Gold collapsing. Bitcoin UP.

albin

Active Member
Nov 8, 2015
931
4,008
Can we just do segwit + 2 mb hardfork with tx + witness <= 2MB and correct merkle root in the header already?

We need don't an O(n^2) verification fix at all if the Classic roadmap happens with parallel block validation. Validation attack blocks just become another kind of orphan risk for the block maker.

There's enough incentive anyway to use segwit transactions to avoid being malleated for a DDoS attack anyway without an arbitrary discount, and this way the new opcode would truly be opt-in, which nobody really could have a problem with.
 
Last edited:

Roger_Murdock

Active Member
Dec 17, 2015
223
1,453
(Borrowing here heavily from some old reddit comments of mine to share some thoughts that I thought you guys might appreciate.)

One of the points I often make is that understanding money's nature as a kind of "societal IOU" or accounting ledger for keeping track of value given but not yet received is crucial if you want to understand Bitcoin. To quote Frédéric Bastiat:

You have a crown. What does it imply in your hands? It is, as it were, the witness and proof that you have, at some time or other, performed some labour, which, instead of profiting by it, you have bestowed upon society in the person of your client. This crown testifies that you have performed a service for society, and, moreover, it shows the value of it. It bears witness, besides, that you have not yet obtained from society a real equivalent service, to which you have a right. To place you in a condition to exercise this right, at the time and in the manner you please, society, by means of your client, has given you an acknowledgment, a title, a privilege from the republic, a counter, a crown in fact, which only differs from executive titles by bearing its value in itself; and if you are able to read with your mind’s eye the inscriptions stamped upon it you will distinctly decipher these words:

“Pay the bearer a service equivalent to what he has rendered to society, the value received being shown, proved, and measured by that which is represented by me.”
The problem with fiat money is that when you arbitrarily conjure new units into existence, those new monetary units carry the same message: "I have given value for which I have yet to receive a real satisfaction." But now that message is a lie. Or in other words, money is memory, but the problem with fiat is that it allows for the creation of false memories. And those false memories will, over time, cause the real memories to fade (i.e. erode the purchasing power of savings through inflation). Or, more concisely, "money is memory, and inflation is early-onset dementia."

Another important point about the idea of money as an "IOU" is that, while all money can be analogized to a kind of societal debt (and that's true whether you're talking about dollars, or Bitcoin, or gold), fiat is literally debt. Note, for starters, that the dollar used to be backed by and redeemable for gold; it was an IOU for another IOU. But then the U.S. government defaulted on its gold obligations. So now the dollar is a defaulted-on IOU for another IOU. But it's worse than that. Because the majority of "dollars" in today's fractional-reserve system are really just IOUs for units of the base money supply. And because banks "borrow short and lend long," they're always technically insolvent. So, in summary, the modern dollar is an IOU from a structurally insolvent organization ... for a defaulted-on IOU ... for another IOU. "Yo dawg, I heard you like IOUs..."


Another point is that there's always going to be a balance between non-trust-based (commodity) money and trust-based (debt-based / IOU) money. In the context of Bitcoin, that means that there will always be a balance between on-chain payments and off-chain payments. But I think one of the things that makes Bitcoin exciting is its potential to shift this balance very much back towards non-trust-based money. Traditional non-trust-based money (i.e. physical commodities) are difficult and expensive to transact with, particularly across distance. Commodity IOUs (or fiat IOUs) are easier. The downside of using IOUs as money is that that they're less fungible (the identity of the issuer matters) and they're riskier (which would tend to make them less "acceptable"). Governments have been able to offset both of those disadvantages by creating central banks and giving them a monopoly on the power of money creation. FRN's are extremely fungible. And because of implicit and explicit government guarantees, no one worries about the solvency of the bank where they "deposit" (i.e., lend) their money. But that intervention (like most government interventions) carried a high price tag. The balance we're talking about was artificially and dramatically shifted in favor of trust-based money. But trust-based money is inherently risky, and governments didn't eliminate that risk. To the contrary, they grew it and made it systemic (a fact that's begun to become clear in recent years).

