[Cryptography] bitcoin is a tour-de-force, time to re-read Eric Hughes cypherpunks manifesto

[Adam Back]

I'm firmly with Matt on this. Most networks are built in layers -
TCP/IP, GSM, etc. and it so happens that decentralised, censorship
resistant ecash is fundamentally hard to scale with current
technology, and hard to do with privacy and cryptographic fungibility.
So Bitcoin gave the world a robust, deployed and survivable electronic
cash and we scale other layers.  Viz Lightning and 2-3 other layer2s
that have been built (lightning for scale, speed and onion privacy,
liquid with a higher spec node tradeoff, confidential transactions and
additional assets that would IMO be out of place on layer1, and there
are several more layer2 ideas that even retain bearer security due to
clever use of smart-contracts) .

The nay saying is boring.  As I said in a previous mail that didn't
make it to the list due to the usual mailing list "subscriber headers
mismatch" nonsense, bitcoin has actually created a renaissance for
applied crypto, particularly for privacy technology.  Most such
technology rarely got implemented, never mind built at production
grade.  Also the bug bounty aspect means that finally some host
security issues are being worked on in ways that can actually work
rather than the continuous subtraction from digitized society of the
host insecurity losing arms race, arising largely from people not
caring enough to build robust defenses,

Bitcoin is a tour-de-force. If anyone can do better, be my guest, in
fact feel free to bounce ideas, but be warned it is extremely
challenging, no one has to date and a lot of very smart people spent a
Bitcoin decade trying.  Bitcoin itself also came out of a previous
decade of failure to find a deployable decentralised ecash design,
after the fall of digicash and other centralised systems.  As close as
it got were Wei Dai's B-money and Nick Szabo's bit-gold, and Hal
Finneys centralised, but verifiable RPOW.  My conclusion after
spending 3 or 4 months looking at design variants around 2013 (written
up by Peter Todd look for "bitcoin entangled design") is that Bitcoin
is a unique design in a narrow global optima of design space,
something surprising, that is only robust in a narrow parameter space
where any moderate changes make it objectively *worse*, more complex,
slower, less decentralised, fail at incentive compatibility, byzantine
security etc.  I think the only building block on the horizon that
fundamentally could improve it is signatures of execution (snarks,
bullet-proofs, starks etc) where you can provide signature of
execution on data not broadcast to everyone.

There is a syndrome in product thinking, where people can write a
flowing soliloquy about what is imperfect, and get agreement, yes
there are known limitations! - it is easy to state known limits, what
is orders of magnitude harder is improving any aspect of it without
making it objectively worse net.  And bitcoin has some bleeding edge
applied crypto and comp sci limits that everyone knows. The action is
in pushing the bleeding edge forward, and bitcoin has it all in terms
of interesting comp-sci problems, and a keen interest of top protocol
engineers to hyper-optimize, fuzz-test and formally verify and deploy
into live use.

I think Bitcoin is basically a new hope for humanity, and am frankly a
little bemused that a number of commenters sound like a bunch of
nocoiner journalists - who don't want bearer ecash to work, or can't
quite adapt their world view to the fact that it does exist and works
robustly.  And on the applied cryptography list that AFAIK Bitcoin was
first announced on no-less, where many have significant applied
cryptography and computer science formal education leg-up vs the
non-technical general public.  This is why I commented elsewhere that
"we are still early" where people who should get the significance are
sitting on the side-lines over a decade later with miss-the-point,
don't-understand-the-differentiated-value, dismissive comments of the
biggest digital innovation probably since the internet itself.

Then again this is not cypherpunks, but cryptography list.  Maybe some
have a more hierarchical mindset, and are not sure they even like
cypherpunk outlook.  Anyway Bitcoin does not require you to.  Some
could probably use re-reading Erik Hughes cypherpunks manifesto for a
bit of a mojo infusion.

Yes innovation is hard, but the prize is digital freedom.

Adam

On Sat, 2 Jan 2021 at 03:45, Ray Dillinger <bear at sonic.net> wrote:
>
> Several people reading my recent discursions on Bitcoin have concluded
> that I am anti-cryptocurrency.  I'm not.
>
> I am not saying "cryptocurrency bad", I'm saying "block chain ledgers
> don't work, we will need a different idea to make cryptocurrency good."
>
> I am not.  I want there to be a good cryptocurrency, I want it to be
> easy to use, I want it to be secure, I want it to scale, and I want it
> to be at least reasonably private for those who use it without trying
> to cheat.
>
> The search for a good cryptocurrency protocol is not satisfied by the
> design elements of bitcoin.  Nor, I am now convinced, will they be met
> by any cryptocurrency built on the Nakamoto Protocol.  The shared block
> chain as ledger of all transactions simply does not scale, either in
> network bandwidth nor transaction bandwidth.
>
> The failure to scale causes access to the benefits of the protocol to
> be denied to pretty much everyone.  Instead they must access the
> ridiculously limited transaction bandwidth through gatekeepers. These
> gatekeepers, at best, present exactly the same set of risks and privacy
> concerns that the users encounter in credit card or checking account
> processing. So most users achieve no benefit in transaction processing,
> and therefore the protocol is a failure.
>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> https://www.metzdowd.com/mailman/listinfo/cryptography