ABSTRACT:
A short paper that starts from an established view of trustlessness to prove distributed centralized permissioned tokenized ledgers cannot prove their own consistency, which is a necessary condition for concurrency.
___
Various attempts have been made in recent years to state necessary and sufficient conditions for someone’s trusting a given transaction. The attempts have often been such that they can be stated in a form similar to the following:
(a) S trusts that P IFF
i. P is a valid transaction,
ii. S agrees that P, and
iii. S is settled in agreeing that P.
For example:
(b) S trusts that P IFF
i. S accepts P,
ii. S holds for P,
iii. P is a valid transaction.
Also necessary and sufficient conditions for trustlessness as follows:
(c) S trusts that P IFF
i. P is a valid transaction,
ii. S is sure P is a valid transaction
iii. S has a model for P.
I shall argue that (a) is false in that the conditions stated therein do not constitute a sufficient condition for the truth of the notion that S trusts that P. The same argument will show that (b) and (c) fail if ‘holds for’ or ‘has a model for’ ('model', 'ledger', etc.) is substituted for ‘is settled in agreeing that’ throughout.
I shall begin by noting three points. First, in that sense of “terminating” in which S’s being settled in agreeing P is a necessary condition of S’s trusting that P, it is possible for a person to be settled in agreeing to a transaction that is in fact invalid. Secondly, for any transaction P, if S is settled in agreeing P, and P entails Q, and S deduces Q from P and agrees Q as a result of this deduction, then S is settled in agreeing Q. Finally, we attach a negligible amount of metadata as proposition that describes the transaction itself, on the assumption that transaction identity rules satisfy people identity requirements. Keeping these three points in mind, I shall now present a case in which the conditions stated in (a) are true for some transaction, though it is at the same time false that the person in question trusts that transaction.
This data is signed by public keys which are participants in a ring such that trusting the signed data does not reveal the participant’s unique key. We imagine transactions, generally, are predictions (costly propositions about the world).
Case I
Suppose that Pim and Godot have placed a bid for the same item. And suppose that Pim has strong evidence for the following conjunctive transaction (with metadata):
(d) Godot is the man who will get the item, and Godot has ten
coins in his pocket.
A caveat is that: All processes that decide choose the same value[0]. Pim and Godot decide on (d), and therefore (e).
Pim’s settlement (he sells) for (d) might be that the president of the company assured him that Godot would in the end be selected, and that he, Pim, had counted the coins in Godot’s pocket ten minutes ago. Transaction (d) entails:
(e) The man who will get the item has ten coins in his pocket.
Let us suppose that Pim sees the entailment from (d) to (e), and accepts
that (e) on the grounds of (d), for which he has strong evidence. In this case, Pim is clearly settled in agreeing that (e) is valid.
But imagine, further, that unknown to Pim, he himself, not Godot, will get the item. And, also, unknown to Pim, he himself has ten coins in his pocket. Transaction (e) is then valid, though transaction (d), from which Pim inferred (e), is invalid. In our example, then, all of the following are true: (i) (e) is valid, (ii) Pim agrees that (e) is valid, and (iii) Pim is settled in agreeing that (e) is valid. But it is equally clear that Pim does not trust that (e) is valid; for (e) is valid in virtue of the number of coins in Pim’s pocket, while Pim does not trust how many coins are in Pim’s pocket, and bases his agreement in (e) on a count of the coins in Godot’s pocket, whom he falsely agrees to be the man who will get the item.
This example shows that definition (a) does not state a sufficient condition
for someone’s trusting a given transaction. The same cases, with appropriate changes, will suffice to show that neither definition (b) nor definition (c)
do so either.
Found originally at https://medium.com/@filesofnerds/is-trustlessness-terminating-valid-agreement-aab4012628ef#.wn62uwo55
—
[0]: http://www.distcomp.ethz.ch/lectures/ws0304/seminar/papers/randomized_consensus_survey.pdf
A short paper that starts from an established view of trustlessness to prove distributed centralized permissioned tokenized ledgers cannot prove their own consistency, which is a necessary condition for concurrency.
