Bitcoin Forum

Excuse my layman's understanding of math but it seems like after cryptonote the only major milestone that is left to be reached in cryptocurrency (save all the weird quantum stuff) is making a blockchain that instantly confirms (and can scale indefinitely).  
  
I suppose even the way I asked the question is flawed: an instantly confirming blockchain is easy - it's just that it would be incredibly susceptible to double spends and other attacks.  I wonder if there is some beautiful mathematical proof by negative assumption that proves we will always be artificially limited by a network's confirmation time - and the shorter you cut the blocktime the less secure your network gets.  
  
"Assume there was a cryptocurrency such that all transactions could be considered 'confirmed' as soon as they were received and the network had an incentive to spread them as quickly as possible to the other members of the network..."  
  
The only way I can see to do it is to somehow set up a network of interconnected nodes and then incentivize propagation of spent transactions as fast as possible by awarding new coins to the MVP nodes who send the most data in a given time frame - I'm not even sure if you would be able to use a blockchain for this because there would be no way to keep all the nodes in sync.  


One way I can see doing it (though ludacrously cumbersome) would be to assign each atomic unit its own "blockchain".  I know this is a pretty abstract idea, but instead of there being 21 quadrillion atomic units, let's just say there's only five: A, B, C, D, & E.  Each atomic unit has its own hash and mini-'chain'.  If Alice has the private key to 'A' and wants to send it to Bob, she has to put it into a function that then overwrites the "owner" of 'A' to be Bob and securely delivers a new private key to him.  Meanwhile Alice broadcasts this desire and all nodes on the network race to append the mini-blockchain 'A' with this new transaction information.  In this way double-spends can be defended against because the network can just default to the earliest time-stamp detected (assuming each unit has only one owner), and if it detects a later timestamp it can be safely overwritten as a failed double spend attempt.  Obviously different user addresses would need a reputation system for this to work: (if Alice has attempted a double-spend before or has a low transaction history, don't trust her) and there would need to be an incentive for nodes to be among the first to append each mini-blockchain with the new information.  Perhaps the nodes are competing for the right to begin a new mini-blockchain for atomic unit 'F'.
  
What are your thoughts on this?  Will we ever see an instantly confirming and infinitely scaling financial network?

Instant transactions may be possible depending on definition of "unit of value". If it's energy then I can assure you that noone will be able to doublespend. :)

I'm not protocol experts or something, but instant confirmations is imho against core principle of bitcoin called Pow (https://en.bitcoin.it/wiki/Proof_of_work)

generally, you have to wait until TX is confirmed by next mined block. to opt-out this waiting, another concept have to be used..

anyway, theoretically, there are some ways: https://www.cryptocoinsnews.com/3-solutions-instant-bitcoin-confirmations/

Yes, but all three of those supposed methods rely on centralization.  
  
I guess the question is best framed as "Is there a decentralized way to have instant confirmations and a secure network?"

ahh now I get it what you mean..

imho it is just not possible because it is somehow against decentralization model/design. because information must somehow spread over the network, it takes some machine time for distribution and communications within internet with other machines and considering this..well, it simply can't be instant.

correct me, if I'm wrong here, but this is my understanding of p2p systems generally. so imho, it is not even theoretically possible. but looking forward for another thoughts related to this..

If a transaction contains a proof that its money wasn't spent before and won't be spent in the future then it can be sent to the merchant and instantly accepted.

 
 
Come from Beyond you are talking about your Dagcoin proposal again from what I can tell. 
 
I've tried to understand it, but it would appear that one of us is a fool in this matter (don't worry, I'm betting on me). 
 
How, even logically, would a transaction be able to contain a proof that it has not been spent *anywhere* else on the network unless that transaction also includes a snapshot of the entire state of the network with it?

Check https://en.wikipedia.org/wiki/No-cloning_theorem, hypothetically you can measure level of the noise and assess how many times one particular coin was copied.

OP this is an excellent question. The currently accepted answer is: no... The best attempt at solving the trustless P2P double spend problem is POW, which is far from being instant.

Even if you used a scheme where the private key was single use (A->B) and as soon as you signed a transaction the old private key was invalid this still does not help because you can still present the same key to two different parties in a race attack (A->B) and (A->C) - you still have the same problem. More here: https://bitcointalk.org/index.php?topic=1129388.0

IMO the best we can hope for is probabilistically hard double spends with a more extreme difficulty curve than we have currently - producing old blocks is exponentially difficult in the number of blocks in POW, so if we can increase that exponent, along with reducing the block time, we can get close to instant without actually having truly instant confirmations.

If the size of the network is nonzero then the answer is no simply because of the speed-of-light constraints for the propagation of information across the network.  For example, the circumference of the earth is approximately 40 million meters.  The speed of light is approximately 300 million meters per second.  Therefore it takes about 0.13 seconds for a signal to propagate once around the Earth.  Now nodes within the network need to send information back and forth in order to come to consensus so the actual theoretically minimal consensus time is probably at least an order of magnitude greater than this.  

TL/DR: no, but it may be possible on a time scale on the order of seconds under ideal conditions and using sophisticated networking hardware and a highly optimized protocol.  

Thank you for the math, but what about the idea of providing the proof that coins weren't spent and won't be doublespent? Depending on your definition of "decentralized" I might describe a system that will work.

I am assuming a Bitcoin-like protocol and decentralization achieved with some sort of PoW process.  I suppose what you're suggesting is possible if you can truly provide proof that the coins weren't and won't be double spent; however, I can't see how that would possible for any definition of the word "decentralized" that I would consider useful.   

I have one PoW-based process in mind, but it's not Bitcoin-like. In your case I can propose nothing valuable.

John-Conner has supopsedly created a system that allows almost instantaneous transfers, while having the  difficulty of a doublespend improbable.  obviously not impossible.

you would have to ask him about it.

