You see, you also think in terms of "should".   But any "should" is a "constitution" that determines what is "good" and what is "bad", and hence, that has been set up by a central entity ; or is dynamically arising, and in that case, you cannot say "should".  It is what it is.

I think, for instance, that the 21 M limit is one of the biggest stupidities in bitcoin ; others think that it is its major value proposition.  

So, essentially, the choices are:

a) central authority that can dictate whatever is the rule set.

b) dynamical happening that determines what is the rule set.

I think the whole concept of a crypto currency is that there is initially a central authority that determines what is the rule set, and that afterwards, if any claim on decentralization makes sense, that from this initial rule set, a dynamical happening follows.  

My personal theory is that the only dynamical rule that guarantees decentralization, is that the original rule set is a Nash equilibrium, making it impossible to deviate from it, apart from going back to (a).   But one could design more subtle systems in which, in a decentralized way, modifications to the rules can be made without collusion.   In fact, hard forking is the standard way of doing that, but maybe there are less violent ways to do so ; or maybe, it is exactly part of the immutability dynamics, that the only decentralized way to change something, is to hard fork.

The whole question, hence, is not so much of what bitcoin "should" do, but rather, whether it is decentralized (and hence, immutable) or whether it is centralized ; and if, in that last case, in who's hands is the central power.  Until very recently, bitcoin was centralized in the hands of Core, being the software monopolist, and hence the de facto master of the rules (backed into the software).  This goes in fact against the consensus mechanism in bitcoin, that puts the power to decide in the hands of those with most hash rate.  These last ones start to get aware of their final say, and it is no wonder that both are fighting - but this exact fighting is exactly what is to be expected in a decentralized system, imposing immutability.  So this would point finally, to the observation that bitcoin is starting to get decentralized from Core.  We'll see.

Note that jbreher is perfectly right that a valid block is simply by definition, that block on which miners decide to build the rest of the chain.  And implicitly, hence, that the valid protocol is the protocol that considers that block as valid.  Whether that corresponds to any white paper or not !

If tomorrow, all miners start mining blocks in which the block reward rises to 200 BTC, and they build blocks on one another, then the bitcoin protocol has de facto changed, and is now such that block rewards are 200 BTC.  Because miners built on top of such blocks, so they decided collectively that that was the valid protocol.

I'm going to reply in pieces to this


If there is only one centralized entity that makes the single software ran by miners and nodes alike, this is the central authority that decides by writing lines of code and pushing it to the miners (and also the verifying nodes which do the same).  So, duh.  That's why a system that has only one code base is centralized in the hands of the coders.  First Satoshi, of course, and later, Core.  That's no different from Microsoft being the central authority of what windows does, or Apple being the central authority of what Apple devices do.  

The only choice left to the software user is: keep old version, or upgrade.

If everything is done by soft forks, moreover, the only thing that the software monopolist needs to do, is to convince >50% of the mining nodes to adopt the software.  Then this soft fork is imposed upon the rest of the miners (or all their blocks get orphaned sooner or later).  And the users, we don't care.  Because soft forks are accepted by older nodes (even if they don't understand them).

==> soft forks are the way for the software monopolist to keep its power if it can push its upgrades to more than half of the miner pools.

This is why this has been "working" since 2010.  Bitcoin was centralized on a software monopolist which was smart enough to use soft forks.



You (and you're not alone) seems to have serious conceptual difficulties with the notion of a decentralized system.   A decentralized system has no authority, has no laws, has no government, has no justice, has, in other words, no notion of "morality", of "good" and "bad", of "valid" and "invalid".

Yes, if we were living in a decentralized society, "murder" would not have any notion of good or bad.  Like in nature, when the lion murders the antelope.  It happens or it doesn't happen.  Visibly, for the lion, killing the antelope was "good" ; for the antelope, we imagine that it was "bad", and nature being decentralized, there's no single authority to put the "bad" of the antelope over the "good" of the lion, and decide that it was globally bad.

This total absence of authority, of good and bad, and of valid and invalid, makes that the system has a dynamical behaviour.

You could say the same, in more restricted terms, of "market price".  The price, in a market, is also something that is decentralized if it is an efficient and competitive market.  There is no "valid" and "invalid" price.  There is no "good" and "bad" price.  The price is whatever the market determines, it is.

