In theory something bitcoin-like can be done with the parts human can regrow (like hairs) - they all have same "seed" - DNA, but they all unique (i.e. hair = bitcoin address, DNA = your public key, but something still should act as your private key and that is another dead end).
I don't think the majority of the people in this thread actually understand the problem correctly. When you provide your hash of whatever ID system you come up with to the blockchain, the blockchain has to be able to verify the correctness of this hash, which it cannot possibly do without a central authority. |
|
|
|
|
I've been thinking about this more recently, because no-one has come up with a real replacement, or workable improvement for bitcoin yet...
The primary problem in my proposed design is the incentive for miners to reference orphaned blocks, or branches - in the initial proposal there is no incentive, and in fact it would be more profitable for miners to ignore uncles and just concentrate on generating large difficulty PoW blocks.
I propose as a solution to this problem that miners get rewarded for 'information gain', defined as the sum of block rewards of a previously unreferenced, or orphaned branches which a newly mined block includes in the main ordering via an uncle reference.
By using the block rewards of orphaned blocks as the reward, it isn't advantageous for a miner to purposefully generate a bunch of orphaned blocks, because the reward he will get from including them later is <= the reward he would get by just increasing the difficulty of his newly mined block.
In this way, it is advantageous for miners to add information to the main ordering, which will not only prevent orphaned, or stuck transactions, but also decrease the time it takes for a transaction to become 'confirmed'.
Comments?
|
|
|
|
That it is not true . Such feature is not in contrast with privacy . You can build a system with this ID and all the transactions are encrypted impossible to read without the ID .
This ID CAN identify uniquely a person and it is different from MUST identify
The are so many benefits with this ID evrytime I think to solve a problem in cryptocurrency I found that can be solved by this ID.
For example the intrinsic power of POW can be replaced by a system with these ID, or the problems of a lighting network can be solved if there are these ID . It solve a lot of problems of POS .
It is also possible to develop a cryptocoin where 1 Human = 1 coin .
It become possible to develop a coin where the system give coin to IDs not strictly to miners .
In general you can take almost all the advantages of a "centralized" management and all the advantages of a decentralized management
There is no way to create this because you need some way to ensure one person doesn't create a billion different IDs, and for that you need a central authority. Your best hope is create a puzzle that only a human can solve, but is easily verifiable by a machine - once you have this, you can replace PoW with it. |
|
|
|
Hi Fuserleer, I've only just spotted this thread and your whitepaper - congrats on getting something out the door  I've only skimmed your whitepaper, but I'm left wondering why the consensus isn't vulnerable to sybil attack? For example. Alice owns a majority of nodes on the network, attempts a double spending transaction by asking the network for two temporal proofs in which she spends the same item on two different shards - the network will provide her with this, because she owns a majority of nodes? Cheers, Paul. |
|
|
|
"Please prove that the hash ab6fd77492250e897cf8f0851a9f7de2331aaa3bfb16bb703755b05935effa30 is your's by inputting the correct sentence into the SHA256 function".
Well, there are limitations in this toy example. You should not send your sentence over to the person, so he knows afterwards. But you can solve it with public-key cryptography.
Yes, but without the blockchain being able to *verify* that the hash you supply is indeed the hash of your secret, this doesn't work at all. |
|
|
|
I think, it's really easy:
SHA256("My name is XY, I was born in country XZ and my passport number is 123. This is my secret, that I don't tell anyone.")
Your criteria:
1) for every human must be a unique hash id
The first part consists of some unique information for everyone. I think with the name, country and passport number you have a distinct number for every human. It can be something else, it just needs to be an information, that distinguishes you from someone else. Just in case, someone has the same secret.
2) it is not possible to build this hash id without the real person ( it is not possible to build in an automatic way these id)
It is not possible to caluclate the hash output without the secret, which is only in the thoughts of the person to be identified.
3) decentralized , without a certifier authority
You can sit to any computer in the world and calculate the hash, there is no authority, that needs to approve your identity. Its just Math.
You don't even need an internet connection to prove that you are the owner of this hash.
