[Cryptography] Our leader opines on cryptocurrencies
jamesd at echeque.com
jamesd at echeque.com
Tue Jul 23 20:00:23 EDT 2019
On 2019-07-22 5:35 am, james hughes via cryptography wrote:
>
>
>> On Jul 20, 2019, at 8:32 PM, jamesd at echeque.com
>> <mailto:jamesd at echeque.com> wrote:
>>
>> Assume the processing is shardable with mutually trusting shards that
>> do not suffer byzantine failure.
>
> If there is mutual trust -and- the entire chain is not being shared
> outside the trust circle,'
You are describing a system wildly different from that which I thought I
had described.
Since I was unclear, will repeat in different words.
The objective is to implement the blockchain in a way that scales to one
hundred thousand transactions per second, so that it can replace the
dollar, while being less centralized than bitcoin currently is, though
not as decentralized as purists would like, and preserving privacy
better than bitcoin now does, though not as well as Monaro does. It is
a bitcoin with minor fixes to privacy and centralization, major fixes to
client host trust, and major fixes to scaling.
The problem of bitcoin clients getting scammed by bitcoin peers will be
fixed through merkle patricia, which is a a well known and already
widely deployed fix - though people keep getting scammed due to lack of
a planned bitcoin client-host architecture. Bitcoin was never designed
to be client host, but it just tends to happen, usually in a way that
quite unnecessarily violates privacy, client control, and client safety.
Monaro's brilliant and ingenious cryptography makes scaling harder, and
all mining based blockchains tend to the same centralization problem as
afflicts bitcoin. Getting decisions quickly about a big pile of data
necessarily involves a fair bit of centralization, but the paxos proof
of stake protocol means the center can move at the speed of light in
fiber, and from time to time, will do so, sometimes to locations unknown
and not easy to find. We cannot avoid having a center, but we can make
the center ephemeral, and we can make it so that not everyone, or even
all peers, know the network address of the processes holding the secrets
that signed the most recent block.
Scaling accomplished by a client host hierarchy, where each host has
many clients, and each host is a blockchain peer.
A hundred or so big peers, who do not trust each other, each manage a
copy of the blockchain.
The latest block is signed by peers representing a majority of the
stake, which is likely to be considerably less than a hundred or so peers.
Peer stake is delegated from clients - probably a small minority of big
clients - not all clients will delegate. Delegation makes privacy more
complicated and leakier. Delegations will be infrequent - you can
delegate the stake held by an offline cold wallet, whose secret lives in
pencil on paper in a cardboard file in a safe, but a peer to which the
stake was delegated has to have its secret on line.
Each peer's copy of the blockchain is managed, within a rack on the
premises of a peer, by a hundred or so shards. The shards trust each
other, but that trust does not extend outside the rack, which is
probably in a room with a lock on the door in premises with security
cameras running.
Yes, any one peer would be exactly like a central bank issuing fiat
money, if that peer had the majority of stake delegated to it, and if
clients could not delegate stake to a different peer.
Most people transacting on the blockchain are clients of a peer. The
blockchain is in the form of a sharded merkle patricia tree, hence the
clients do not have to trust their host - they can verify any small fact
about the blockchain in that they can verify that peers reflecting a
majority of stake assert that so and so is true, and each client can
verify that the peers have not rewritten the past.
Scale is achieved through the client peer hierarchy, and, within each
peer, by sharding the blockchain.
Clients verify those transactions that concern them, but cannot verify
that all transactions are valid, because the blockchain is too big.
Each peer verifies the entire blockchain from beginning to end. If the
blockchain replaces the US dollar as the world currency, then it will
rapidly become far too large for any one computer to verify the whole
thing, so will have to be verified by a group of mutually trusting and
trusted shards, but each such group of shards is a peer. The shards
trust shards of the same peer, which are likely running on the same rack
in the same locked room under the gaze of the same security camera, but
they don't trust shards of some other peer.
In each transaction, each client verifies that the other client is
seeing the same history and recent state of the blockchain, and in this
sense, the blockchain is a consensus of all clients, albeit that
consensus is mediated through a small number of large entities that have
a lot of power.
The architecture of power is rather like a corporation, with stake as
shares. In a corporation CEO can do anything, except the board can fire
him and choose a new CEO at any time. The shareholders could in theory
fire the board at any time, but in practice, if less than happy with the
board, have to act by transacting through a small number of big
shareholders. Centralization is inevitable, but in practice, by and
large corporations do an adequate job of pursuing shareholder interests,
and when they fail to do so, as with woke capital, Star Wars, or the
great minority mortgage meltdown, it is usually due to substantial part
heavy handed state intervention. Google's board is mighty woke, but in
the Damore affair, human resources decided that they were not woke
enough, and in the Soy wars debacle, the board was not woke at all but
gave power over Star Wars brand name to women who threatened them with
#metoo. And if this form of distributed power does not always work all
that well, it fails less badly than anything else we have tried.
Delegated power representing assets, rather than people, results in
centralized power that, by and large, mostly, pursues the interests of
those assets. Delegated power representing people, not so much.
In bitcoin, power is in the hands of a very small number of very large
miners. This is a problem, both in concentration of power, which seems
difficult to avoid if making decisions rapidly about very large amounts
of data, and in that miner interests differ from stakeholder interests.
Miners consume very large amounts of power, so have fixed locations
vulnerable to state power. They have generally relocated to places
outside the US hegemony, into the Chinese or Russian hegemonies, or the
periphery of those hegemonies, but this is not a whole lot of security.
Proof of stake has the advantage that stake is ultimately knowledge of
secret keys, and while the state could find the peers representing a
majority of stake, they are more mobile than miners, and the state
cannot easily find the clients that have delegated stake to one peer,
and could easily delegate it to a different peer, the underlying secret
likely being offline on pencil and paper in someone's safe, and hard to
figure out whose safe.
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the cryptography
mailing list