The real problem with the 1-MB block size limit is that it is an artificial constraint that is attempting to skew the natural balance between on-chain (commodity) and off-chain (IOU) payments. (Of course, that's why I'm confident the market will ultimately stop tolerating it.)
 

Zarathustra

Well-Known Member
Aug 28, 2015
1,439
3,797
@Roger_Murdock
"So, in summary, the modern dollar is an IOU from a structurally insolvent organization ... for a defaulted-on IOU ... for another IOU."

Indeed, but not just the modern dollar. According to Krugman Fiat money is backed by men with guns; but that has been true for all kind of money in the history of money. Money is always an IOU from a structurally insolvent organisation (whether they promise metal or grain (shekel) to the soldiers), from the very beginning: church and state, priests and war lords, aka civilization, aka society, aka organized violence. Those organizations always collapse sooner or later (Tainter's law*). Money is an essential attribute of the society (governed humanoids/homo oeconomicus). The absence of money is an essential attribute of the community (homo sapiens).

*Tainter's law: The diminishing return on additional investment in additional complexity/energy/debt.

So spoke Zarathustra (the 3rd and last ;-)

Homo sapiens (happy):



Homo oeconomicus (unhappy):





The reason why metals became money:

 
Last edited:

freetrader

Moderator
Staff member
Dec 16, 2015
2,806
6,088
Can we just do segwit + 2 mb hardfork with tx + witness <= 2MB and correct merkle root in the header already?

We need don't an O(n^2) verification fix at all if the Classic roadmap happens with parallel block validation. Validation attack blocks just become another kind of orphan risk for the block maker.

There's enough incentive anyway to use segwit transactions to avoid being malleated for a DDoS attack anyway without an arbitrary discount, and this way the new opcode would truly be opt-in, which nobody really could have a problem with.
If we could have that it would probably be optimal in terms of the current impasse to strengthen the case for Classic.
But given that TM and O(n) sighash is not the critical problem staring us in the face, I don't see why Classic's case is not strong enough to proceed on the merits of their existing roadmap.
HF to 2MB is ready to go and safe.
Then they can immediately focus on a cleaned up form of SegWit (which is in Q3-Q4 according to the roadmap [1]).

There are a lot of things to get right that take time, even for a cleaned up SegWit. I would feel it's too risky to rush in any changes to the plan just for the sake of appeasing miners. And looking at the full blocks, they should be the first to admit that there isn't time to waste.

Development Priority #1 in Classic is : "Security first and foremost". [2]

[1] https://github.com/bitcoinclassic/documentation/blob/master/roadmap/roadmap2016.md
[2] https://github.com/bitcoinclassic/documentation/blob/master/roadmap/technical2016.md
 

Zangelbert Bingledack

Well-Known Member
Aug 29, 2015
1,485
5,585
@Roger_Murdock

Fractional-Teller Banking means that the old spam attack @cypherdoc used to talk about, where a spammer uses the full-block state to cheaply spam the network, becomes a way to actually steal funds.

If that is true, LN will never be adopted by businesses unless the blocksize cap is much higher than typical transaction volume so as to provide the headroom to protect against a spam-theft attack, with far more headroom being required than is the case for on-chain transactions since the risk there is merely about delays. Thus LN might be a great new technology, but it would be more than completely out the window as a means of enabling Bitcoin to continue with small blocks.

I wonder if Blockstream realizes this, or if they are unwittingly shooting themselves in the foot by promoting LN and will have to pivot back to sidechains. Jeff Garzik was right: the move to full blocks is an Economic Change Event and BS has taken a simplistic and naive view of the nuts-and-bolts economic/game-theoretic practicalities involved in fee market dynamics, then doubled down on them with the "full blocks + LN" sales pitch. It would be delicious if this were Blockstream's downfall.
 
Last edited:

awemany

Well-Known Member
Aug 19, 2015
1,387
5,054
@Zangelbert Bingledack : Yes, it is a new name for what @cypherdoc pointed many times out as a problem, but I really like @Roger_Murdock's 'fractional teller banking' name for describing it.

