Gold collapsing. Bitcoin UP.

Justus Ranvier

Active Member
Aug 28, 2015
875
3,746
@cypherdoc He's heard that argument before, just like we've all heard the arguments about why Bitcoin is safer if it remains small.

It's a multi-year disagreement going back almost to the beginning of Bitcoin and it's not going to be settled by convincing people to change their positions.

We're only going to see which side is right via an experiment we only get to run once.
 

kyuupichan

Member
Oct 3, 2015
95
348
Looks like Satoshi is following these steps:
https://docs.google.com/document/d/1IwUiLlARSzf0L-nNI7gR-hHVHW_y6YM0OsiEweHBa6M/preview
[doublepost=1462296394][/doublepost]Whish I was at the NY Consensus convention. Must be quite an atmosphere there!
Surprises me how many slips / oversights people supposedly knowledgeable about bitcoin make. They write

"Although it is not possible to spend bitcoins associated with the genesis address, it would be possible for Satoshi to reveal the public key that hashes to the genesis address. Therefore, revealing the public key of the genesis address, and then signing a transaction with the corresponding private key would be good evidence that one is Satoshi."

They should know that the public key is in the coinbase for all early coinbases. And they should know that although the coinbase can't be spent, the hundreds of shrapnel transactions sent to the same address can be.
 

go1111111

Active Member
Your idea (2) is extremely unlikely imho and would be very much out of Gavins usual character.
I agree my scenario #2 is much more unlikely than the first, but I think it's more likely than Wright being the one who communicated under the Satoshi name. The flaws that Peter_R points out in Wright's posts are more apparent the more technical you are. Reading Wright's blog and thinking he's Satoshi is like listening to a speaker who has taken one semester of Spanish and is trying to convince you they're a native speaker.

The main thing about #2 that makes me think it could be true is that it explain's Gavin's bizarre recent behavior. (I agree with whoever it was that said Gavin probably didn't give Wright the keys, even if he's helping Wright by lending his credibility).
 
  • Like
Reactions: freetrader

cypherdoc

Well-Known Member
Aug 26, 2015
5,257
12,995
Wouldn't the relay network provide the same effect?

I thought about the relay network when I wrote that. As fast as you could listen for a new block announcement would be as fast as a new public block can propagate. You'll always be behind.
 
  • Like
Reactions: bluemoon

Peter R

Well-Known Member
Aug 28, 2015
1,398
5,595
@cypherdoc:

Neither do I believe that selfish mining is a serious threat. The point I'm trying to make is that given Eyal and Sirer's assumptions, the paper is mathematically correct. You can argue that their assumptions are not realistic (what you appear to be doing), or you can show that they made an error in their analysis (I don't believe they have). Craig Wright did neither.

i've never liked Sirer's SM paper. for instance, i think this is an entirely incorrect assumption on his part which totally destroys his math, p.6:

In the first scenario where the honest nodes succeed in finding a block on the public branch, nullifying the selfish pool’s lead, the pool immediately publishes its private branch (of length 1). This yields a toss-up where either branch may win.

by the time the selfish miner finds out about a new block on the public chain, he's already lost. the public block will have propagated across much of the network making it impossible for the selfish miner to create a 50:50 situation by trying to immediately release it's private block. IOW, he loses the block he's held back and the revenue from it, which is an opportunity cost.
This is what I originally thought until I read the paper in more detail. They do NOT actually assume that the race has 50:50 odds. They solve the problem for all odds between 0:100 and 100:0. This is the γ coefficient in their paper. With γ=1 (the selfish miner wins all races), the selfish mining attack is profitable regardless of the miner's hash power. With γ=0 (the selfish miner loses all races), the selfish mining attack is still profitable but only if the miner's hash power is greater than 33.3% of the network total. This is summarized in Eyal and Sirer's Fig. 2:



more importantly, miners don't want to destroy confidence in the system which would cause the price to tank.
Yes, I completely agree. The attack only becomes profitable after the difficulty re-adjusts and long after the world has realized that the attack is taking place. I don't think miners would take this risk.

i confronted Sirer about this at the Hasher's United Conference a couple of years ago, not only in the Q&A but also afterwards face to face. he didn't like me then b/c i publicly disagreed with him despite him trying to appeal to authority. he also hasn't liked me since as i have continued to disagree with his work publicly and privately. but i did get him to admit face to face in front of a small group that SM'ing is a huge risk and would be dependent on having full nodes widely scattered across the network that can "listen" for a new public block.
My take on Sirer is that when he first got into Bitcoin, he wasn't taking it that seriously. He came across to us as a total dick after publishing his selfish mining paper (he tweeted that Bitcoin was fatally flawed and that everyone should sell their coins...IMO bad behaviour for a CS professor). Since then, I think he's realized both that Bitcoin is a goldmine for future research and that our community is full of serious researchers and developers who he now respects. I think you two might actually get along if you had met under different circumstances.