___
Various attempts have been made in recent years to state necessary and sufficient conditions for someone’s trusting a given transaction. The attempts have often been such that they can be stated in a form similar to the following:
(a) S trusts that P IFF
i. P is a valid transaction,
ii. S agrees that P, and
iii. S is settled in agreeing that P.
For example:
(b) S trusts that P IFF
i. S accepts P,
ii. S holds for P,
iii. P is a valid transaction.
Also necessary and sufficient conditions for trustlessness as follows:
(c) S trusts that P IFF
i. P is a valid transaction,
ii. S is sure P is a valid transaction
iii. S has a model for P.
I shall argue that (a) is false in that the conditions stated therein do not constitute a sufficient condition for the truth of the notion that S trusts that P. The same argument will show that (b) and (c) fail if ‘holds for’ or ‘has a model for’ ('model', 'ledger', etc.) is substituted for ‘is settled in agreeing that’ throughout.
I shall begin by noting three points. First, in that sense of “terminating” in which S’s being settled in agreeing P is a necessary condition of S’s trusting that P, it is possible for a person to be settled in agreeing to a transaction that is in fact invalid. Secondly, for any transaction P, if S is settled in agreeing P, and P entails Q, and S deduces Q from P and agrees Q as a result of this deduction, then S is settled in agreeing Q. Finally, we attach a negligible amount of metadata as proposition that describes the transaction itself, on the assumption that transaction identity rules satisfy people identity requirements. Keeping these three points in mind, I shall now present a case in which the conditions stated in (a) are true for some transaction, though it is at the same time false that the person in question trusts that transaction.
This data is signed by public keys which are participants in a ring such that trusting the signed data does not reveal the participant’s unique key. We imagine transactions, generally, are predictions (costly propositions about the world).
Case I
Suppose that Pim and Godot have placed a bid for the same item. And suppose that Pim has strong evidence for the following conjunctive transaction (with metadata):
(d) Godot is the man who will get the item, and Godot has ten
coins in his pocket.
A caveat is that: All processes that decide choose the same value[0]. Pim and Godot decide on (d), and therefore (e).
Pim’s settlement (he sells) for (d) might be that the president of the company assured him that Godot would in the end be selected, and that he, Pim, had counted the coins in Godot’s pocket ten minutes ago. Transaction (d) entails:
(e) The man who will get the item has ten coins in his pocket.
Let us suppose that Pim sees the entailment from (d) to (e), and accepts
that (e) on the grounds of (d), for which he has strong evidence. In this case, Pim is clearly settled in agreeing that (e) is valid.
But imagine, further, that unknown to Pim, he himself, not Godot, will get the item. And, also, unknown to Pim, he himself has ten coins in his pocket. Transaction (e) is then valid, though transaction (d), from which Pim inferred (e), is invalid. In our example, then, all of the following are true: (i) (e) is valid, (ii) Pim agrees that (e) is valid, and (iii) Pim is settled in agreeing that (e) is valid. But it is equally clear that Pim does not trust that (e) is valid; for (e) is valid in virtue of the number of coins in Pim’s pocket, while Pim does not trust how many coins are in Pim’s pocket, and bases his agreement in (e) on a count of the coins in Godot’s pocket, whom he falsely agrees to be the man who will get the item.
This example shows that definition (a) does not state a sufficient condition
for someone’s trusting a given transaction. The same cases, with appropriate changes, will suffice to show that neither definition (b) nor definition (c)
do so either.
Found originally at https://medium.com/@filesofnerds/is-trustlessness-terminating-valid-agreement-aab4012628ef#.wn62uwo55
—
[0]: http://www.distcomp.ethz.ch/lectures/ws0304/seminar/papers/randomized_consensus_survey.pdf
Last edited:
