sipa changed the topic of #bitcoin-wizards to: This channel is for discussing theoretical ideas with regard to cryptocurrencies, not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
YOU-JI_ has quit [Quit: Leaving...]
dEBRUYNE has quit [Quit: Leaving]
tromp_ has quit [Remote host closed the connection]
mdavid613 has quit [Quit: Leaving.]
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
JHistone has quit [Quit: Leaving]
priidu has joined #bitcoin-wizards
tromp_ has joined #bitcoin-wizards
mkarrer has quit [Ping timeout: 276 seconds]
MoALTz has quit [Ping timeout: 276 seconds]
tromp_ has quit [Remote host closed the connection]
adamg has quit [Ping timeout: 258 seconds]
mkarrer has joined #bitcoin-wizards
<amiller_>
good evening
<amiller_>
haven't had a good ramble in here in a while
<amiller_>
bitcoin's intended to have an incentive mechanism that keeps it decentralized
<amiller_>
it partially succeeds on that front, anyone can become a miner technically... there are lots of different nodes miners, but probably not as many as we'd hope
<amiller_>
we could probably do a lot better though
<amiller_>
that last time i thought really hard along these lines was to make nonoutsourceable puzzles, that's kind of about making it harder for miners to collude
tromp_ has joined #bitcoin-wizards
Ylbam has quit [Quit: Connection closed for inactivity]
<amiller_>
what if we could make something that encourages miners to actively attack each other
dnaleor has quit [Quit: Leaving]
c0rw1n has quit [Ping timeout: 264 seconds]
c0rw1n has joined #bitcoin-wizards
<midnightmagic>
that doesn't incentivize non-cooperation; it incentivizes active destabilization and active undermining.
tromp_ has quit [Remote host closed the connection]
<amiller_>
i think what i'd want to incentivize is defensive behaviors
<katu_>
amiller_: you can get rid of PoW mining altogether if you do something resembling corewars
<katu_>
needless to say, people would not have much faith in such a system
<amiller_>
i have this image of like, miners trying to stay anonymous and hidden from each other, very paranoid
<amiller_>
(maybe miners today actually are like that, i dunno)
<katu_>
youd have to punish losing anonymity somehow
adamg has joined #bitcoin-wizards
<amiller_>
yeah
<amiller_>
ideally it could be done in a "smooth" way, where it's not like an all or nothing compromise
<amiller_>
like flag football
<amiller_>
a sort of related idea we've talked about is having a way to take someone's money if they mine on an invalid transaction
<amiller_>
like as a way of discouraging SPV mining
Dragon535 has joined #bitcoin-wizards
<amiller_>
or to have challenge transactions you have to simulate validating and you have to validate them while mining, as a way of forcing you to have efficient validation hardware along with the mining
<amiller_>
that idea i guess never went anywhere specific
<amiller_>
i guess the way i'm trying to think differently is about making it miner vs miner, rather than miner vs the world, and to make it encourage secrecy/defense and not just adequate provisioning
tromp_ has joined #bitcoin-wizards
belcher has quit [Quit: Leaving]
Emcy has quit [Read error: Connection reset by peer]
Giszmo1 has joined #bitcoin-wizards
priidu has quit [Ping timeout: 264 seconds]
Giszmo has quit [Ping timeout: 264 seconds]
dnaleor has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Emcy_ has joined #bitcoin-wizards
Emcy_ has quit [Changing host]
Emcy_ has joined #bitcoin-wizards
Emcy_ has quit [Client Quit]
Giszmo1 has quit [Quit: Leaving.]
Emcy_ has joined #bitcoin-wizards
Emcy has quit [Ping timeout: 276 seconds]
justanotheruser has quit [Read error: Connection reset by peer]
justanotheruser has joined #bitcoin-wizards
hashtag_ has quit [Ping timeout: 246 seconds]
r0ach has quit [Ping timeout: 250 seconds]
r0ach has joined #bitcoin-wizards
<bsm1175321>
Mining is the anchor for the coin in the real world. It can't be replaced with anything having far less cost. Corewars has zero marginal cost. (Yeah, kid spent a weekend, what's that worth?)
<bsm1175321>
Effectively, we ARE doing corewars, where the corewars is optimizing SHA256d algorthms.
<bsm1175321>
The problem itself is relatively boring. Brute-forcing a hash function does not have any worth to anyone, but it does have a *cost* and that is what gives a crypto-currency its value.
jtimon has quit [Ping timeout: 276 seconds]
Emcy_ has quit [Quit: Leaving]
<bsm1175321>
amiller_: Designing a different problem, which could be attacked intellectually (a la corewars) has effectively zero marginal cost. Yeah some kid will win, but the other players haven't invested real cash, and aren't going to hold. They're going to sell as soon as possible. So what's the value of the winner? The problem itself is useless to everyone and no one would pay for the solution.
Emcy_ has joined #bitcoin-wizards
Emcy_ has quit [Remote host closed the connection]
Emcy has joined #bitcoin-wizards
Emcy_ has joined #bitcoin-wizards
<bsm1175321>
amiller_: Honestly I've been thinking lately about a variant of Honey Badger that takes PoW hashes as writes, but separates the consensus piece from the economic (PoW) piece.
