Gold collapsing. Bitcoin UP.

[Peter R]

Has there been any discussion about using interleaved blocks?
Of course, some details about fungibility between the different interleaves and closing some attack vectors, but if the 1MB limit is really so important (it isnt technically), you can make a hardfork where N different interleaves are mined. So there would be N different parallel chains, each offset by 10 minutes/N. This way, each interleave gets the full 10 minutes for mining and propagation, removing all "objections" to larger blocks/faster blocks, etc.

I think each would need to be mined independently and just have a convention so (txid mod N) determines which interleave a tx gets mined on.

Using interleaves, the number N can be changed as tx levels require it. But really, I dont see what the big technical issue is with 1MB. Just change to 2MB and 5 minute blocks to get an immediate 4x capacity increase. then a 10x interleave for a total 40x increase. That would buy enough time for truly solving the scalability. Another 2x could be gained by using the canonical numbering that iguana uses, so now it approaches 100x capacity increase. And with the bundle approach, the time to do everything will gradually get faster and faster over the years as CPU's get more cores faster than blockchain size increases.

What is your opinion about subchains?

A Visual Explanation of Subchains

Subchains are a practical application of "weak blocks," which add security to zero-confirmation transactions and permit massive scaling of Bitcoin.

Fig. 1. Each time a block that satisfies the weak target is found, the subchain is extended. When a block satisfying the strong target is found, the subchain is closed, becoming a strong block, and a new subchain begins.

Fig. 2. Miners cooperate to build subchains in order to process more transactions and claim more fees without incurring additional orphaning risk. This illustration visualizes "idealized" ¼-difficulty subchains (also referred to as 4x subchains). In practice, each strong block may contain more or less than four weak blocks, due to randomness.

Fig. 3. Miners build subchains layer by layer (a – c), where each layer corresponds to the solution of a weak block. To propagate blocks (weak or strong), miners need only send their Δ-block and a reference to the subchain’s tip (f), reducing the quantity of transmitted bytes. When a nonce that satisfies the strong target is found, the subchain is closed thereby becoming a strong block (d), and miners begin working on a new subchain (e).


For further reading, please refer to "Reduce Orphaning Risk and Improve Zero-Confirmation Security With Subchains."

 

[Peter R]

Thanks so much guys for the thoughtful comments!

@freetrader: the "competitiveness of regulation" is a greater talking point. I know the gentlemen from the Dept. of Finance heads the financial crimes divisions (AML/terrorist financing) and you've brought up a great counterpoint to overly-strict AML rules.

@cypherdoc: I like the quantum computer / compromised keys example from the perspective of "ownership vs control" and the interesting legal/ethical questions this brings up. The Bitcoin network doesn't authenticate humans--it authenticates keys (strings of numbers); but us humans would probably prefer it (and half expect it) to be the other way round.

@tynwald: Great question regarding the Bank of Canada eventually issuing its own cryptocurrency. Their long term plan must be to move away from physical money eventually. On that note, does anyone know the latest on Ecquador's purported digital currency?

@AdrianX: Yes, I'd love to introduce the "money as memory" talking points somehow. I'm hoping Jillian speaks to this in her remarks. However, the panel is about "regulation" and "blockchain" and I probably shouldn't steer the conversation too much into the "what is money" direction if it doesn't flow there naturally. And thanks for the vote of confidence, although I'm hardly qualified to talk about regulation for "blockchain" <-- I still don't really know what that even means

@79b79aa8: I knew I had recently read a great post about permissioned ledgers but I couldn't remember where I saw it. Thanks for the link (and great post).

@_mr_e: PM sent.

 

[jl777]

Just read the paper so havent had time for any deep thoughts on it, but the main idea of reducing the orphan rate to allow either faster block times (5 min?) or larger blocks is orthogonal to a simple interleaving. If subchains makes it safe to have 8MB blocks every 5 minutes, adding a 10x interleave would get us 160x capacity increase. That should buy us a few years.