In the same way, in a decentralized system, whatever happens on the system, is what the system is doing, and that is not "good" or "bad". It can correspond, or deviate, from the PURPOSE you had IN MIND that the system WAS MADE FOR, but that's just illusion.  The system is whatever it is doing.  A "51% attack" is part of its possible behaviours, like "murder" is part of the possible behaviours of a system made of lions and antelopes.

From the moment you would like to define "good" and "bad" in such a system, you need to introduce centralization, because a single authority needs to even define what are the boundaries of "good" and "bad", and needs to have privileged force to impose this upon all its participants.   You need, in other words, a government that makes rules, judges that verify the respect of the rules, and a police and prison to punish with force, those that want to transgress the rules.

If you say "majority vote", well, a 51% attack was a majority vote !  So clearly, if you want to define the evilness of an act you will need to chose between two possibilities:

1) there is a *dynamical* way to define good and bad, and whatever that dynamical way does, is what is good and bad (= decentralized system)
2) there is an undisputed central authority that is recognized by all to say what is good and bad (the King = centralized system) and who can enforce it.

I'm just explaining that in a true decentralized system, only what emerges dynamically as "good" and "bad", IS what is good and bad.

In bitcoin (and most crypto) that's the block chain.  The block chain is what is good/true/valid.  All the rest is bad/false/invalid.   Simply because that's the fundamental assumption to be able to make a decentralized ledger.  It's in there -> valid ; it's not in there -> not valid ; the rules that make the ledger are per definition valid, and whatever other rules that are not compatible with the actual sole ledger out there are dynamically determined to be false, EVEN if they told you that they should have been valid.

The OTHER way of doing things, is: the King.  Here, the software monopolist, that tells you to use their software (because nobody else ever made anything else, or because everyone ACCEPTS the ultimate authority of the King).  The software, being in only one version, is then what determines what is good and what is bad, what is valid and what is invalid.



It IS the only power in bitcoin, and this thinking is the fundamental basis of anarchist society.  Personally, I'm in favour of it, but I measure its full implication of "immorality" (which is why I'm in favour of it, actually).  But I think most people declaring themselves anarchist don't measure this to their full extend.  It is a society without good or bad.  But my political opinion doesn't matter.  

What matters is that bitcoin is designed to be decentralized, so, without any central form of authority, and hence IS an anarchist system, if ever the code monopolist loses its monopoly.   And then this is a natural and logical consequence.  Whether that is desired, healthy, "good", "valid" or anything else with moral judgement, doesn't matter, and that's exactly the whole point of decentralization: no morality, but dynamics !

You could just as well say: "if gravity is keeping the moon on orbit that's OK, but if it makes me also fall off the mountain, I don't know if that is desirable".  Well, it is part of the *dynamical laws* because gravity too, has no "morality" or no "validity".  Whatever it does, is what gravity does.


Well, the genius of bitcoin's designer was to build a system in which the rules he laid down (as King) became or were supposed to become a Nash equilibrium, which means, that deviating from it for a single entity was not in that entity's advantage, meaning that the rules were immutable.  But it seems that Satoshi didn't understand the genius of his own design, so he still was thinking in terms of the King.

Bitcoin was laid down by its  King and his heirs, Core, as long as they are/were the software monopolist.  They are the central deciders on bitcoin.  They could even decide, like Vitalik did on ethereum, to reverse some irreversible things.  As such, bitcoin is like windows: a central software monopolist decides on everything.    They also decide, through their software, what is valid and invalid, good and bad, right and wrong.  Nobody can oppose them, because they make the only software that can run bitcoin.  There's no difference between core on one hand, and windows and apple on the other.  There are, indeed, rules of validity and of invalidity.

However, once that monopoly is gone in practice, who's going to decide what version of software is going to define what is valid and invalid ?   What is now "valid" ?  Where does that notion even come from ?

Bitcoin was designed to decide this by majority vote, majority of hash rate.  So yes, the original design exactly decided that "validity" was exactly what miners decided, by building upon the blocks they "signed off" as valid.  That's the core of bitcoin's PoW consensus mechanism.  So that's the definition of "valid".  If there are no software monopolists any more that can, also on a whim, decide this or that, because everybody NEEDS their software, then that's all that is left as a decision mechanism, because there's no central authority any more.

==> bitcoin becomes decentralized, and hence without "morals", without "good" and "bad" apart from its very own definition of good and bad: the block chain.

Well, segwit IS a smarter way of writing the transactions on a chain.  Technically, bitcoin's transactions are horribly designed, and do a lot of stupid things.  Segwit arranges that up to some point.  It is a better digital format of the information.  If you look at the technical improvements that Segwit brings over the design flaws in the original bitcoin transactions, I think one can only be in favour of the new format.