<bsm1175321>
Despite Satoshi, it's NOT necessary to combine the two.
<r0ach>
bsm1175321: that's exactly what I was thinking the other day
<r0ach>
basically you put DPOS on top of PoW and the DPOS system inherits the pow consensus
Emcy has quit [Ping timeout: 276 seconds]
Emcy has joined #bitcoin-wizards
<bsm1175321>
aaaaaahhhh r0ach. Sybil.
<bsm1175321>
You create a new calculus: how much does it cost to run a node (for the bonding time), and how much do I gain from having a node alive as long as (bonding time).
<r0ach>
Bitcoin has no sybil prevention
<bsm1175321>
PoW **IS** Sybil prevention!!!!
<bsm1175321>
It has a number of bullshit things in its p2p layer, but I won't go into that.
Emcy_ has quit [Ping timeout: 276 seconds]
<r0ach>
I'd say no. Everyone delegates their votes to the pool owners and nobody knows who the pool owners are or if one guy owns all the pools. Therefore I say Bitcoin has no sybil prevention.
Emcy_ has joined #bitcoin-wizards
<bsm1175321>
Eh, you have a different definition of Sybil than I do, it seems. Sybil = Number of participating nodes.
<bsm1175321>
Bitcoin doesn't care whether it's 1 or 1000, it can't tell the difference.
pro has quit [Quit: Leaving]
<r0ach>
Some people claim what I'm saying is pools colluding, but it's just a sybil attack
<bsm1175321>
Pools are not identifiable by the Bitcoin network, as a rule. We are only able to identify them at their pleasure and with their consent.
Emcy has quit [Ping timeout: 258 seconds]
<r0ach>
I was eating while I wrote out all that stuff, but I'm pretty sure it does not even alter the current Bitcoin consensus in a fundamental way
<r0ach>
if Bitcoin NG can claim it doesn't, I think it would be the same for that
<bsm1175321>
It very much does alter Bitcoin consensus in a very fundamental way. Bitcoin-NG does too.
<bsm1175321>
Bitcoin does not identify nodes or miners. Any scheme which identifies them is a deep and fundamental change.
<bsm1175321>
Bitcoin-NG is a traditional leader-based system. The leader is identified.
<bsm1175321>
If I know who the leader is, I can DDoS him off the network.
<bsm1175321>
Bitcoin has resisted DDoS attacks many, many times, precisely because the loss of any participant (miner) is not a loss to the continuation of the network.
<r0ach>
I don't think this is a valid negative. In my example, it's still an open loop system like PoW, it just has a fixed number of pools that can operate at once instead of unbounded.
<bsm1175321>
Define "fixed number of pools" and how you determine that is the case?
<r0ach>
your criticism kind of pretends that some new mystery miner will swoop out of the sky to replace DDOS'd miners
<r0ach>
but anyone who mines Bitcoins is already doing so all the time anyway...
<bsm1175321>
That is precisely what happens...
spinza has quit [Ping timeout: 276 seconds]
<amiller_>
i totally don't agree with this view " Brute-forcing a hash function.... does have a *cost* and that is what gives a crypto-currency its value."
<amiller_>
other people have it too and i haven't thought carefully about why i disagree
<amiller_>
i think having a cost gives it a certain kind of security
<amiller_>
but i think the direction is backwards
<bsm1175321>
It absolutely gives it a certain kind of security.
<amiller_>
we should think of mining power as defense spending
Noldorin has quit [Quit: My MacBook Pro has gone to sleep. ZZZzzz…]
<amiller_>
countries measure their defense spending in terms of % of GDP
<r0ach>
anyway, most people seem to think Bitcoin will always have a smallish number of pools, so the surface attack area is very high and very easy to identify. In my example, you could easily have 1001 block validators, so it's hard to accept the claim my example would be easier to attack.
<bsm1175321>
The two are one and the same. There's exactly one and only one direct linkage to economic expenditure. It's the PoW (mining) hash.
<maaku>
amiller_: it's called the labor theory of value, and it has thoroughly been discredited over and over again
<maaku>
(see communism most noticably)
<amiller_>
you can't add more hahspower and make the currency more vlulable
<amiller_>
you clearly can't add more hahspower (as a unilateral effort) and make the currency more vlulable
<bsm1175321>
r0ach, my computer can very, very easily keep track of 1001 IPs. My DDoS network can attack them all the same. Your only recourse is to make more nodes. It's sybil vs. sybil.
<r0ach>
amiller_: of course you can, I've done it in Altcoins
<r0ach>
I've rented out like 80% of the hash power
<amiller_>
oops wow i forgot that irc doesn't have "up-arrow then edit your crappy last line"
<r0ach>
of altcoins and it definitely increased the price
<amiller_>
i've been using slack gitter and skype chat too much
<maaku>
of historical interest, that's where the cypherpunks went wrong in the90's. if you look at those discussions after hascash was invented, they constantly got hung up on attaching value to coins based on the strength of the hashcash which minted them
<amiller_>
r0ach, that's interesing
<amiller_>
hm
<bsm1175321>
amiller_: You absolutely CAN add hashpower to make a crypto-currency *cost* more. Value is a very subjective term. But we're talking markets here. I don't give a flying fuck about PoW hashes. No one does. But they have a cost. That is their anchor.