The main question is: What exactly do you want to accomplish. If it's only identifying people / authentication, you can do it with the above example (if the person accepts to be identified).
How does the blockchain verify this? |
|
|
|
|
You need a self contained problem that only humans can solve, but that a computer can easily verify.
|
|
|
|
PoW has been shown, in bitcoin, to centralize, and we know the economic reason for that: "economies of scale".
No. PoW in bitcoin has shown to be a trustless, reliable proxy for elapsed time. - cryptographically not very secure. Indeed, the cryptographic security resides solely in the need for an external attacker to do a *similar* amount of work than was needed to generate the security in the first place.
Firstly, 'cryptographic security' is the wrong term for what you are trying to describe. Secondly the security of a PoW chain is not based on doing a 'similar' amount of work, but to do more work than the rest of the miners in the network combined. That is indeed, 'vastly' more work. But that is what a crypto currency should be: entirely determined by its owners. It is very strange to have a crypto currency that is depending on an external industry, and of which the users are not making up the consensus. A PoW coin is very much exposed to an external attack, while a PoS coin is cryptographically secure against an external attack. It can of course suffer *internal* attacks.
Again, you're misusing 'cryptographically secure' and even if we take your intended meaning, your statement is still wrong as PoS coins are vulnerable to a much broader range of attacks than PoW coins, both external and internal. Please see this thread for details: https://bitcointalk.org/index.php?topic=1382241.0There is a paper describing a provably secure PoS chain, but even the author concedes that it can only be that way if a majority of honest nodes remain online. This is not a very resilient design, especially in the face of power cuts, wars and 'force majeure'. Don't get me wrong, I'm not saying that bitcoin is a success - the network is congested beyond usability, but PoW remains the only trustless solution to the byzantine generals problem. Cheers, Paul. |
|
|
|
|
The idea is solid, a human powered PoW has merit from a technical and curiosity standpoint, the real trick is making it secure against bots. Google recaptcha is constantly being updated by google's engineers to counteract the ever changing bot landscape, which is something a blockchain cannot really do.
You'd need something more intelligent than a captcha to solve which bots wouldn't be able to attempt.
|
|
|
|
(*) preventing from this attack because these txs from IOT are considered as honnest and so during attack time they are continuously not approving the attacker txs. So the attacker is alone to increase the cumulative weight of its own txs.
It won't be enough. The overall hash rate of the iota network is impossible to measure since any attacker worth his salt will just sit idle not doing anything with his hashing power until sees an opportunity. Because there is no competition to mine, and iota is designed for tiny, low cpu hardware, it will be trivial to acquire enough hashing power to outpace the rest of the network. TETO solves this problem completely due to the mining incentive. Do you plan to launch something ?
I have no plans at this time. |
|
|
|
Nice reading - yes definitely
But could you think of an double -> infinity times spending attack, that will spam the DAG in such a way that any verifying work will crash the nodes in terms of mem or processing time / both ?
I don't think so, because sending a transaction requires a minimum PoW difficulty, so spamming will cost the attacker a lot. IMO it could be way too hard work to find out what is the allowed TX under a multi branched DAG having lots of double spending TX to be skipped.
The system totally orders all transactions in sequence, so the first spend in the sequence is always the legitimate spend. |
|
|
|
|
Hi Fuserleer,
I largely agree with your assessment, but I think the only real problem here is making sure that nodes with old data don't end up posting transactions which are never included in the main ordering. There needs to be some incentive for miners to reference previously unreferenced blocks; perhaps something like ethereum's uncle reward.
The other issued you've outlined are minor, I think?
Cheers, Paul.
|
|
|
|
There is only one provably secure PoS whitepaper that has security proofs dealing with every aspect which those efforts you refer to lack.
Ouroboros states clearly the tradeoffs required to achieve that security.
The requirement that most of the stake has to remain online at all times, informs that PoS does not function in the real world without an oligarchy.
In any power-law distribution of wealth, 50% of the money supply is held by the spenders not savers (i.e. the speculators who have no interest whatsoever in participating in stake forging).