We can have 10 interleaved subchains, A to J. At the hardfork all 10 interleaves would use a different prev_hash so it would be totally independent chains.

If we just used the naive approach that interleave B is unconfirmed, until interleave A is confirmed, then we can get a defined ordering of blocks.

If an earlier interleave is completed before a later one, it is identical to current sequence. If a later interleave is solved before an earlier one, tthen it needs to wait and there might be exploits due to this, but since the txid's mod 10 that match that interleave all go there, not sure what the attack is if each interleave is using only blocks in that interleave. So there needs to be provision of allowing illegal tx in a block, as it could be valid if the earlier block is unknown. it wont be that hard to have a second tx validation pass to verify validity using interleave ordering.

Pretty sure some more needs to be added to prevent abuse, with interleaved blocks, the mining reward would need to be adjusted and this would make the miners to decide if they mine all 10 interleaves and win 10% vs mine just one interleave and get a much better chance. So now the miners can have a little strategy game against each other, instead of just blasting all their hashpower on a single target.

The whole blocksize debate is simply about money. The miners are seeing half the revenues going away, so of course they want to boost revenues as much as possible. If we can create a version that will give miners more fees then I expect they will all of a sudden be all for larger tx capacity. So, the users will need to fund this with higher than 0.0001 txfee. By having a version that offers users better performance, that will justify the higher fees and by helping the miners make more money, they will support that hardfork over another version that means less money for them.

It is a simple business decision by the miners and we cant kid ourselves, the miners control the production of blocks and therefore the hardfork that will win.

James

 

[sickpig]

 

[sickpig]

PoW nonce protection

A few days ago on BU slack we thought to add PoW for incoming p2p connections...

this would be effective to make more difficult the mapping the bitcoin p2p network.

 

[sgbett]

RBF question.

Instead of RBF why not time to delete. A user would place a flag on a transaction that would state if not added to a block in x blocks then delete transaction from mempool and do not resend. This would allow users to have transactions that could sit with a low fee for a day or more with the possibility of being added to the blockchain, or have a short time out period that would allow the fee to be increased and give maximum flexibility. It would also let the reciever know that after x block height the transaction will be canceled. The sender and receiver could have some agreement for a resend.

This has probably been discussed but I don't remember it.

Analogous to TTL? Bloody brilliant idea
[doublepost=1457421257][/doublepost]

@Norway and I (and others) had an interesting interaction today with shill-in-residence on the Bitcoin Classic Slack, "jamesshilliard". He went through the usual arguments about the Classic nodes all being cloud hosted so basically sybil nodes. I pressed him about the DDoS attacks and of course he claimed that the DDoS was fictitious.

My home node has been knocked offline like clockwork over the past two weeks, so I have no doubt about it and direct first-hand experience. Of course that was not enough for James and since I had time today, I told him I would get him a Wireshark capture if that would please him. Of course he challenged (taunted?) me to do it.

So sure enough after 46 minutes of being online, my Classic node was hammered and my home internet taken down again, just like always. But this time I had the whole thing captured.

I provided Shilliard with the complete PCAP files, luckily they compressed well and could be sent on Slack.

Same basic attack structure as always. Node connects and does the version command while reporting its version as "Why? Because fuck u, that's why".

Then later a DNS amplification attack. They spoof your node's address to open DNS resolvers and do a TXT query against qrtor.ru (in this instance). The response to that query is around 3800 bytes and just giant strings of "XXXXXXXXXXXXXXXXXX".

Anyway, it was quite satisfying to be able to show James we are not making this up and perhaps if it weren't for the DDoS attacks we would not have to rely so heavily on Amazon and elsewhere to bring up nodes.

It seems to be an all-too-common and convenient copout during discussions to just deny the DDoS attack exists, even Greg Maxwell says it. So if anyone encounters any deniers, let me know and I can provide them with the full PCAP files.

Great job I saw the start of that convo and wondered how it would play out

 

[sickpig]

why does a full node need to accept DNS data from these resolvers in the first place?

is this a port issue? can one just close all ports except for 8333?

the node is not accepting anything, the flooder just throws packets at it until node network pipe will be saturated.