<amiller_>
it's not an "anchor" in any meaningful way
<maaku>
r0ach: that's just demonstrating price elasticity
<amiller_>
what do you mean by anchor
<r0ach>
yea
<bsm1175321>
A PoW hash was zero, on its own, to begin with. A better PoW is also valued at zero. But it has COST.
<bsm1175321>
Someone spent something and will be unwilling to sell unless the buyer pays near or above his cost.
<bsm1175321>
It's a floor, not a value.
<r0ach>
maaku: I didn't like bob's example for PoW's purpose being to create a price floor, so I wasn't using his example. The purpose of PoW is to create a decentralized exchange. A price floor is secondary.
<maaku>
r0ach: it doesn't create an actual floor.. but it does change the supply side of the curve
<bsm1175321>
An economic "floor" is an artificial construct. They don't exist in the real world (except zero). But maaku has it right...I'm talking about the dynamics of the supply side, not how the buy side "values" it.
<r0ach>
bob, seriously, if you think you can dos out 1001 pools to death, why can't you do the same to the even smaller number of Bitcoin pools that exist now?
<amiller_>
bsm1175321, every time the price of a fungible thing goes down, someone is selling it for less than they bought
<amiller_>
bsm1175321, so no i don't think it serves as an anchor that way
<maaku>
you throw hashpower at a coin & dilute away the miners that were willing to accept less, adding yourself who presumably demands more. that changes the price
<r0ach>
or just walk up to the physical building
<r0ach>
and throw rocks at them
<r0ach>
until they stop mining
<amiller_>
miners sell the reward they get at whatever the price is at the time
<tromp_>
vastly increasing hash power can make difficulty shoot up and then take a very long time to come down when hash power reverts. resulting lack of supply could raise price?!
<r0ach>
there are so few it wouldn't take long
<bsm1175321>
r0ach: So you assume you can out-sybil the sybil attacker. What resource allows you to ensure you're the winner?
<r0ach>
bob, I'm looking at it from the angle of improving Bitcoin from the state it is now and not building the perfect system
<bsm1175321>
amiller_: It's not a solid anchor in terms of an absolute price (no market value is)
<bsm1175321>
r0ach: Satoshi presented us with something very interesting. Economic COST instead of "node count" -- as CS people have been using for decades (a la PAXOS/Raft). It's a very deep and fundamental difference, and the difference is fundamentally political. In order to implement PAXOS/Raft you have to "know who the nodes are" -- and that's political, not technical.
<bsm1175321>
Political solutions to technical problems -- fail.
<r0ach>
yea, I was pushing the cost to attack angle as being the only reason confirmations have any value the other day, saying that 1 conf is useless and the only reason more than one is useful is because cost to attack forever is high so it eventually reaches some type of objective consensus
<r0ach>
BUT
<r0ach>
I still don't see how my example fundamentally even changes Bitcoin consensus
<bsm1175321>
Bitcoin has no idea who produced a block. There's no identification of the producer in the past or future with respect to things he has or will produce. That's a very, very deep difference.
<bsm1175321>
tromp_: my statements are independent of Bitcoin's particular difficulty algorithm (which is flawed in many ways -- but that's another topic). Why does anyone pay anything for it?
<tromp_>
some ppl pay for btc to transact; some to speculate. noone pays to make miners whole:(
spinza has joined #bitcoin-wizards
<r0ach>
miners are just gamblers buying futures contracts
<r0ach>
that's why I'm hesitant if it will work in the long term
<r0ach>
if the reward of the block converges to cost of production
<bsm1175321>
No one pays "to transact". They buy an asset because it's worth something on one end, and worth something on the other.
<r0ach>
then there's not a lot of incentive to become a miner over just buying coins
<r0ach>
since the coins are a more liquid asset than the mining equipment
<bsm1175321>
I have an SQL database that will do millions of txns per second. It's been possible for decades. No one pays $600 for a row.
<tromp_>
btc allows forms of transacting not or poorly supported by fiat
<bsm1175321>
r0ach: I'm totally in agreement. Once the value of BTC falls below the cost of production, miners will leave.
<bsm1175321>
tromp_: It's very clear BTC has superior transaction capability. But the value of signing an elliptic curve doodad is zero. Signing is not where the value comes from.
<tromp_>
the changes in value come from increases in demand which can come from ppl realizing its capabilities
<tromp_>
as well as from ppl deciding to speculate
<bsm1175321>
There is both supply and demand. I'm making a supply-side argument. You're correct on the demand side. The two meet in the middle, as with any asset.
<tromp_>
the actual current value can be seen as a historical accident
<amiller_>
bsm117532, people pay for $600 of entries in databases all the time
<amiller_>
in-app payments etc
<bsm1175321>
If there was zero cost on the supply side, it would be worth zero. (as SQL database rows) If there was zero demand, it would also be worth zero, regardless of its production cost.
<r0ach>
bob, that was kind of off my point. My point was reward per block converges to cost of production, and that miners are just speculators buying futures contracts, so people who don't mine and just buy coins have an advantage in speculation over miners if miners were to sell at cost of production.
