[Cryptography] Standards Trolls: Re: Bitcoin is a disaster.

Ray Dillinger bear at sonic.net
Wed Jan 27 02:24:05 EST 2021 

On 1/15/21 12:21 AM, bear wrote:
> circulation and destroyed. Agreeing about a few hundred transactions
>>> seems a lot more reasonable than agreeing about TheWholeDamnUniverseTM.
>>
>> To prevent doubles spending, some trusted authority has to know the
>> current
>> ownership of each token.


First of all, no.  If no online contact about a token is available you
can refuse it, but if you don't you can still transfer tokens in the
absence of realtime guarantees.  If the transfer is a double spend, or
if the token being transferred was created in a double spend in an
earlier transaction, the inconsistent spend will create a fork in the
token's spend chain, and the fork will (after some indeterminate amount
of time) be discovered revealing the identity of the double spender.  At
that point you have the same legal recourse as you have against someone
who's passed a counterfeit physical bill to you - better actually
because you can easily prove in court who created the counterfeit in the
first place.

That said, a realtime guarantee is desirable, and available, and only an
authority that knows the current status of the token can provide one. 
One of the design errors of central-blockchain cryptocurrencies was to
suppose that EVERY authority had to know the current ownership of EVERY
token.  That isn't true, and no version of it will ever scale.  It
suffices that there is SOME authority that knows the status of ANY
token. For each token, probably a list of 20 or so designated nodes will
be charged with keeping track of it.

Realize that what you get from an authority in this case isn't
existential.  You know that the token has been transferred from legit
certificate holder to legit certificate holder, ending with the
certificate holder that's trying to transfer it to you.  You've got
that, already, just by looking at the spend chain embedded in the
token.  You may not know which certificate holders, but you don't need
to.  What you're checking with the authority about is the potential for
inconsistent additional uses of the token. If you check with an
authority and discover there was a particular chain height where the
authority's chain and the token's chain show different spends for
example, you can figure out who double spent it, revoke their cert, and
sue them for counterfeiting.  But you don't need the authority's help to
see that the record of spends from minting to you is well-formed, and
the double-spend->revoke feature, combined with certs NOT being freely
available, should keep instances of double spending very rare. 

            Bear


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210126/a67b0bb9/attachment.htm>

More information about the cryptography mailing list