So I'm sure I'm not the first person to muse on the mining POW problem and its lack of social value apart from being hard. Let me lay out a few links I've been reading in my "copious" free time and risk sounding naive by musing a bit. Hopefully those of you with more knowledge can correct me and/or send me to even better references.
I'm sure those of you in the know have heard this polemic: http://motherboard.vice.com/read/bitcoin-is-unsustainable https://www.reddit.com/r/Bitcoin/comments/41b4zx/whiny_ragequitting/cz139ti I'm not trying to inflame opinions on the matter, it seems they already have been and I'm not trying to throw fuel on the fire, and I really don't know enough about the technical details to know why a block size matters all that much, but I am somewhat astonished at 7 tps as an upper bound. What I do believe is that brute forcing partial hash preimages has virtually no useful benefit. The fact that we have the world's largest computing cluster solving a useless problem sounds like something out of a Douglas Adams novel. If we were enumerating solutions to NPC problem then the block chain would be useful for any isomorphic NP problems, and any optimizations would apply to all NP problems. From what I hear, it's just local hydro, the power is basically free, and it's currently controlled by two guys from China (a handful of people control 95% of the mining power, IIRC). But it could be solving useful problems. For example one day gcc could query the block chain for register allocation solutions. Leaving aside the technical details, waving hands at the implementation, imagining that it exists, the first things you brute-force optimize should, be: 1) the mining software and/or FPGA layouts, so you acquire more NP-complete problem solutions, faster 2) the compiler binary 3) mobile device software 4) Unix kernels Via this method, you'd be doing computational geoarbitrage, by precomputing solutions where energy is essentially free, memoizing them, and creating some as-yet-undefined incentive to provide them to other problem domains as an essentially free byproduct, and reaping the work product n times over. By making e.g. electric space heaters which do the work, you've also created a sort of interesting incentive to participate in situations where none would have existed. IIUC, many/most compiler optimizations are NP hard problems. I would imagine many EDA problems are, as well. Another possibility is to create a market where people who want hard problems solved place paid requests for solutions to search systems, and the search systems fulfill or submit to miners pools to solve them. That would allow for cases where the size of the specific problem people need solved exceeds the "brute force enumeration" system's size, and could allow for, I don't know, doing protein folding or computational biology problems or something with tangible existential value to the human race. If the problem isn't easily represented as a NP complete problem, perhaps it could involve some virtual machine language. Not really sure about the most practical general form. And of course all the payments would be done with the very same system for which we are implementing proof of work. Actually we are probably solving SAT problems based on the linear boolean equations based on whatever hash Bitcoin uses, we are just solving them in an arbitrary order, and for an arbitrary set size (n bit null prefix sha1 problem = solving n simultaneous random linear equations in 160 variables?). I wonder if when viewed this way the blockchain would be of any value for anything else. I do have to say, the block chain (merkle tree) looks a lot like this 1998 proposal, and I direct you to the section on hash lattices, which seem in some ways superior: https://www.schneier.com/cryptography/archives/1998/01/cryptographic_suppor.html I wonder if there is a case for decoupling the market for making an entry in a global database, and the mining process itself, such that electronic payments could be made to "commit" data to the chain, which is widely replicated (Wait, is this USENET 2.0? No, that was cloud storage. This is USENET 3.0. Or maybe this is PGP timestamping services v2.0) I'm still reading these: https://en.wikipedia.org/wiki/Block_chain_(database) https://en.wikipedia.org/wiki/Billon_standard https://tools.ietf.org/html/draft-hallambaker-cryptomesh-00 https://tonyarcieri.com/on-the-dangers-of-a-blockchain-monoculture Also, it appears the proud father of 20-year-old ECC says it is not worth saving: http://arstechnica.com/security/2015/10/nsa-advisory-sparks-concern-of-secret-advance-ushering-in-cryptoapocalypse/ https://www.reddit.com/r/crypto/comments/3qp4ta/a_riddle_wrapped_in_an_enigma_neal_koblitz_alfred/ So we'll have to consider some flexibilty in the PKC we use. I suppose it might involve merkle signatures: https://en.wikipedia.org/wiki/Merkle_signature_scheme What else should I read about block chains? Who are the thought leaders that I should bring in to talk about it? What are the major fora? What properties should a new BTC-like system provide? -- http://www.subspacefield.org/~travis/ | if spammer then j...@subspacefield.org "Computer crime, the glamor crime of the 1970s, will become in the 1980s one of the greatest sources of preventable business loss." John M. Carroll, "Computer Security", first edition cover flap, 1977
pgpq2Zj4snRuq.pgp
Description: PGP signature
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