@Norway, @freetrader: Regarding CSV: When it is an opcode in the script, you could make address A have to wait a certain time (because it is CSVed), whereas address B could access funds right away. They want to use that for LN channels, as per the BIP. But whether we really need that new opcode and complexity now (and support it forever) is questionable.

The other argument for CSV is, to quote from the BIP:
Scriptable relative locktime provides a predictable amount of time to respond in the event a counterparty broadcasts a revoked transaction: Absolute locktime necessitates closing the channel and reopen it when getting close to the timeout, whereas with relative locktime, the clock starts ticking the moment the transactions confirms in a block. It also provides a means to know exactly how long to wait (in number of blocks) before funds can be pulled out of the channel in the event of a noncooperative counterparty.
In other words: The argument for CSV is based in part on always full blocks. As the miners accepted this proposal quite quickly, I'd say it doesn't paint an optimistic case for them switching to Classic or a dynamically adjusted block limit soon ...
 

solex

Moderator
Staff member
Aug 22, 2015
1,558
4,693
@freetrader
[Luke Jr...]
- you see if we limit bitcoin transaction velocity more we could actual suppress the utility and price enough that more people could afford to participate in Bitcoin.
Luke Jr is describing the solution to the problem of how to turn Bitcoin into Dogecoin.

Can we just do segwit + 2 mb hardfork with tx + witness <= 2MB and correct merkle root in the header already?
Remaining consistent with the BU paradigm of letting the community decide on functional changes we need a BUIP for SegWit before a modified version can be included in a formal BU release (edit to clarify, as BU is a patch-set on Core the Developer can include SegWit in the same way Core releases it, but we need a BUIP to alter or omit it). If someone wants to take up the baton and propose such a BUIP then it would help focus our decision-making. It would be nice if it offered variations like (A) use HF unless Core's SF gets close to activation, (B) get rid of the witness data discount. (C) etc...
 
Last edited:

awemany

Well-Known Member
Aug 19, 2015
1,387
5,054
Hey, so pondering about the CSV further:

I really wonder why there wasn't an argument for CSV that showed the necessity of it given that one could instead sign two transactions - corresponding to the different pathways through the script.

Basically, what happens/-ed with CSV now is that you can sign a single complex script now that will pay out for B immediately, but pay out for A only if the locktime is expired.

But a much simpler way to do this would be to sign two transactions, one for A (with nlocktime) and one for B (without nlocktime).

This would save on bandwidth, processing time and storage, by just needing one of these transactions to be broadcast.

This is also - AFAIR, the way how 'ordinary' micropayment channels have been implemented in Bitcoin in the past.

In other words: We know that Bitcoin script is not Turing complete, as it is basically just an expression tree that evaluates to true or false. However, that means that all the different paths through the code can be easily enumerated, and the 'distributive law' from boolean algebra can be applied to any outer OR clause in the script, to simply split it up into several transactions. The use case of CSV as advertised in the BIP is such an OR clause.

An AND clause would need to be properly integrated in the script, so I wonder: Are there good reasons to have AND-linked CSVs in script?

Now there is one caveat, I am not up to speed right now regarding all ways to sign multiple transactions at once. There might a be no way currently to sign many transactions in an atomic way, meaning either A or B would see the signed transaction from the respective other party first.

However, wouldn't it make sense then, if CSV (or any other opcode, really) is used exclusively in outer OR-clauses, that, instead of inventing a new opcode, a scheme to atomically sign multiple transactions by multiple parties is implemented?

This would keep most of this complexity out of the blockchain and put it back to the clients.
 

freetrader

Moderator
Staff member
Dec 16, 2015
2,806
6,088
@awemany: That BIP section would be quite the hoodwink if used as the basis for arguing predictable settlement times under main-chain blocks-full conditions.

I think Chinese miners have just been told that this is a necessary building block for LN, and a way to make Bitcoin money "smarter", and it will improve things for users (post-dated rental payments etc). At that point they ask "Will we lose any money if we implement this change?", Blockstream/Core says "no" and the miners are happy and schedule it.

