Hey Ben, On Dec 14, 2013, at 2:12 PM, Ben Laurie <[email protected]> wrote:
>> Decentralized: there is no central authority controlling all the names > > If it is based on bitcoin, that is untrue. Or even if not. See > http://www.links.org/files/decentralised-currencies.pdf. Thank you for the link to this paper. I needed to find the time to actually read this and get back to you. I've now done this. You've posted this reply to a number of lists that we're both subscribed to, so I'm going to send this reply to each one: My reply can be summarized (mostly) by Vladimir's response to your paper here: https://bitcointalk.org/index.php?topic=25760.msg372591#msg372591 For the list's sake, here are the salient points Sir Vladimir makes: Than, first of all, he is trying to solve a non-problem and fails to see that issue he is trying to solve is not a bug but a feature. This is in reference to your criticism of proof-of-work. Here's the rest of his comment on that particular point: There is no problem with energy consumption, it is a very low price to pay for getting rid of all the middlemen leaching a few percent from every money transfer. Moreover, energy spent by miners on securing the bloc chain is rather negligible in comparison to energy spent on other ways to do money, when you consider, for example energy, required to haul all the cash and gold in armoured trucks, smelting gold bullions, coining coins, smelting metal for the bank vaults and so on... Second criticism of your paper is as follows (again, I'll just copy Vlad's comments here): Second of all, his "efficient solution" is very weak. Essentially, he is proposing to replace voting weighted by pure computational power (surely not very energy efficient way) to voting weighted by a number of clients plugged into the network, without proposing any viable way (since it is impossible) to ensure that this number of clients is not faked. Therefore, he is effectively shifting proof-of-work concept from doing lots of sha-256 calculations to opening lots of ports on lots of IP's simultaneously. This could solve a problem of quick propagations and wide distribution of information, but surely not a problem of "double spending". Total epic fail! Somehow, you seem to have completely missed the point of Bitcoin's proof-of-work. It's right there in the original paper: The proof-of-work also solves the problem of determining representation in majority decision making. If the majority were based on one-IP-address-one-vote, it could be subverted by anyone able to allocate many IPs. Proof-of-work is essentially one-CPU-one-vote. Vladimir made one final comment (not too important though, but I'll include it anyway): He also has completely missed economic part of the system where initial bitcoin inflation serves the purpose of subsidy to enable quick growth of the network and making it secure from 50% attacks. However, all of these points made by Vladimir do not destroy the point your paper makes entirely. They just badly bruise it. IMO, the only legitimate criticism of Bitcoin contained in your paper is the following: If, for example, 1% of the total power available7 is used to produce Bitcoins at present (in fact, the amount is far less than that), then at any point someone could come along with a further 1.1% of the total power and use this to define their own consensus8 , thus invalidating all the work, and all the money, of the initial group, and instead take possession of the entire currency for themselves. This is referring to (or at least should be referring to) the idea of an attacker making their own "fake fork" that they control through superior-CPU power. The strength of your argument (IMO) rests on this one issue: Whether or not there exists an attacker with the computational power necessary to take over the network. This is a legitimate question, and combined with the observations made by Vladimir, it implies two takeaway points: 1. Your suggestion for an "efficient alternative" to Bitcoin appears to be inferior to Bitcoin because it appears to be based on one-IP-one-vote (rejected in the original paper). 2. Bitcoin's legitimacy and trustworthiness depends on whether or not there exists (or can exist) an entity with more horsepower than all more than 50% of the nodes on the network. This is old news. The Bitcoin community has been discussing the 51% attack for a while and appears to be working on addressing the issue: https://en.bitcoin.it/wiki/Proof_of_blockchain_fair_sharing In case it's of interest to someone, here are two sites about known attacks on Bitcoin: http://codinginmysleep.com/bitcoin-attacks-in-plain-english/ https://en.bitcoin.it/wiki/Double-spending Cheers, Greg -- Please do not email me anything that you are not comfortable also sharing with the NSA.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