CAP theorem suggests otherwise...

https://en.wikipedia.org/wiki/CAP_theorem

For a transaction to be instantly considered confirmed, all requirements of CAP theorem would have to be fulfilled, and it is generally agreed that this can not be achieved.

More simply, all nodes in the network would have to receive it at exactly that moment...which is of course not possible due to the speed of light limit.

It doesn't matter what POW/POS/POx you employ, instant (as in confirmed at time of creation) transactions are a daydream.

Regarding the speed of light:  
Of course it would be limited by the speed of light; let's not go full retard here.  I suppose I should be more precise: by 'instant', I am obviously referring to 'within seconds'.  


I have studied this vanilla coin and most of the mathematical experts I have asked about it claim that its implementation is suceptible to Sybil attacks.  As well, this coin stole a lot of code from bitcoin and other alts.  And on top of that, the dev has lied and spun stories endlessly and at this point has completely destroyed all notion of credibility.  Unless I hear a mathematical guru that I trust do a review of one of these "white papers" that they like to put out, and tell me it's 100% solid, I have no faith in it.
  

You may take a look at MaidSafe, a fully encrypted P2P file storage (think RAID over users' machines) and computing platform that claims to not require any blockchain.

Their integrated SafeCoin would work just like physical cash, i.e. instant transactions, no blockchain required, full anonymity, because their coin data-structure (just like any piece of data in the system) will be de-duplicated before distribution to users' nodes, hence *double*-spending is prevented already a-priori.

The question of course is then about the security of their over-all system. The problem at this level would appear to be mainly Sybil attacks. They claim to employ a "proof-of-resource" along with a node-ranking system. As development isn't finished, the system hasn't been proven to work in theory (3rd party academic peer reviews), let alone in practice yet.

Lol Ok lets not go full retard, but I don't "read between the lines" when technical questions are asked, if/when that starts to happen people get confused :)

If your timescale is 5-10 seconds or so, then yes it is possible to do although with some caveats.  Depending on the architecture of the platform you may run into other issues that you have to consider (block chain + fast block time = high orphan rates = inefficient use of network bandwidth).

If you want to go faster than that, then you need a different architecture entirely, block chains don't play well with block times < 5s unless you start to move to a semi-centralized operation.

Regarding vanilla coin, it is susceptible to Sybil attacks and you can DoS the zero-time feature fairly easily from my understanding of its operation.

If you assume the speed of light is infinite then, yes, I believe that instant confirmations would be theoretically possible in a decentralized network.

Like I said early, even considering the actual speed of light and the actual size of the Earth, I believe with a sophisticated protocol and advanced networking hardware, it would be theoretically possible to achieve confirmation times measured in seconds.  

As I pointed upthread, quantum cryptography may give us instant confirmations even with finite speed of light (and CAP theorem).

What's to stop the double spender sending the same proof to both parties involved in the attempted double spend?

Cryptography.

CfB, are you referring to the idea of using Quantum Entanglement (e.g. spooky action at a distance)?

That would be some off-the-chain next-level crypto.   8)

http://phys.org/news/2015-03-quantum-einstein-spooky-action-distance.html (http://phys.org/news/2015-03-quantum-einstein-spooky-action-distance.html)

Barring some major breakthrough, it's also a decade or more away.   ::)

Why no stargates mentioned in this thread?  :D ;D

it takes too long to open them. mine usually takes around 5secs to open...its faster to send through a network

hahaha touche! :)

No.
https://en.wikipedia.org/wiki/CAP_theorem

Practically all modern high-scale web sites and services let go of the "1) Consistency".

https://en.wikipedia.org/wiki/Eventual_consistency is the keyword these days. It's apparently good enough. Bitcoin uses it almost by definition. The question then becomes how it can be optimized and how fast it can be designed.

The problem is that "confirmed" != "secured".
There is not a problem to have blocks each second (instead of 6 per hour in current bitcoin)
And the transactions will be confirmed "instant", in a couple of seconds.
But one, two and even 10 confirmations in this crypto will be unsecure.

Actually, below 10 seconds block time you start to hit big inefficiency problems due to orphans - you get around 200 orphans/day at 10 seconds, even with stuff like GHOST. Bitcoin has about 1 orphan/day.

the way that instant confirms would work is not to speed up the block solving. but to instead lock-in a TX into the miners mempool. and ignore any second tx's using the same funds. even if the second one has a higher tx fee. and have all miners advertise their mempools so that everyone knows and all miners have the same locked in tx's. that way double spending (attempts) wont be a worry, even with zero confirms

Where do you live? Is that a world where the speed of the light is infinite, network latency is zero and the connections are permanent?  ;D

Nope. That is one poor attempt at solving the problem - here is why that doesn't work:

1. You would need to hold all transactions ever made in the mempool

- otherwise later blocks can still reverse transactions

2. Sybil attack - transaction locks can be faked if you control a majority of nodes

- your sybil nodes confirm a lock for transaction A and then also confirm another lock for a double spend of A after the merchant accepts your initial transaction. If there is no cost to being a node, this attack is free. If you must supply collateral to be a 'node' then the cost is a constant.

Transactions in 2.0 might get into a block in 3 seconds, but it takes 30s for them to become 'irreversible'.

Nothing is 100% irreversible.

Hence my quotes around the word.

chopped meat can not be reversed to a cow  ;D

Not sure... http://www.livescience.com/49610-scientists-unboil-egg.html

just because entangled particles do things simultaneously does not mean in any way that 'quantum computing' will allow for instantaneous transmission of or processing of data, neither are possible

I didn't talk about entangled particles, that was quantum cryptography.

We can not have instantly confirmed transactions because that will increase the risk of fraud.