However I think the discussion is not about this.  I think the discussion is about the religious attitude against hard forks.  If one "gives in" to that attitude now, then we are essentially stuck *for ever* with the 1 MB block size + witness data.  For the moment, that could bring relief.  But maybe one day, the "equivalent 4 MB" will be again a limit.  And then, a hard fork WILL be needed.  Moreover, Segwit has been made more complicated as needed, just to *be* a soft fork.  It would have been cleaner as a hard fork.

There's no difference on the conceptual side between a hard fork and a soft fork: BOTH ARE MODIFICATIONS OF THE PROTOCOL.   A soft fork is not "softer" than a "hard fork".   The only difference resides in the "fighting block chain dynamics" when miners disagree.  Then a soft fork has much more power to just kill the opponent: a good majority is sufficient to suffocate the opponent ; while hard forks become truly independent coins.   In other words, hard forks are free choice elements, soft forks are "winner takes all" elements.   But both of them make a different protocol.

One can have two conceptions of crypto: one is "immutability".  A coin has an immutable protocol, which is a Nash equilibrium because of decentralization.   That coin is what it is, and will live with its protocol for ever.   Or the other is "dev-centralized evolving piece of software".   Then hard forks are not a problem: the devs centrally decide (eventually with one or other voting mechanism).

The point is that bitcoin's economic dynamics is such, that at a certain point, it will need scarcity of transactions, to make transactions expensive, because they have to pay for the mining PoW which won't be paid for any more because of goldbugonomics (no tail emission).  And for the moment, this was (accidentally) provided for with a hard limit on the number of transactions.  If one thinks one should allow bitcoin to have more transactions in one way or another, in the end, a hard fork will be needed to modify this.  

This has, in fact, nothing to do with the technical improvement of writing down the data on a binary record, which is segwit.

Hard forks are perfectly compatible with a decentralized conception of crypto.  Any entity decides to make a new coin, forking off from an existing coin, in the same way that any entity can start a new crypto currency from scratch with a new genesis block.  The only difference between a hard fork and a new genesis block is that one takes over the existing balances of the coin one forks off from.  Hard forks don't need collusion. 

Soft forks are an anti-decentralisation element, because they need a 51% collusion to succeed.

Yes, this is so evidently true that it is scary to see the denial over it.

I think you're right, that if one had to re-design bitcoin into something with a 2-tier network, with an on chain settlement layer and an off-chain payment layer, that the settlement layer should never have a hard limit, because it is an element of trust and security.  In as much as "not getting your transaction through" is annoying with transactions as a scarce inelastic resource, it is not a security issue.  If you can't pay, you can't lose your ownership either.  If, however, *publishing potential tranactions* are the security element, they have to have a guarantee to be able to get published.  Any form of scarcity of transactions becomes then a security issue.  That doesn't mean that it has to be free, but the LN needs a guarantee that any settlement transaction is going to be included within N blocks where N is significantly lower than the "time-out" of the security.  If the LN has the ambition to become much bigger than the current bitcoin network, then the on chain capacity should *have the potential* to settle it entirely in N blocks, and even have a mechanism to guarantee that settlement.  

Otherwise, you have the equivalent of in total only 5 appointed judges that have to deal with all potential contract litigations, and only consider litigations when the problem is less than a week old.  If the number of contracts within these 5 judges' jurisdiction is one million, then as a contract subscriber, you are at the mercy of a judge having time next week to settle your problem if you're scammed.  If enough people get scammed, most scams will get through, because the judges can only settle so many cases per week, and all the others will never be treated.

Add to that the funny part that these judges are also responsible for judging parking tickets, the day that everybody gets scammed, there are also 5 million parking tickets to be settled.  (spam)

No, the LN without a mechanism of guarantee of settlement on chain within N blocks is outright dangerous.

That said, my question is: why on earth would one want to re-design bitcoin and not simply do this elsewhere on a different crypto currency, made for the purpose ?  After all, bitcoin was a system designed to have a single layer of settlement.  Why trying to modify the design of a car so that it can fly and why not design an air plane from scratch ?  People wanting to continue to use a car can do so with the system they used to ; people wanting to go to the new air plane, can switch and use air planes, no ?  I don't see why cars should be transformed in air planes.

Fact: the sole block chain being made by a few data centers = bitcoin centralized at layer 0.  Whether the network copies that on many proxies, or everyone goes and fetches the original, doesn't change the decentralization.