Next up building blocks: SegWit. Then, MAST. Somewhere inbetween or after - I'm counting on it - full RBF or equivalent.
 
Last edited:

cypherdoc

Well-Known Member
Aug 26, 2015
5,257
12,994
This is the safest approach given what happened to the DAO. But I would characterize SW as a way to appease kore dev which i don't think is necessary right now if the miners are willing to do the 2MBHF.

If we could have that it would probably be optimal in terms of the current impasse to strengthen the case for Classic.
But given that TM and O(n) sighash is not the critical problem staring us in the face, I don't see why Classic's case is not strong enough to proceed on the merits of their existing roadmap.
HF to 2MB is ready to go and safe.
Then they can immediately focus on a cleaned up form of SegWit (which is in Q3-Q4 according to the roadmap [1]).

There are a lot of things to get right that take time, even for a cleaned up SegWit. I would feel it's too risky to rush in any changes to the plan just for the sake of appeasing miners. And looking at the full blocks, they should be the first to admit that there isn't time to waste.

Development Priority #1 in Classic is : "Security first and foremost". [2]

[1] https://github.com/bitcoinclassic/documentation/blob/master/roadmap/roadmap2016.md
[2] https://github.com/bitcoinclassic/documentation/blob/master/roadmap/technical2016.md
 

Roger_Murdock

Active Member
Dec 17, 2015
223
1,453
Money is always an IOU from a structurally insolvent organisation (whether they promise metal or grain (shekel) to the soldiers), from the very beginning: church and state, priests and war lords, aka civilization, aka society, aka organized violence.
How does that apply to Bitcoin (or any other commodity money)? It seems to me that, as Daniel Krawisz puts it, money is simply a kind of behavior, i.e., "monetary behavior is to trade something for a good whose most valuable use to the one receiving it is to trade it again later."

Money is an essential attribute of the society (governed humanoids/homo oeconomicus). The absence of money is an essential attribute of the community (homo sapiens).
I don't know. It seems to me that the primary alternative to a "monetary economy" is the so-called "gift economy." But a gift economy isn't really all that different in principle from the use of money. With a gift economy, the "ledger" that keeps track of value given but not yet received is informal / fuzzy (and thus prone to error) and various portions of it are stored in the memories of everyone in the community. With Bitcoin, the complete ledger is maintained by the computers of everyone who's part of the network. A system of informal gifts / debts works fine on a small scale and that's typically how economic life within a family is conducted. But it doesn't scale. Related: just saw this great Hayek quote in one of @Zangelbert Bingledack's posts:

Part of our present difficulty is that we must constantly adjust our lives, our thoughts and our emotions, in order to live simultaneously within different kinds of orders according to different rules. If we were to apply the unmodified, uncurbed, rules of the micro-cosmos (i.e., of the small band or troop, or of, say, our families) to the macro-cosmos (our wider civilisation), as our instincts and sentimental yearnings often make us wish to do, we would destroy it. Yet if we were always to apply the rules of the extended order to our more intimate groupings, we would crush them.​

Homo sapiens (happy) ... Homo oeconomicus (unhappy)
I can certainly believe that people in primitive tribal societies might be happier on average than people in modern societies. Humans lived under the former conditions for tens of thousands of years whereas "modern society" is comparatively recent. So it wouldn't be surprising if we were, in some respects, still more adapted to the former. But I mean, what do you do with that knowledge? If you want to join an "anarcho-primitivist" community or whatever, I say more power to you.
 

lunar

Well-Known Member
Aug 28, 2015
1,001
4,290
The 10% who really understand it stands out to me.
Yeah i'd say 90% of those 10% were lying. ;-) Just look around the bitcoin community. The truth is virtually no one really understands all aspects of bitcoin.


[doublepost=1467814170][/doublepost]in other news .... it's getting MESSY out there.









Look towards Japan, Italian banks, Deutsche Bank and Uk property Funds (dominoes are falling)