Agree completely, having read the Ouroboros paper myself. |
|
|
|
Miners actually probably have no knowledge of your transaction's existance. Hence, they are willing to accept it to their mempool. The only reason blockchain.info had it in their blockchain is because they connect to so many nodes and have a lax mempool rule. Most of the network's node likely didn't relay it at all and it didn't make it into the miner's mempool.
I find that highly unlikely since it was a good hour after I sent it that issued the double spend. The original transaction was in blockchain.info and stayed there until the double spend got into a block. |
|
|
|
|
I can't answer that directly, but I can give this small partial confirmation about their behaviour.
I had a transaction sent with zero fees which sat at zero confirmations for ages. I had to disable my own wallet's double spend prevention to rebroadcast it with a large fee - blockchain.info never accepted it as a transaction (presumably because it was still in the mempool), but miners picked it up nonetheless and it was included in a block. This wasn't a replacebyfee transaction either.
|
|
|
|
There is no difference between PoW and PoS with respect to the power of "the super-wealthy". Wealthy people that want power over the currency, in PoW can just buy hashrate and they will get it back and even probably profit from it.
Actually, there is a difference: hash rate is more scarce than money. You can't buy 51% of hashing power. |
|
|
|
Iota cannot work as designed.
Without miners there is no possible, trustless convergence - it will live forever with coordinators and be as centralised as visa, with none of the benefits.
Bold claims, dude, post some math if you want to make your claims look credible. No maths required. I quote my previous post on the subject: *) Network hashrate is the overall power of the network - in bitcoin, this is the computing power needed to generate a block.
*) Bitcoin employs a mining reward which creates a competition between miners to produce a block and claim their reward for doing so. Slower miners lose out to faster miners, but they still participate in the competition to produce a block because they stand a chance of winning occasionally.
*) This mining subsidy provides a positive incentive to miners to play by the rules, and encourages them not try to double spending, because they might as well claim the mining reward instead of trying to double spend which is often much more difficult than producing a single block.
*) The mining subsidy also encourages all miners to participate in the mining process, which gives an overall metric for total network hashing power, which you can then use to give an estimate of when it is safe to accept a transaction of a given size, as confirmed, because (on average), the block reward is equal to the electricity cost of mining that block. That means that when your transaction has been buried under enough blocks that the mining subsidy equals the transactions size, it is more or less safe to accept that transaction as confirmed.
Now, imagine the situation with no mining reward.
*) Instead of participating in a competition to win the block reward, miners have no positive incentive to participate anymore. They now are left with the negative incentive to try and double spend.
*) Since these miners are not contributing their hashing power to the network anymore, the overall hashrate of the network in unmeasurable, since these miners are quite likely to leave their ASICs in sleep mode until they want to double spend
*) With the network hash rate unmeasurable, there is no way to put an estimate on when it is safe to accept a transaction as confirmed.
When there is no way to estimate when it is safe to accept a transaction as confirmed, that currency is now useless because any transaction can potentially be reversed.
Cheers, Paul.
|
|
|
|
|
Iota cannot work as designed.
Without miners there is no possible, trustless convergence - it will live forever with coordinators and be as centralised as visa, with none of the benefits.
|
|
|
|
Is it necessary for a given blockchain to have a consensus algorithm? Is that the only way to create trust in a distributed environment like a blockchain? I'm assuming this means you can theoretically apply multiple consensus algorithms to a blockchain to have multiple signals for verification/trust right?
The entire point of bitcoin/blockchain is that it is *trustless*. If you need to trust something, just use visa. The trust is just displaced. You are trusting the consensus algorithm, and in case of bitcoin that's the PoW. Not equivalent; when you put money in your bank, you trust the bank *and* the currency. With bitcoin, you just trust the currency, which is the minimal level of trust possible. |
|
|
|
Is it necessary for a given blockchain to have a consensus algorithm? Is that the only way to create trust in a distributed environment like a blockchain? I'm assuming this means you can theoretically apply multiple consensus algorithms to a blockchain to have multiple signals for verification/trust right?
The entire point of bitcoin/blockchain is that it is *trustless*. If you need to trust something, just use visa. |
|
|
|
|
Show Posts