Decentralization is not distributivity.   Decentralization is "power of decision".  Distributivity is "many proxies".  Facebook is entirely centralized on its CEO.  If Mark Zuckerberg decides on a strategy, that will be what Facebook will do.  But Facebook is very highly distributed.  It has thousands or more nodes throughout the world and a very distributed network.

Bitcoin's decision power resides entirely in the hands of those who make the unique block chain.  Hence, if there are only a few data centres making these decisions, this is where the power resides.  If bitcoin's network has thousands of full nodes, it has high distributivity, like Facebook.  

In other words, the number of full nodes that hold an exact copy of whatever the miners have produced, does zilch to the decision power, but adds to the distributivity of the network, making it resistant to internet failures, data centre overloads, DDoS etc.... But it doesn't help in decentralization, because decision power is only in the hands of those who make the unique block chain.

Proof.  Suppose that bitcoin has 1 million full nodes, and only one miner, that has 99% of the hash rate (say, the Chinese government) even though we believe that there are 20 different mining pools.  Tell me what happens if the full nodes decide to implement, say, segwit, and the Chinese government switches to 20 MB blocks.


You cannot take action if the only chain out there doesn't correspond to what you would like.  The only thing that happens is that your full node stops syncing.

As you say, everyone can launch a coin.  Bitcoin is not different.  A guy calling himself Satoshi on the internet launched it.  The entity that launches a coin is of course a centralized entity.  However, once it is launched, if the dynamics of the system is such that it decentralizes (hint: most of them don't, including bitcoin) sufficiently, which means that nobody can find any majority collusion over any agreement that deviates from "sticking to the rules", then these rules should remain in place by the very dynamics of the system.  This emergent property has a name: immutability.

Immutability is the fact that game-theoretically, none of the participating entities can find an advantage in deviating from continuing to apply the rules of the system as it stands.  In other words, the system started out as a centralized one with a given rule set, other entities joined.  These other entities could only join initially if they played by the rules of the central authority.  Each new entity that joined, could only join by "playing by the rules".  After a while, there were so many different entities, that the original central authority lost its "majority" and couldn't, on his own, change anything any more.  

Moreover, the idea is that a well-designed crypto currency is such that the original rule set is a Nash equilibrium.  That is, no single entity can deviate from his strategy to continue to follow the rules if all the others keep following the rules.  The whole idea of a *decentralized* system is that entities have to take their decisions of strategy alone, and cannot collude.  If they can sit together in a room and negociate something, it is centralized.  If there is a (moral?) authority that can dictate change (Satoshi ?  Core ?), then it is a centralized entity. A truly decentralized system has a Nash equilibrium on the actual rule set, and *simply cannot deviate from it*.  That property is "immutability".

Bitcoin, until recently, was centralized on Core's moral authority ; the low number of mining pools is shifting this to another central control: the "cartel of the miners" if ever they can sit in a room and come to agreements.  Cartel formation is the only way to leave a Nash equilibrium in a decentralized system, which, by definition, becomes centralized on that cartel then.

If bitcoin is truly decentralized, it cannot change its protocol any more (for instance, the block size).

The *only* way, in that case, to propose a modification, is to make a hard fork and hence, a new coin.  That can be done by just any entity.
And the game starts all over: the forker is the central authority fixing the new rules on the new coin.  If enough entities join, this new rule set will become immutable too, unless a cartel forms and the thing centralizes again.  Or someone else forks off.

I already talked about that, but in as much as the theoretical asic boost implementation is really winning in efficiency (it does, on paper, but the electronics my be more complicated), this is much ado about nothing.

Note that I'm adding the above caveat, because I too, accepted the theoretical efficiency gain of ASIC boost as established, but then some experienced electronics designer jumped in to point out that it is not because on paper, you can save yourself from repeating 25% of the calculations, that you can make hardware that is 25% more efficient, if the householding of those calculations is much more involved (which it is).

So, *under the assumption* that a hardware implementation of ASICboost is genuinly more efficient (with the above caveat), then this is just "technology improvement".  The hard part of this is that there's a patent deposited on it, but it is not bitmain that detains it, it is a core dev as far as I understood.

There's no "cheat" in asic boost, the principle is published, it is just a smarter way of organizing the calculations ; note that the standard way of calculating the hashes is already doing something similar.  The standard calculation doesn't calculate full hashes either for each trial and re-uses previously calculated results.  But ASIC boost is a smarter scheme, that uses the particular split-up of the two blocks to be hashed in the header, to re-use results in a smarter way, gaining 25% in the amount of individual operations to be done (but has more complex data paths).