<r0ach>
This means the only way for miners to profit is likely to form cartels like OPEC
<r0ach>
OR
<bsm1175321>
amiller_: I envy the business model of companies who sell imaginary in-game widgets for $600.
<midnightmagic>
most of this is off-topic in here. #bitcoin is really a better place for it.
<r0ach>
for Bitcoin to be so deflationary, that they are rewarded by the deflation
<midnightmagic>
or ##altcoins or something.
<bsm1175321>
r0ach: That's a very reasonable way of looking at it.
<bsm1175321>
Dunno where to take this conversation though...
<amiller_>
no one brought up altcoins, this is all in the realm of theoretical cryptocurrency
<bsm1175321>
It's admittedly not wizardly. But, I do think even the wizards have been confused about why any coin has a non-zero value.
<bsm1175321>
r0ach: The long-term curve should approach the cost of production, and if the value of the coin is not zero, that's not zero. So, I think Satoshi's halving algorithm is a loser in the long run.
<kanzure>
agreed re: off-topic. i was about to say something too :-\.
<bsm1175321>
I'm going to make a stand and say this is wizardly. We're really noddling about hat happens when the coinbase reward is zero.
<bsm1175321>
*noodling
<bsm1175321>
zero has the nice property of being independent of any exchange rate.
<r0ach>
Is this some type of secret that you guys don't want to get out? That mining and buying coins is both just speculation/futures market, and there is no actual reason to become a miner over just a coin buyer in the long run unless miners form an OPEC cartel?
<bsm1175321>
I have no knowledge of any such secret. I'm trying to figure it out myself.
<bsm1175321>
I appreciate all your opinions.
<amiller_>
i don't think we yet have empirical evidence of what a cryptocurrency will work like that only runs on transaction fees
<amiller_>
"The long-term curve should approach the cost of production," ok but the cost of production is variable, i'm not disagreeing with the correlation you're mentioning, but i think you're suggesting the causality goes backwards
<amiller_>
since you have miners come and go, the cost of "production" (which is a defense service and not actually production) will match whatever the rewards are being offered to them
<bramc>
Allowing miners to actively harm each other seems to increase centralization. It advantages larger miners over smaller ones because larger ones have fewer resources attacking them.
<amiller_>
r0ach, aren't you the guy who always arguies with rektimus
<r0ach>
yes, your slightly communist/eccentric friend
<amiller_>
bramc, yeah.... it would be nice if being large could be made to have some disadvantage... but i haven't gotten anywhere with it
<bsm1175321>
amiller_: transaction fees is not "cost of production" because it's a zero sum game if the coinbase is zero.
<bramc>
In an alternate approach to limiting centralization, Krystof found a proof of his improvement to my improvement over the naive proof of space scheme. It still has a time/space tradeoff but a dramatically improved one. There's a general approach to adding iterations which might make it completely practical
<amiller_>
bsm1175321, im not talkng about transaction fees, let's say we're talking about inflation bonus
<amiller_>
bsm1175321, you still aren't "producing" anything
<bramc>
amiller_: The problem is that a larger miner can always pretend to be a bunch of smaller miners which happen to not hurt each other
<bsm1175321>
amiller_: Agreed. It's not production, it's *cost*
<amiller_>
bsm1175321, sure.... that's why the "defense spending policy" analogy is best
<bsm1175321>
Here's a weird idea...in the tx fee only world, would a miner choose not to broadcast a block he won, if the fees weren't enough?
mdavid613 has joined #bitcoin-wizards
<amiller_>
in a model where there's no transaction fees but there's constant fixed block reward, it's like setting defense spending as a % of inflation per year
<bsm1175321>
bramc I though we agreed we have no way to tell one miner from 10000 ;-)
<bramc>
In transaction fee only world you can definitely get situations where miners turn off their infrastructure at times
<bsm1175321>
Let's separate the political (number/distribution of miners) from the technical.
<amiller_>
in a model where there are only transactino fees and no block reward, it's like setting defense spending according to some market mechanism that involves willingness to pay to transact
<r0ach>
bob, have you thought up any better example of waste heat mining than water heaters
<bramc>
bsm1175321: That's basically my point. Miners do tend to associate with themselves across successful mining events when you're using proof of space though.
<bsm1175321>
r0ach: Read my above linked blog. If you can sell waste heat, that just reduces your cost, and increases the price you'll hold to sell your BTC
<bsm1175321>
Zero cost things have...zero value.
<bsm1175321>
Trying to make a currency zero cost for it's consensus mechanism creates a currency with zero value.
<bsm1175321>
Look for ways (blahblah) is anchored in the real world. What are people actually investing in stuff. If the answer is none, you have a purely speculative market. If the answer is something, you have a real market.
<amiller_>
bsm1175321, that's not true
<amiller_>
bsm1175321, you could have a free cosnensus mechanism, and provide some kind of "export"
<bsm1175321>
amiller_: Your value is your counterparty risk. It's independent.
<amiller_>
for example, if you had an appcoin that would let you pay to use some resource like storage etc
<amiller_>
there would be something that's costly
<amiller_>
and you might even say you're turning that cost into production, even if it doesn't have anything to do with the cosnensus mechanism
<bramc>
amiller_: The resource being useful seems to be actively bad, it favors parties who have a way of actually using the resource over those who don't
<bsm1175321>
That's fine, but the value is the probability that I can actually execute the (worthless) database row into the thing I actually want.