Attackers and nodes not even speak the same language, at the lower level the first is sending UDP packets the latter speaks TCP.

all comes down to how UDP (the protocol on which DNS is built upon), to establish a UDP connection there's no need of the three way handshake (like in TCP). That permits the attackers to spoof source IP address in the DNS request hence redirecting the DNS response to the victim.

this a rather interesting article to understand this type of attacks:

https://blog.cloudflare.com/deep-inside-a-dns-amplification-ddos-attack/

 

[jl777]

@sickpig with ~6000 nodes, it wont be much of a barrier to PoW protect at the connection level. Establishing tcp connection is already taking many seconds, and I dont think requiring a 1 minute PoW nonce to establish a connection is wise.

So a practical nonce calculation time of 5 to 10 seconds is probably the pain threshold, which equates to 30,000 to 60,000 processing seconds, or a bit more than an hour on an 8 core machine. Certainly better than nothing, but considering that it would break backward compatibility, I dont feel it is warranted. Now, requiring a nonce per message, that could work. the nonce calculations just needs to match the bandwidth speeds. Then the users wont notice it at all, but for the attacker it becomes very painful

 

[sickpig]

Analogous to TTL? Bloody brilliant ideas

And you know what is ironic about it?

Jeff Garzik had the same idea. He thought of a time to leave equal to 72 hs.

Guess what? infinite bike shedding process, fake risk analysis, some peter todddism and threat of Armageddon -> no code change in the end and proposal got silently rejected

 

[sgbett]

And you know what is ironic about it?

Jeff Garzik had the same idea. He thought of a time to leave equal to 72 hs.

Guess what? infinite bike shedding process, fake risk analysis, some peter todddism and threat of Armageddon -> no code change in the end and proposal got silently rejected

Why does this not surprise me :/

 

[Christoph Bergmann]

Aaron v. Wirdum admitting stuck transactions shatter confidence in Bitcoin:


I am myself shattered by this admission!

and the funny thing is he claims he is objective. I have no problem when someone tends to some oppinion, but telling everybody to be objective and than writing things like Aaron is unhonest.

(I tell my readers on my blog everytime I write about blocksize that I'm heaviliy in favor of big blocks, but I try to write objective articles - you wouldn't recognize them - and show both sides. And if some reader complains about me being unfair to one side, I say sorry and think about it. Aaron just says "It's no opinion, it are facts").

 

[sickpig]

@sickpig with ~6000 nodes, it wont be much of a barrier to PoW protect at the connection level. Establishing tcp connection is already taking many seconds, and I dont think requiring a 1 minute PoW nonce to establish a connection is wise.

So a practical nonce calculation time of 5 to 10 seconds is probably the pain threshold, which equates to 30,000 to 60,000 processing seconds, or a bit more than an hour on an 8 core machine. Certainly better than nothing, but considering that it would break backward compatibility, I dont feel it is warranted. Now, requiring a nonce per message, that could work. the nonce calculations just needs to match the bandwidth speeds. Then the users wont notice it at all, but for the attacker it becomes very painful

so lower work but for each message.

it sounds a promising approach.

WRT retro compatibility: I think a ddos resistant network would be well worth an hard fork.

 

[Christoph Bergmann]

The brutal irony I'm seeing in all the "your coffees shouldn't go on the blockchain" / "Bitcoin is strictly for censorship resistance" arguments is that historically many governments have outlawed coffee at various times!

ironically this statemen is censorship itself

 

[Inca]

Anyone live near Los Angeles? I'm heading out from England there in early May for a surgical conference. It would be great to meet up for a coffee and an IRL chat..

 

[solex]

I'm also personally interested in the ownership vs control problem (e.g., a bitcoin transaction transfers the asset whereas other blockchain transactions transfer only legal title to the asset) and the legal / regulatory challenges associated with that.

