[Cryptography] On the 'regulation proof' aspect of Bitcoin
Ray Dillinger
bear at sonic.net
Tue Mar 29 23:08:22 EDT 2016
On 03/29/2016 01:11 PM, John Levine wrote:
>> So why doesn't the Fed do this?
>
> It's still nowhere near worth the effort because bitcoin remains an
> utterly trivial financial instrument. Yesterday, the total volume of
> bitcoin transactions was 5674 btc worth about $2.3 million. By
> comparison, the foreign exchange market in real currencties trades
> that much every 37 milliseconds.
.....
> Besides, bitcoin will implode from the sheer social incompetence of
> the bitcoin community. Who'd have expected they'd be so wedged they
> couldn't agree how to make a mechanical change to increase the
> transaction rate?
That was pretty much when I decided it was doomed. The
Nakamoto Consensus protocol, as implemented, requires
propagating all transactions in a public transaction
register to every node.
Nobody except mass-surveillance snoops has the bandwidth
to receive nor the space to record that much data, if
the system starts getting any real traction.
The block size limit is, strictly speaking, optional to
the protocol. But removing it first opens the system to
a DoS attack and second results in a system that, if it
does catch on, does not scale.
I've seen several technically feasible propositions to
address it. Just removing the block size limit is the
first, but it's a non-starter in terms of scalability.
The next option would be leaving the micro-transactions
to be settled offchain by money exchangers and use the
block chain for a settling mechanism handling inter-dealer
transfers. But that breaks the basic design of bitcoin
as a trustless system, as many users discovered to their
detriment after treating empty-gox as a trusted party.
A third option is to drop the transaction records from
the block chain. You are left with a block chain that
contains the merkle root of a tree of unspent tx outputs,
and a different merkle root of all transactions in the
block. This way when someone wants to do a transaction
they can produce a transaction record and a merkle branch
to prove that transaction record is part of the block
chain, and a txOut with another merkle branch to prove
it's among the unspent tx outputs. The problem with fixing
it so people can check to make sure the blocks are valid.
Either you don't get the ability for ordinary people to
check that a block is valid, or you get no real savings
in bandwidth because whether in the block or not the tx
still have to be propagated to every node interested in
checking blocks.
The fourth option is "side chains" where you have numerous
block chains operating at once and settling-mechanism
tx can move coins from one block chain to another. The
problem here arises when you ask whether someone can
really deal with general transactions and customers if
they are downloading and verifying absolutely anything
other than ALL of the block chains. Which brings you
right back to the original bandwidth/data size problem.
A fifth option is to have the blocks themselves distributed
rather like files during a bittorrent download, rather than
sent to and replicated at every node. You get a fraction
of the blocks and "spot check" that fraction for validity.
And when you need a specific block, you can get it from
somebody eventually. But getting it from somebody
eventually does not satisfy realtime transaction
requirements.
People have kicked it around for a while. Lots of ideas.
Most of them won't freakin' work. The few that will
leave the bitcoin network slower, more expensive, and LESS
private than just using Visa. Anybody got other ideas?
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160329/556889a3/attachment.sig>
More information about the cryptography
mailing list