<amiller_>
bramc, that's true for whatever is going into the consesnsus protocol
<bsm1175321>
And that's not a technical problem. It's political.
<amiller_>
bramc, what i'm trying to argue against is conflating the monetary policy of a cryptocurrency with its consensus protocol
<amiller_>
they're related but it's not nearly as simplistic as bsm1175321 is trying to argue
<bsm1175321>
amiller_: I deeply want to have a PoW honey badger, decoupling the two!!!
oneeman has quit [Quit: Leaving]
<amiller_>
that's the opposite of decoupling
<bsm1175321>
amiller_: I'm confused. Explain?
<bsm1175321>
(I'm saying having a honey badger consensus protocol that only accepts writes that satisfy a PoW target)
<bramc>
I for one am very excited about this recent progress in proofs of space
<amiller_>
^^^ i am too ^^^
* bsm1175321
raises one eyebrow
<amiller_>
but that's a separate argument don't worry
<amiller_>
discussion rather *
<r0ach>
can't wait to see the surface attack area on proof of space coin pools
<amiller_>
i want to say something like, let's say there's such a thing as a proof of stake protocol
<r0ach>
miners rather
<amiller_>
but i think you'd argue that's a contradiction since there isn't, by the same reasoning you're looking fo
<amiller_>
r
<amiller_>
maybe i can make an even stronger but sufficiently different assumption though,
<amiller_>
suppose i had a trusted hardware or some other adequate database
<amiller_>
adequate assumption to have a database that works as well as bitcoin
<bsm1175321>
amiller_: I've made an argument in the above blog that is an economic analog of "nothing at stake". I believe it holds for any PAXOS/Raft/PBFT derived protocol, in that the marginal cost of modifying a row is zero, and the decision about participating nodes is political.
<amiller_>
bsm1175321, let's say we had a secure public database, and the cost of securing it is free (or paid by someone else anyway)
chjj has quit [Ping timeout: 260 seconds]
<amiller_>
this is what it would look like if a government decided they wanted to spend millions of dollars building the next info cyber highway
<bramc>
r0ach: All the proof of space based systems have nonoutsourceable mining
<bsm1175321>
So the actual value of such a thing is the cost of attacking it. You can obscure that cost, at best.
<bramc>
The thing which really kills cow systems in practice is that there needs to be some threshold for having a quorum. Too high and mining stops. Too low and an attacker can easily steal everything. There is no good value for it.
<amiller_>
bsm1175321, there's no way that's true
<amiller_>
bsm1175321, at some point, no one around is attacking it, but it costs more and more to make the threshold higher and higher
<amiller_>
imagine a country that spent 100% of its gdp on defense, at some point it there's nothing left worth defending, it wouldn't be a good use to make it more and more secure
<bsm1175321>
amiller_: I think the security community has been living in a fantasy that there is a solution beyond economics. Any solution falls to the wrench attack. https://xkcd.com/538/
<amiller_>
no one in the security community is calling for us to pay miners more
PERSIAN has joined #bitcoin-wizards
<bsm1175321>
The major contribution of Satoshi is that really, truly, it's all about economics
<amiller_>
or that we'd be better off with more hash power
<bsm1175321>
amiller_: no one in the security community is paying miners anything. Bitcoin is entirely outside them.
<amiller_>
all about that
<amiller_>
so go back to the scenario where you some how get a secure database for free because someone else is paying for it
<amiller_>
hm
<bsm1175321>
Wait, what? How did you achieve that?
<amiller_>
i was going to be more specific, that you at least have aadequate hashpower
<amiller_>
but there are always more ways to attack it, rubber hoses etc
<amiller_>
so you're saying that the cost to attack it sets an upper bound on its value?
<bsm1175321>
amiller_: I'm unclear whether it's "upper". However it is an anchor to real-world value.
<bsm1175321>
If your security solution is political -- as in, how many wrenches and how many people -- than it's economic value is very hard to determine. But that's NOT the same as being immune to an economic attack.
<amiller_>
it seems like you could have an economic attack on your "currency" even if you *did* have a perfect database
<bsm1175321>
Correct. If anyone has access, my wrench has access.
<amiller_>
economic attacks include market mainpulation etc, right?
<bsm1175321>
Yes.
<amiller_>
how do you defend against economic attacks?
<bsm1175321>
Politically.
<amiller_>
like, entirely external to the protocol?
<bsm1175321>
Yes.
<amiller_>
or do you build in rewards and other monetary policy things into the protocl?
<bsm1175321>
Because participants have means and influences (like wrenches) that are external to the protocol.
<bsm1175321>
amiller_: You're introducing an economic incentive. You just changed the boundaries, but not the dynamics of the game.
Dragon535 has left #bitcoin-wizards [#bitcoin-wizards]
<amiller_>
well explain the same dynamics again then, but in this setting, and it will amke sense to me
<bsm1175321>
Given any cryptographic protocol, I can choose to influence the participants, with a wrench.
<bramc>
The nice thing about spacetime systems is that they quite explicitly don't try to dodge the economic argument, they just make a slightly more sophisticated one.
crossing-styx has quit [Ping timeout: 276 seconds]
<amiller_>
bsm1175321, what does that suggest we should do?