Interesting area. It is not so black-and-white with respect to legal title transfers.

Consider advanced cars where the key to start one is activated by a Bitcoin private key. Here, a manufacturer builds a car and sets it to respond to a coloured coin on the Bitcoin blockchain referenced in a hardware fob or device. When it passes to the new-car dealership a transaction is done, with a hash of the registration document (legal title). As the car is sold to different people a BTC transaction occurs each time giving usage to the owner of a new private key and securing the latest version of the registration document which could be viewable on the car dash display. Owners can create duplicate keys for letting other people (family, employees) use the car, but if the car is sold all their operational access ceases automatically.

Bitcoin can enable the ability to physically use an asset as well as secure the title of ownership and trail of owners.

 

[Norway]

@cypherdoc
OMG this thead is epic! Got really drunk last night. Wake up. Make a new drink. Start to read all the posts here from when i went to bed. And it's impossible! It's so high quality, but it's too many letters to process. My brain is probably stuck with 1 mb. And this thread is bloating my mempool.

@Christoph Bergmann
I loved your post on /r/bitcoin, and it's necessary. And there will be more pain. But I beg you. Don't sell your coins. Don't become a weak hand. Don't get fucked. I say this because I don't want you to lose. Buy more!

And here is the rant I warned you about. Keep your friends close, and your Post-It stickers closer. Censor me yourself, you don't need Theymos to do it for you.

Ok, here we go...

ONE
FUCKING
MEGABYTE!
ONE
MEGABYTE!
FUCK!!!
FUCK THE FUCKING FUCK!!!!!
MEGABYTE
JUST ONE OF IT EVERY 10 MINUTE!
FUCK
FUCK
FUCK!!!!!!!​

 

[freetrader]

@Norway: Lament of a hungover Bitcoiner?

Eggnog is in the fridge. Help yourself

---

Anyone using Poloniex? PSA incoming re: their possible use of RBF of transactions when withdrawing BTC (barf):

 

[Norway]

RBF is just ctrl z.
I don't want this to be a part of bitcoin. It just make a clusterfuck of transactions in a market where fees are volatile.

And for all of you that believe that a bitoin transfer is irreversible. It isn't. Because we have police and judges.

EDIT: We are not going to a "Lord of the flies" scenario with bitcoin. But we go to a reality where governments have to be accountable of what they are doing with their money.

Cheers!

 

[freetrader]

Between these many awesome scaling-related concepts submitted for improving Bitcoin:

- weak blocks (too lazy to look up who originally came up with that, sorry)
- subchains (@Peter R )
- Xtreme Thinblocks (@Peter Tschipper )
- diff blocks (Bitcoin9000)
- interleaving (also new to me, thanks @jl777 for bringing it up)

and given the fact that some of them might be orthogonal - does anyone else think that there needs to be a Scaling Competition (with measurable results and the option of adopting several of these at once) for the future "roadmap of Bitcoin", virtually speaking... ?

Personally I can't wait to see some hard numbers on the possible capacity increases that each of these can bring. Hopefully some analysts can bring some maths to the coming on-chain scaling conference!

Honeybadger heard knowledge is power, loves him some more knowledge.

 

[Norway]

@freetrader
I am helping the Classic community to organize an on-chain scaling conference. I was told to keep a low profile and gather potential speakers.

But why keep a low profile? Fuck that! It's an online conference in middle/end of march.

I tried to get in touch with the Bitcoin9000 through bitcointalk.org
But I have no response. Can anybody tell me where to look, or are these/this person(s) full of shit?
EDIT: https://bitcointalk.org/index.php?topic=1382884.msg14065334#msg14065334

Anyway, please PM me about all efforts to scale bitcoin on-chain. Or even better. Just reply here in public!

@VeritasSapere In vino veritas!!
[doublepost=1457442739,1457441879][/doublepost]AFAIK, @Peter Tschipper is not going to talk, because of language. But @theZerg will do that job. And mr. Tschipper is still a hero. Because merit!
(Yes, still drunk!)