not only that, Sirer then goes on to assume even more disastrous behavior from selfish miners;

The selfish miners unanimously adopt and extend the previously private branch, while the honest miners will choose to mine on either branch, depending on the propagation of the notifications.

why would they do that, in effect, doubling down on a losing strategy which will cost them even yet another block on wasted hashing time? answer is, they wouldn't. history has born me out.
I agree again. The Eyal and Sirer model is very simple and doesn't take into account the complexity of human behaviour. But as an academic paper, their work is still correct (given their assumptions) and valueable (given the research and thought they've inspired).
 

albin

Active Member
Nov 8, 2015
931
4,008
I think what taints the selfish mining paper just in the gut for alot of people is that Sirer hopped on Twitter in the fall of 2013 advising everybody to sell their Bitcoins because they had discovered a fatal flaw, and this tragically was right before the run-up that produced the last ATH.
 

kyuupichan

Member
Oct 3, 2015
95
348
The curious thing about the current CW affair is that all the doubters are, to quote Justus, running round like headless chickens and creating a disproportionately emotional noise about it, not to mention the shameful attacks on Gavin and his competence. Meanwhile the 4 or 5 saying it's real have just made simple statements and seem happy to let things play out.

More than anything else this is what is making me take things more seriously than I otherwise would (plus the fact that Gavin is convinced).
 

albin

Active Member
Nov 8, 2015
931
4,008
The Maxwell grandstanding performance in the AMA thread is truly exquisite, right out the gate he concedes that this won't be a problem for Bitcoin, but then insists on taking it upon himself to browbeat the guy into oblivion. Now it's no longer about the substance, but a witchhunt about who said what when and what they meant when they said what and why they're very naughty. Very classic gmax right there.
 

freetrader

Moderator
Staff member
Dec 16, 2015
2,806
6,088

bluemoon

Active Member
Jan 15, 2016
215
966
@freetrader

There are so many CW related docs and references on the internet it makes my head swim.

This mashable article [1] references quite a few, including a pdf version of the ATO meeting [2].

These minutes seem strong circumstantial evidence linking CW to Satoshi. If they are genuine, why would CW falsely claim possession of 1.1 million bitcoins to the ATO? If they are fake, they reference so many people and entities they are sure to be exposed (and yet I'm not aware they have been).

[1] http://mashable.com/2015/12/10/bitcoin-satoshi-nakamoto-craig-wright/
[2] https://assets.documentcloud.org/documents/2644013/20140226-Meeting-Minutes-Redacted.pdf
 

YarkoL

Active Member
Dec 18, 2015
176
258
Tuusula
yarkol.github.io
I was not aware until today that Ian Grigg has publicly endorsed Wright's claims unequivocally. I can accept that both Gavin and Matonis could be fooled by an extremely brash con-man, but Grigg, an eminently respectable cryptographer who has worked for decades with e-money? So for the first time I'm willing to entertain the hypothesis that Wright is more than an internet clown.

Y'all probably knew this but here it is again
http://financialcryptography.com/mt/archives/001593.html

Just mind-blowing stuff if true. And it might be a start of explaining Wright's ostensibly bizarre behaviour - for some reason he wants to both present himself as Satoshi, and at the same time give enough reasons to debunk the very same claim.

This is all too much to me. Excuse me, I'll go play with my computer now.
 

Norway

Well-Known Member
Sep 29, 2015
2,424
6,410
Going to visit my sister now. I hope we have an update from Satoshi when I come back in a few hours. I wonder what it may be this time.
 

Fatman3002

Active Member
Sep 5, 2015
189
312
Sry if this has been dealt with earlier in the thread, but do we know what Craig Wright thinks of the block size issue beyond the fact that he's made some pretty impressive tests himself? That something is possible doesn't mean it's the best solution. Has he said anything specific in the last six months?
 
  • Like
Reactions: Norway

freetrader

Moderator
Staff member
Dec 16, 2015
2,806
6,088
Well, he did announce that he was going to publish a paper on his research, and the Bitcoin9000 paper was released at the beginning of March. I think it was him (or the group behind Satoshi), although no-one has provided actual evidence of this.

The paper is firmly on the "Bitcoin-can-scale" side, so if it was due to that group, it would be a strong confirmation of their recent views.
 

albin

Active Member
Nov 8, 2015
931
4,008
Sry if this has been dealt with earlier in the thread, but do we know what Craig Wright thinks of the block size issue beyond the fact that he's made some pretty impressive tests himself? That something is possible doesn't mean it's the best solution. Has he said anything specific in the last six months?
In the Economist article they attribute this statement to him --

Mr Wright says that if he could reinvent bitcoin, he would program in a steady increase of the block size.