[Cryptography] blockchain and trustworthy computing

ianG iang at iang.org
Mon Oct 5 12:16:23 EDT 2015


On 2/10/2015 05:55 am, Peter Todd wrote:
> On Wed, Sep 30, 2015 at 11:22:10PM -0400, ianG wrote:
>> Thought experiment.
>>
>> The blockchain [0] provides a way to do verifiable computing [1].
>>
>> Popularly under the tag of "smart contracts" these little scripts
>> can be executed on every node, and the ability of the nodes to come
>> together and find consensus on the state or results provides a way
>> to not only compute, but also know that we have verifiably computed.
>>
>> Verifiable computing was a long treasured goal - but proved elusive
>> outside an academically restricted set of assumptions.
>>
>>
>>
>> If we have verifiable computing finally in the blockchain - a thesis
>> - does this mean we now have a trustworthy computing platform?
>
> I really strongly disagree about the direction of what you're talking
> about.


I'm not pushing for a BIP to upturn mainnet, rather I'm thinking about 
the world of private blockchains run for local or specific purposes. 
I.e., the invention of the blockchain, not the one that runs BTC.

Is that still disagreeable?


> I'd define trustworthy computing as being able to trust that a
> computation was done correctly without you checking it yourself. This
> implies that SPV clients are taking advantage of trustworthy computing
> because they trust miners; full nodes are not doing that because they
> verify the blockchain themselves.


Right, something like that.  To extend my (somewhat challenged) analogy 
of the VW problem, a blockchain can be a private permissioned one that 
is running inside the car, on all the distributed brain chips.  EPA is 
one of the signatories that can access, so it dials in and loads up a 
program (e.g., smart contract) and does some computations.

In this sense, the EPA is an SPV client user.  It's relying that the car 
has a proper private blockchain on it, but once past that hurdle, it's 
free to run trustworthy programs on there.

(See other post to Natanael that destroys my argument...)


> In the Bitcoin world I think it's fair to say that most experts are very
> concerned about the high, and increasing, % of users who use SPV clients
> rather than run full nodes. While it's hard to predict exactly when this
> threshold is reached, at some point too few people will be actually
> verifying the blockchain to sufficiently strongly incentivise miners to
> follow the rules. For instance, at some point miners can great bitcoins
> out of thin air to increase their profits.


Yep - big problem with mainnet.  Fundamental problem here is that energy 
enjoys economies of scale.  If all you are doing is converting energy 
into zeroes, then next door to a Chinese powerplant is the best deal 
going.  If anyone's read the novel Accelerando, there are better 
alternatives coming, for now we're stuck with China.

But that's another debate - I'm specifically looking at other 
blockchains, used for private or multiple purposes.

> Instead there has been work done on going the other direction: using
> better math to make verifying the blockchain cheaper and more practical.
> But again, this isn't an example of trustworthy computing! It's standard
> trustless computing, made more efficient by clever math.


What is the difference between trustless computing and trustworthy 
computing?

Have we even defined the terms to wide consensus satisfaction?  I'd be 
surprised if so, we haven't even got a good consensus on trust, how can 
we negate- or -worth something we don't have shared understanding of?



iang



More information about the cryptography mailing list