[Cryptography] Standards Trolls: Re: Bitcoin is a disaster.

Tue Jan 12 04:14:56 EST 2021

On Sun, 2021-01-10 at 21:07 +0000, jrzx via cryptography wrote:

It is inevitable that sooner or later a crypto currency will replace
> the US$.  Bitcoin is already making a significant dent in it.   We
> will need a crypto coin than enables seven billion people to buy a
> lollipop.

(Pedantic ON)
I would say rather that sooner or later cryptographic protocols will be
used to make more kinds of monetary transactions than they are used for
today, with a wide variety of privacy, confidentiality, and legal 
profiles. To a very large extent the US dollar is already a
cryptocurrency, and becoming more firmly a cryptocurrency every day. 
Most dollar transactions - online purchases, direct deposit, automatic
bill pay, debit cards, etc...  are already done using cryptographic
protocols.

If and when it becomes a "pure" cryptocurrency and the circulation of
actual physical cash ceases, it's not like they'll stop calling it the
US dollar.  So, 'replace' is not a very meaningful word here.
(Pedantic OFF)

That said, you used the word 'cryptocurrency' meaning to express a
particular set of requirements and assumptions that the US dollar, even
though it's very scalable and distributed, doesn't meet.  

--------------------

If you want a distributed-but-not-decentralized, highly scalable,
cryptocurrency with no need for a global bottleneck chain, with
verifiable transactions made transferring cryptographic tokens
representing money, yes, I know how to do that.  You can do most of the
things banks allow you to do with dollars.  The 'centralized' role
amounts to being a certificate authority giving people credentials that
they can use to get on the system.  But it can't be done by software
and the users can't be fully anonymous, because it absolutely requires
verifying real world identification.  

As a user, you would 'mint' a token when you need one to spend (the
protocol determines how often and when you're eligible to do that),
spend it, and then it could wander around getting spent from one user
to the next.  Every transaction, your server would get a query from
someone wanting you to verify the last-known-hash of this token to make
sure it hasn't been used inconsistently.  Eventually, bearing its own
little block chain, the token would make its way back to you, whereupon
you could 'melt' it - adding the amount on that token back to your
wallet balance where it'd be available next time you want to 'mint' a
new token.  If somebody does manage a double spend, then you (or
someone else if they catch it before it gets to you) will see the same
token with two different conflicting histories, and produce a proof
that reveals the certificate used to make the inconsistent
transactions. We call this proof a certificate revocation.  And it
reveals a real-world ID if you need to take it to legal recourse.

See?  No central block chain.  No straining powerplants converting
carbon into coins. No need for communications other than between the
actual parties to the transaction and (not absolutely necessary but
strongly recommended) the user ("witness") that 'minted' the token
they're using.  And once the token is 'melted' even the encrypted
transaction records on its little block chain, which were never visible
to more than a few people in the first place, vanish.  It's a highly
scalable design, with less immediate privacy (real-world ids that your
counterparties know) but more long-term privacy (no block chain with
the history of the universe on it that anybody can sift through at any
time in the future). It would have a different set of guarantees than a
Nakamoto-protocol cryptocurrency but a set of guarantees reasonably
viable for actual use.

And because you used the word "cryptocurrency" in some sense far more
narrow than the whole design space, I don't even know if this is the
sort of alternate design you might have been talking about.

				Bear