[Cryptography] On the 'regulation proof' aspect of Bitcoin

Thu Mar 31 17:19:08 EDT 2016

Den 31 mars 2016 9:07 em skrev "Phillip Hallam-Baker" <phill at hallambaker.com
>:
>
> On Thu, Mar 31, 2016 at 11:10 AM, Alfie John <alfie at alfie.wtf> wrote:
> > On Thu, Mar 31, 2016 at 10:19:11AM -0400, Phillip Hallam-Baker wrote:
> >> > Without mining, what you're talking about is simple data
replication. You might
> >> > want to have a look at the the BitTorrent protocol, or even rsync.
> >>
> >> Well the Merkle chain is remarkably resilient by itself.
> >>
> >> Consider a situation in which we have ten independent notaries
> >> maintaining separate public chains. Every day they take the output
> >> from every other chain and enroll it as an input. Any attempt at
> >> rollback now requires every notary to collude and even then the
> >> defection will be obvious to anyone keeping notes.
> >
> > So how do you choose your notaries, and how does someone wanting to
join the
> > network become a notary themselves?
>
> That is the great thing. It really doesn't matter. All a notary needs
> to do is to establish an agreement with at least one other notary to
> enroll their data and to furnish customers with a proof chain to that
> notary. Once those have happened, the transaction is fixed.

> In practice, I would expect some sort of consortium to emerge that
> creates a single, dependable chain that essentially becomes the
> network standard.

> For financial transactions there are a number of different time points
> of interest:
>
> 1) When is the transaction initiated?
> 2) At what point does the transaction become immutable?
> 3) At what point does the immutability of the transaction become public?

Here's a few of the properties of collaboratively generated chained PoW:

* It is an algorithmic proof of spent scarce resources. Cryptographic proof
of work is the only such known method that exists that can with near total
certainty be used to confirm remotely with no knowledge of anything but the
PoW output itself that scarce resources were spent once,  and thus can't be
spent again (for free). Those transistor cycles and that energy (enthalpy?)
has been claimed and doesn't come back. This allows for verifiable digital
voting where cheating is impossible - given that you're interested in
knowing what side can generate the most PoW for their cause.

* Given an assumption of a collaborative majority of computational power
(here I'm not calling it "honest", for precision) we can with very high
certainty be sure that the public agreed ruleset will be followed, giving
us a public transparent computing system with an auditable result and
predictable behavior. In Bitcoin, a script controlled mechanism of
generating and assigning scarce tokens was implemented.

What made people care from the beginning was that this enables the creation
of verifiably scarce tokens, without gatekeepers.

Almost every suggested change to Bitcoin lands in a gatekeeper model
(Ripple like systems, like PHB's suggestion) or loses provability (PoS).

If Bitcoin only were banking over Git commits, nobody would care. If it
could be taken down permanently with no possible method of recovery in a 5
minute BGP hack with a few malicious nodes (like many PoS schemes), we
would never even have heard of it.

Models like Ripple means there's always token issuers that need to stay
alive, there's fungibility issues with multiple issuers of the same types
of token due to trust issues (unlike on stock exchanges where most futures
issuers hopefully have gone through auditing), reliable doublespending
protection disappears if the issuer's "native" network goes down (who else
will be the authority for who the new owner is in case of conflict?),
you'll have a much worse regulatory mess, etc...

Who gets to be a token issuer, for what, and who are allowed to connect to
what? Would unfiltered connections even be allowed across borders? Would
only large banks be allowed to process international transactions due to
regulations?

All we would gain is some hacking protection, and lose a lot of future
design flexibility, and on top of that we'd create a network effect around
a protocol that would be nearly impossible to upgrade (worse than the
current case with Bitcoin, because you'd have *multiple countries'
governments* and their trade agreements involved in the network design!).

In other words, without PoW you can't reliably trade scarce tokens by your
own personal arbitary rules (pay-to-script-hash addresses) anymore.

Then there's just this public computing system where all you really know
about it in advance is what it DOES NOT allow.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160331/98920e5a/attachment.html>