<amiller_>
(i'll wait for you to go on)
<bsm1175321>
amiller_: At the moment, I'm just trying to puzzle the relationship to economics that Satoshi created.
<bsm1175321>
amiller_: If I've been unclear please ask something more specific... :-/
<amiller_>
bsm1175321, suppose i had a perfect database i didn't have to pay for but i wanted to build a currency on top
<bsm1175321>
I'm not proscribing a course of action for the crypto community, just trying to understand the dynamics.
<amiller_>
if i don't have to inflate currency to make the database secure, i still have to find a way to give it out
<bsm1175321>
amiller_: I lost you at "perfect database"
<amiller_>
extremely expesnive to attack database
<bsm1175321>
Who's the administrator? How do writes happen? How expensive is "expensive"?
<bsm1175321>
FWIW I come from the "spherical cow" school of thought. Now let me tell you about their dielectric constant and capacitance...
<amiller_>
maybe the database is another larger civilization, and we're talking about deploying something on a smaller scale than whatever currency they use
<amiller_>
maybe there's a government (maybe a really hip place in the carribean) that decides to offer a database service as a utility, without prescribing what you should do on
<amiller_>
on it
<bsm1175321>
My challenge is: invent said "perfect database" that can be relied upon for the treasury of the world.
<amiller_>
ok lets go back to this pivot point
<r0ach>
bob, the perfect currency is "energon" from the transformers cartoon. Everything else is a debt instrument.
<r0ach>
the energy cubes can be redeemed at full face value at any time
<bsm1175321>
Hahaaa r0ach ;-)
<amiller_>
the cost of attacking bitcoin through *hashpower alone* sets some kind of bound on the market cap of that currency
<amiller_>
i think it's an upper bound but that you're arguing it's a lower bound
<amiller_>
i thought i had a good way of getting to the bottom of that but it got derailed before the useful part
<amiller_>
maybe rightly so :p
<bsm1175321>
amiller_: We don't have an accurate accounting of cost. However I argue that it's market price is tied to supply-side (and demand side) economics. We *do* have an accounting of its purchase price, which is primarily demand side.
<amiller_>
by "tied to" what do you mean
<amiller_>
is it equally ok to say that its supply-side costs are tied to its market price
<bsm1175321>
We can't really know what the profit margin of miners is. It might be 10% this month, an 100% next month.
<amiller_>
i think because you called one of them an "anchor" that you mean something not symetric
<bsm1175321>
I intentionally used the word "anchor" to avoid the word "value" which most people throw round, and is *extremely* subjective. No one gives a flying fuck about brute forcing a specific input to sha256d.
<bsm1175321>
I'm not implying anything about symmetry there. All markets have both supply and demand.
<amiller_>
how about in the silly video game item markets
<amiller_>
is there a supply cost for a new steam hat?
<bsm1175321>
Chinese WoW gold farmers have the market cornered on that.
<amiller_>
is the cost of supplying one the amount you have to pay to get more
<bsm1175321>
There's an effort involved in cheating/hacking the game, or attacking an employee with a wrench.
<amiller_>
the employees also give more out
<bsm1175321>
Supply is infinite.
<amiller_>
i think the policy of how the hats are created matters a lot
<r0ach>
the steam hat thing involved people stealing credit cards, then they would corner the markets on specific hates using those credit cards
<bsm1175321>
My calculus in such games is: "is it worth $5 to enjoy an hour of farming turnips or hunting pokemon". But at scale, the calculus is: Is it worth me paying $50000 to an employee to crack the code/hack servers/extort with wrench to give me tokens which I can resell?
<r0ach>
*hats
<amiller_>
bsm1175321, what bound does that place on the total market cap of those made up items
<bsm1175321>
amiller_: A very, very ambiguous one.
<bsm1175321>
Don't mistake ambiguity for security.
<amiller_>
which direction would be it if we knew
<amiller_>
like, how much tokens you can get for $50,000 worth of ninjas
<bsm1175321>
I dunno, how disgruntled are the employees and how many do you know?
<bsm1175321>
Also, what's the availability of a secondary market to resell ninjas?
<amiller_>
are yousaying those don't just affect what the bound is,
<amiller_>
but also which direction it goes?
<amiller_>
if you knew all the options for pulling off attacks and how much you'd have to pay to get how many tokens
<bsm1175321>
I'm saying if you had perfect information of disgruntled employees and their wrench-price, you could create a price for false tokens. Since the supply is infinite, you can influence an employee to create an infinite number of tokens. So if someone is willing to employ wrenches, the token is worth zero.
<bsm1175321>
(This comes down to the fact that one wrench can buy you 5 tokens just as easily as it can buy you 10 -- the marginal cost once you have deployed the wrench is zero)
<midnightmagic>
:-/
<bsm1175321>
amiller_: The markets we're mostly familiar with involve new assets and a euphoria surrounding them, and it's mostly buy side. You ask if the direction could be negative. Yes. Consider many years later when millions of player have worthless pokemon on their dead game, and would be willing to sell them for any price. Or, when the coinbase reward is zero...
