[Cryptography] What has Bitcoin achieved?

[ianG]

On 3/06/2014 17:55 pm, Bear wrote:
[snip, not with disagreement]
> Bitcoin, unlike most other fintech offerings, is financial 
> technology that can exist independently of that regulatory 
> structure.  You don't need anyone's permission to start using 
> Bitcoin, and nobody else has to get regulatory approval to open 
> a bank or become a credit card issuer etc before you can.  
> Entire legions of rent-seekers and fee-eaters are cut from the 
> process by using cryptographic/mathematical/physics-based 
> rather than institutional/legal/trust-based security. 


I just spent a lunchtime hearing about the new LEIs or legal entity
identifiers that are being standardised.  They are nationally based, you
have to apply and maintain a sort of D&B History, and you can then mark
your documents with new LEIs which allow anyone to look up the pedigree.

In contrast, in my work, we just hash the document.  The document has to
establish its own pedigree.  If you haven't got the document, why not?
Once you've got the document, you can know that the tx relates to it.

OK, it takes a bit of thought to wrap ones head around the idea of
anti-permissive crypto-computer-science.  But once you do, the effect is
liberating.  Meanwhile, the fintech industry is embarking on yet another
global push to build a standard which will consume thousands of
man-years to just interface.

So what do we do?  I say, let them go ahead.  Do the TCP/IP thing, and
build a better system for us, those who want to work with better
systems.  Let them do their ISO7 thing.

People who are trying to push Bitcoin into banks, etc may just be
wasting everyone's time.


> And if the failure of financial institutions to take up new 
> technology has been driving bitcoin's adoption, the major factor
> holding it back has been the appalling failure of institutional 
> security wherever people dealing in bitcoins have been allowed 
> or required to do so in ways that do not take advantage of 
> the cryptographic security features of bitcoin. 


I'd say the major thing holding it back is the huge costs they have
imposed on themselves in order to create a legacy industry that knocks
out new entrants.


> The major pain points have all occurred at the interfaces, 
> such as brokerages and exchanges, where mathematical security 
> and institutional security ought to be working together and 
> are not.  What this says to me is that the more business we 
> can find a way to do cryptographically, without ever touching 
> those interfaces, the better off we will be.  


Right.

> On Mon, 2014-06-02 at 18:10 +0100, ianG wrote:
> 
>> 2.  We can definitely achieve the same *tech result* without the waste.
>>  I've been doing it all along, and so have a few others here (James for
>> one).  But again, notice how the waste was cunningly turned into rewards
>> that are paid by new adoptors (see 1).  This is a neat trick.  I always
>> valued clear and honest transactions;  I never would have credited the
>> mining rewards and bubble mechanics as a credible proposal;  but the
>> market speaks.  FWIW, new designs are tending towards "proof of stake"
>> because there is begrudging recognition of the waste, but only Ripple
>> has really reduced it down to the levels that we technologists would say
>> are reasonable.
> 
> How do you achieve the tech result, where the threat model 
> includes Eve, Sybil, and Trent working together?  Heck, I'll 
> give you a freebie and say we don't need to worry about Eve 
> because we're not going to get financial privacy anyway.  But 
> you still have to deal with Sybil and Trent.  If you can deal 
> with Eve too, that's pure win.  


Right, it is all in your compromises.  Bitcoin disposed of Eve as a
threat model in order to deal with Sybil and Trent.  Maybe there's a
sort of ZT here in that any one system can deal with only two of Eve,
Sybil and Trent, pick your poisonous bedfellow.

My work specifically deals with having Trent as the compromise.  Seen
from the Bitcoin perspective, issuances in my world are 'limited'
because they are intermediated ('accounted') through a server.  As a
partial nod, the number of issuances is unlimited, so the number of
servers are unlimited.  This is decidedly unwasteful.

Now, there is another hidden assumption which I must surface:  there is
an issuer.  In Bitcoin, there is no 'issuer' of record, nobody who
stands behind a contract.  This means that all Bitcoin value (and
copies) is limited to supply & demand games;  this is the "copy the gold
idea" trick.  It was pulled off once or thrice, but it isn't a trick you
can copy more than a few times.

For most of finance, we want actual people and actual promises standing
behind the issue.  Sure, for cash, we might not (or we can handwave
around gold or fiat or BTC).  But for anything else, it has a semantic
component that must be documented, a contract.  And a reputation.

So, once you've got the reputation, you've also got the Trent.  It might
be that you can handwave around the accounting, but if I capture your
Trent then your contract is unmeetable, barring a rewrite of millenia of
jurisprudence.



(How to take BTC and the Trent-free context and turn that into
waste-free zone is a topic of much discussion.  I think I know how to do
it, but need to be sure.  This is alchemy, the experiments can blow up.)


> All the good solutions to byzantine-generals I've seen 
> require communication that scales with the square of the 
> number of participants.  I've been trying to think of a way
> to leverage that into something practical using overlapping 
> cells, but I haven't found one yet.


Right, in my context, I use overlapping cells as well.  Note also that
once you have a cell, the possibility of local Trents is more plausible.



iang