[Cryptography] How fast can a blockchain go ? like Zilliqa?

[Ray Dillinger]

On 03/08/2018 01:14 PM, Bill Frantz wrote:
> On 3/7/18 at 10:24 AM, johnl at iecc.com (John Levine) wrote:
>>> The under appreciated part of BitCoin is the smart contracts. They
>>> don't do
>>> much in Bitcoin world because it isn't really connected to anything
>>> real.

The particular constraints of contract checking being a sub-operation
of block chain checking drove that decision; if something is not visible
from data in the block chain, then it is not visible for purposes of the
contract.  So you can't have a contract that says, eg, that someone will
build a house, because somebody's computer in Singapore checking the
block chain can't see whether somebody's house in Nairobi was built or not.

Further, the choice to make a trustless system with no privileged nodes
in Bitcoin forced pseudonymity on the users;  The computer has no idea
who in the real world a contract refers to, because there is no trusted
node that can check identities and confirm that, yes, the signatory is
in fact a human being corresponding to this legal identity.  In order to
check ID's, you have to introduce Trusted nodes - ie, you'd have to give
someone the power to cause the system to malfunction by acting in bad
faith the way Certificate Authorities do for the www.

Between those two design choices it really is nearly impossible for
Bitcoin's smart contracts to refer to much of anything except Bitcoins.
You can make different design choices with a different block chain, of
course, to make smart contracts that apply to a much wider variety of
things and even refer to particular people.

One main approach would be enriching the block chain with information
about the things the contracts are about -- for example if you track
legal identity documents, and stock certificates or other financial
instruments, then you can have a block chain with contracts about
particular people trading in stock certificates and other financial
instruments. But you need to get those ID documents onto the chain in
some way, and that means you probably need Trusted nodes such as
Certificate Authorities. Sorry, there's just no getting around it.  If
you want legal ID's, you have to have a Trusted node somewhere.

>> Considering that any program large enough to be interesting is large
>> enough
>> to have bugs, I can hardly wait.

Brevity is the soul of wit in Bitcoin contracts, because space in blocks
is at a premium.  This is also a problem, but it is one of the forces
that keeps the contracts simple.

> Note the Ethereum has built in smart contracts. They had a blockchain
> split a while ago because of a mis-coded contract. I wouldn't bet the
> farm on Ethereum contracts yet. Small contracts are like betting at
> Reno. There is a significant chance of losing, but it may fall within
> your fun budget.

The other force that keeps the contracts in Bitcoin simple is something
that I'm giving Hal Finney credit for.  When reviewing Satoshi
Nakamoto's code, Hal diked several instructions out of the FORTH-ish
language used for Bitcoin's not-excessively-smart contracts for
security's sake, leaving them as just-barely-smart-enough contracts.

The language is simplified by the removal of backward-branching control
instructions, meaning whatever you're going to do you have to do it by
stepping exclusively forward through the contract code.  You can skip
forward over some instructions, like skipping the alternate branch with
an IF, but you can't skip backwards, as with a FOR or a LOOP
instruction, and you can't call subroutines.  This keeps contracts
simple to analyze and keeps bugs easy to spot, but restricts complexity
and expressiveness.

Vitalik Buterin decided that he wanted to run a block chain with a full
Turing-capable contract language, meaning backward branches and
everything left in, plus the ability to refer to other contracts as
subroutines. Ethereum smart contracts are very very expressive, but it's
not always clear what they do,  scammers have been known to present
deliberately misleading contracts and tell bare-faced lies about what
they do, and unbelievable amounts of Ether have been stolen or just
plain destroyed due to bugs in those contracts.

				Bear

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180308/89e7394d/attachment.sig>