if enough people believe in it. In the same sense that governments can only take away our freedom if we let them. Ironically often it is through our free choice that we lose freedom.

The only way to destroy freedom, is to convince people they are safer without it. This is exactly what is happening to Bitcoin.

For anyone that still thinks Core will increase the blocksize, they should think carefully about what Jeff Garzik is actually saying here, it seems to me that even Jeff is highly doubtful of this possibility.

Some Developers wish to accelerate the Fee Event, and a veto can accomplish that. In the current developer dynamics, 1-2 key developers can and very likely would veto any block size increase.

 

[Zangelbert Bingledack]

@VeritasSapere

There are perfectly decent definitions of the word "politics" that do apply to Bitcoin, but in every case I have experienced, the word itself is too highly charged and has too many different more familiar/cognitive-available interpretations, or baggage, that too easily lead toward centralist thinking for it to be effective. I can recall no discussion where the word was used and then things didn't immediately go downhill. If we allow real economic discussions or questions of influence or questions of decentralization of development to be slapped with the label "politics" we basically lose the point right then and there, even if by some definition it can be called an accurate labeling.

As a practical matter, I'd suggest tabooing the word "politics"/"political" and instead insisting on the more narrow term that fits the situation. For example, if influence is what is being referred to, use the word "influence." If decentralization of development, stick like glue to the terminology of decentralization. If economics, consistently return the terminology to a purely economic framing.
[doublepost=1450638969][/doublepost]@Peter R

Reading through the subchains paper now...

In Section 9, we illustrate how subchains can be nested to circumvent the verification-time/security tradeoff, creating a fractal-like blockchain structure where transactions are processed almost continuously.

The real Lightning Network?

 

[solex]

The Menger Sponge is a good visual too:

 

[VeritasSapere]

@Zangelbert Bingledack You make good points in regards to peoples reaction to that word. I think many people have a disdain for that term even though unjustified. In regards to using different words to describe these things I also think you are correct.

In the case which we where discussing specifically, in regards to "political pressure", it is indeed better and more accurately referred to as an "economic pressure" even though these terms are related, economics being a highly politicized field after all.

It is a good thing to keep in mind when talking to other people that they might indeed have these linguistic prejudices. Though for me these definitions are important in terms of understanding what is happening here. I suppose as long as we all still realize that this is politics while avoiding that word in order not to unduly scare people by invoking these types of linguistic biases.

Therefore such thinking is positive, after all we are just trying to communicate meaning to other people and if this word means something different to these other people then that word might just fail to convey the message we wish to impart.

 

[Peter R]

Awesome pics, @solex and @Zangelbert Bingledack!

The lightning picture got me thinking that, in fact, it is a fairly good analogy. The diagram I included in the paper showed an "idealized" case (more like the Menger sponge) where everything is equal and there's no forking:

In reality, there will be little forks coming of the various Δ-blocks, but one subchain will remain dominant and push forward in time. Perhaps I'll try to make an animated GIF to visualize the "lightning effect."

 

[_mr_e]

Hi Peter,

I was wondering if you had heard of Tangle/IOTA?
https://bitcointalk.org/index.php?topic=1216479.0

I had been watching this project for a while and noticed some remarkable similarities in your whitepaper, especially when I read the line, "As the use and complexity of subchains grow, the idea of “blocks” and “confirmations” could be abstracted away from the user—the Blockchain may one day appear as a continuous stream of transactions, where the new transactions added each moment serve to secure the ones that came before them." Their use of Directed Acyclic Graphs sounds like what you are saying here. I didn't think this would be applicable to Bitcoin but it looks like you're on to something.

I am also wondering if it would also ever be possible to actually hand out portions of the reward based on who mined the weak blocks? Wouldn't this have the effect of completely decentralizing mining pools?

This concept is incredible...