<amiller_>
right, even though it cost them money to get them
tromp_ has quit [Remote host closed the connection]
bramc has quit [Ping timeout: 250 seconds]
ThomasV has joined #bitcoin-wizards
mdavid613 has quit [Quit: Leaving.]
ThomasV has quit [Ping timeout: 258 seconds]
tromp_ has joined #bitcoin-wizards
adamg has quit [Ping timeout: 258 seconds]
tromp_ has quit [Ping timeout: 240 seconds]
coup_de_shitlord has quit [Quit: Like 3 fire emojis lit rn
coup_de_shitlord has joined #bitcoin-wizards
bit2017 has joined #bitcoin-wizards
bit2017 has quit [Max SendQ exceeded]
bit2017 has joined #bitcoin-wizards
bit2017 has quit [Max SendQ exceeded]
bit2017 has joined #bitcoin-wizards
bit2017 has quit [Max SendQ exceeded]
bit2017 has joined #bitcoin-wizards
bit2017 has quit [Max SendQ exceeded]
bit2017 has joined #bitcoin-wizards
bit2017 has quit [Max SendQ exceeded]
bit2017 has joined #bitcoin-wizards
bit2017 has quit [Max SendQ exceeded]
ThomasV has joined #bitcoin-wizards
antanst has joined #bitcoin-wizards
adamg has joined #bitcoin-wizards
Guyver2 has joined #bitcoin-wizards
tromp_ has joined #bitcoin-wizards
tromp_ has quit [Ping timeout: 240 seconds]
xsdfdfsa has joined #bitcoin-wizards
licnep has quit [Quit: Connection closed for inactivity]
coup_de_shitlord has quit [Quit: Like 3 fire emojis lit rn
coup_de_shitlord has joined #bitcoin-wizards
dnaleor has quit [Quit: Leaving]
ThomasV has quit [Ping timeout: 276 seconds]
arubi has quit [Quit: Leaving]
arubi has joined #bitcoin-wizards
dnaleor has joined #bitcoin-wizards
Ylbam has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
arubi has quit [Quit: Leaving]
arubi has joined #bitcoin-wizards
SirJacket has quit [Ping timeout: 272 seconds]
SirJacket has joined #bitcoin-wizards
<musalbas>
Is there a peer-reviewed ECSDA scheme for blind signatures? I searched for a while but surprisingly there doesn't seem to be one, except for one published in a Taiwanese journal that has a massive flaw
Guyver2 has quit [Read error: Connection reset by peer]
belcher has joined #bitcoin-wizards
pro has joined #bitcoin-wizards
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
MaxSan_ has joined #bitcoin-wizards
priidu has quit [Ping timeout: 260 seconds]
gielbier has joined #bitcoin-wizards
gielbier has quit [Changing host]
gielbier has joined #bitcoin-wizards
dEBRUYNE has quit [Quit: Leaving]
Giszmo has joined #bitcoin-wizards
AaronvanW has quit [Remote host closed the connection]
laurentmt has joined #bitcoin-wizards
laurentmt has quit [Quit: laurentmt]
Noldorin has joined #bitcoin-wizards
jtimon has joined #bitcoin-wizards
mkarrer_ has joined #bitcoin-wizards
mkarrer has quit [Ping timeout: 240 seconds]
xsdfdfsa has quit [Ping timeout: 276 seconds]
JHistone has joined #bitcoin-wizards
belcher has quit [Read error: Connection reset by peer]
belcher has joined #bitcoin-wizards
AaronvanW has joined #bitcoin-wizards
<waxwing>
yeah i remember that, it looks good, but agreed it would be nice to see review, i'm certainly not qualified to know how sound it is ... also someone should introduce oleganza to LateX :)
dnaleor has quit [Quit: Leaving]
MoALTz has joined #bitcoin-wizards
Lysanders has quit [Ping timeout: 244 seconds]
Guyver2 has joined #bitcoin-wizards
dEBRUYNE has joined #bitcoin-wizards
Emcy has joined #bitcoin-wizards
Emcy_ has quit [Ping timeout: 258 seconds]
belcher has quit [Read error: Connection reset by peer]
Guyver2 has quit [Quit: :)]
belcher has joined #bitcoin-wizards
dEBRUYNE has quit [Ping timeout: 240 seconds]
PsychoticBoy has quit [Ping timeout: 258 seconds]
priidu has joined #bitcoin-wizards
PsychoticBoy has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 250 seconds]
whphhg_ has joined #bitcoin-wizards
whphhg has quit [Ping timeout: 258 seconds]
tromp_ has joined #bitcoin-wizards
whphhg_ is now known as whphhg
tromp_ has quit [Remote host closed the connection]
tromp_ has joined #bitcoin-wizards
grubles has quit [Quit: brb]
grubles has joined #bitcoin-wizards
LeMiner has quit [Changing host]
LeMiner has joined #bitcoin-wizards
ThomasV has joined #bitcoin-wizards
TheSeven has quit [Disconnected by services]
[7] has joined #bitcoin-wizards
ThomasV has quit [Ping timeout: 276 seconds]
dEBRUYNE has joined #bitcoin-wizards
dEBRUYNE has quit [Quit: Leaving]
Chris_Stewart_5 has joined #bitcoin-wizards
mdavid613 has joined #bitcoin-wizards
cyphase has quit [Ping timeout: 276 seconds]
cyphase has joined #bitcoin-wizards
tromp_ has quit [Remote host closed the connection]
antanst has quit [Ping timeout: 252 seconds]
jiggalator has joined #bitcoin-wizards
jiggalator is now known as netsin
Chris_Stewart_5 has quit [Ping timeout: 252 seconds]
Samdney has joined #bitcoin-wizards
Noldorin has quit [Ping timeout: 260 seconds]
Noldorin has joined #bitcoin-wizards
mdavid613 has quit [Quit: Leaving.]
davec has quit [Read error: Connection reset by peer]
davec has joined #bitcoin-wizards
netsin has quit [Remote host closed the connection]
netsin has joined #bitcoin-wizards
netsin has quit [Remote host closed the connection]
netsin has joined #bitcoin-wizards
blackwraith has joined #bitcoin-wizards
priidu has quit [Ping timeout: 246 seconds]
dEBRUYNE has joined #bitcoin-wizards
tromp_ has joined #bitcoin-wizards
tromp_ has quit [Ping timeout: 260 seconds]
dEBRUYNE has quit [Quit: Leaving]
justanotheruser has quit [Ping timeout: 252 seconds]
justanotheruser has joined #bitcoin-wizards
netsin has quit [Remote host closed the connection]
hashtag_ has joined #bitcoin-wizards
netsin has joined #bitcoin-wizards
mdavid613 has joined #bitcoin-wizards
mdavid613 has quit [Max SendQ exceeded]
mdavid613 has joined #bitcoin-wizards
skyraider has joined #bitcoin-wizards
mdavid613 has quit [Quit: Leaving.]
netsin has quit [Remote host closed the connection]
dEBRUYNE has joined #bitcoin-wizards
netsin has joined #bitcoin-wizards
dEBRUYNE has quit [Client Quit]
hashtag_ has quit [Ping timeout: 264 seconds]
ThomasV has joined #bitcoin-wizards
tromp_ has joined #bitcoin-wizards
tromp_ has quit [Ping timeout: 240 seconds]
ThomasV has quit [Ping timeout: 276 seconds]
Chris_Stewart_5 has joined #bitcoin-wizards
dnaleor has joined #bitcoin-wizards
antanst has joined #bitcoin-wizards
hashtag_ has joined #bitcoin-wizards
sausage_factory has joined #bitcoin-wizards
blackwraith has quit [Ping timeout: 260 seconds]
Emcy_ has joined #bitcoin-wizards
Emcy has quit [Ping timeout: 246 seconds]
tromp_ has joined #bitcoin-wizards
tromp_ has quit [Ping timeout: 260 seconds]
chjj has joined #bitcoin-wizards
Heliox has joined #bitcoin-wizards
Heliox has left #bitcoin-wizards [#bitcoin-wizards]
l0rdPE has quit [Read error: Connection reset by peer]
l0rdPE has joined #bitcoin-wizards
belcher has quit [Read error: Connection reset by peer]
Guest54832 has joined #bitcoin-wizards
jron has quit [Ping timeout: 246 seconds]
humd1ng3r has quit [Ping timeout: 246 seconds]
Starduster has joined #bitcoin-wizards
wumpus has quit [Ping timeout: 240 seconds]
jron has joined #bitcoin-wizards
Starduster_ has quit [Ping timeout: 240 seconds]
belcher has joined #bitcoin-wizards
humd1ng3r has joined #bitcoin-wizards
wumpus has joined #bitcoin-wizards
Guest54832 has quit [Ping timeout: 240 seconds]
<andytoshi>
musalbas: that is not a blind ECDSA scheme, unfortunately
<andytoshi>
and sorry, i was helping oleg translate to latex a year or two ago and somehow that lapsed, so it's not done :)
<andytoshi>
musalbas: doing blind signatures with ECDSA is really hard, ECDSA is not algebraically very nice because the s value is multiplied by the secret k value (that is, people who don't know the private key basically can't manipulate s at all)
bildramer has joined #bitcoin-wizards
Chris_Stewart_5 has quit [Ping timeout: 258 seconds]
l0rdPE has quit [Ping timeout: 264 seconds]
l0rdPE has joined #bitcoin-wizards
Lysanders has joined #bitcoin-wizards
hashtagg_ has joined #bitcoin-wizards
Guest45624 is now known as [Derek]
[Derek] has quit [Changing host]
[Derek] has joined #bitcoin-wizards
hashtag_ has quit [Ping timeout: 258 seconds]
jtimon has quit [Ping timeout: 276 seconds]
skyraider has quit [Quit: Connection closed for inactivity]
jtimon has joined #bitcoin-wizards
ruby32 has joined #bitcoin-wizards
MaxSan_ has quit [Ping timeout: 246 seconds]
spinza has quit [Ping timeout: 272 seconds]
tromp_ has joined #bitcoin-wizards
antanst has quit [Ping timeout: 276 seconds]
spinza has joined #bitcoin-wizards
netsin has quit [Remote host closed the connection]
tromp_ has quit [Remote host closed the connection]
netsin has joined #bitcoin-wizards
netsin has quit [Remote host closed the connection]