As I pointed out earlier, PoW being a silly cryptographic protection scheme where the attacker needs to spend *the same* amount of work as the good guy (in most cryptographic schemes, the attacker needs to spend MUCH MUCH more work than the good guy), at least, the good guy should use all of the available technology and knowledge to not have to spend MORE work than the attacker.  This would be the case if miners wouldn't but attackers would use ASIC boost.

Also, if the "fairness dogma" would be that "hashes have to be calculated each time completely and no results can be re-used", then the standard algorithm is already cheating on that hypothetical dogma (which would be vastly stupid given the previous paragraph).

So the only problem with ASIC boost, if it is true that hardware based upon it is more efficient, is that there's a patent taken on it.

No.  DASH's principal critique comes not from the existence of master nodes, but rather from the scammy start of it, which lets one estimate that the original devs may just as well possess half of them, if they didn't spend their coins on girls and coke.

You shouldn't confuse the "size of the block chain" with "the scaling issue in bitcoin".   The scaling issue in bitcoin finds its origin in a belief that the size of the block chain should be relatively small, not in a genuine technical problem that a big block chain causes.  Bitcoin has a scaling problem because one wants to keep the block chain small, because there's a dogma that it should be small.    What is causing a problem in bitcoin right now is not the size of the block chain, but the LIMIT that one has set on that size (because, one believes that one would run into problems if one didn't, but for the moment, the remedy seems far worse than the imagined illness that never showed up).

Other crypto currencies don't adhere to that belief, and hence are not going to face a "similar" scaling problem.  If the belief in the potential problems of large block chains is justified, these crypto currencies will maybe run into these problems.  But if that belief is not justified and I fully think it isn't, then bitcoin is just hurting itself over a dogma with a problem it has created out of thin air, which other crypto currencies will simply not face.

So, yes, other crypto currencies make larger block sizes for a given number of transactions (Monero for instance, with its ring signatures).   But as it is absolutely not indicated that big block chains are a problem, as they don't have put, in the name of that belief, a hard limit on its size, they won't face the scaling issue of bitcoin.

You don't even need "thousand nodes".  As I pointed out, even one node is sufficient, as long as that node doesn't deny you access, because a node doesn't need to be trusted: it cannot serve fake data.  Given that mining pools need a node, which is also the source from which all other nodes can only copy (or refuse to copy and stop), in fact, the nodes of miner pools are sufficient for bitcoin's security.

You don't need many e-mail servers serving you the same e-mail with a signature for the security of the signed message.  If I send you a signed e-mail with my secret key of which you know the public key, and you KNOW that I sent you a message, then you only need one single e-mail server to get my message from.  No matter how much the single owner of that server can tamper with everything on it, you don't have to trust him: if you can download an e-mail with my signature, you know it is the right e-mail, it is not forged, and there is no other one.

This is why the whole debate of "my god, if ever we increase the block size, Joe will not be willing to buy a 3TB disk for his full node in his basement and bitcoin is centralized" is totally, totally ridiculous.  It is so ridiculous, and propagated by such knowledgeable people, that this is covering up an agenda.  First of all, because Joe will mostly be able to afford such a disk as you pointed out ; but second, because whether Joe is having his node in his basement or not, doesn't change zilch to the security or power model of bitcoin.

If you do technology based upon false assumptions or starting points, you will end up making a system that doesn't work well.   If people keep insisting on the false relationship between bitcoin's decentralization and the number of Joe's that have small computers running nodes in their basement, one is going to make decisions that are ill-fated.

Of course, the goldbugonomics of bitcoin reduces the block reward, and hence the financing of the (silly) cryptographic security of the ledger as time goes by, so somehow, transactions need to become scarce and expensive to take over from debasement.  This can be a good argument to introduce scarcity of transactions (killing the "fluid currency" concept if it wasn't yet dead by goldbugonomics).  My idea is that this argument is also used to force users off the block chain onto the LN.  Not for real, of course, because that will most probably never work for real, unless operated by "banking hubs", killing the last bit of "freedom money" that remained.

If bitcoin however, evolves towards what goldbugonomics drives it, namely, a speculative asset in a greater-fool pyramid game, then most probably, bitcoin doesn't need a very high transaction capacity (apart from the last day, when the final crash comes, but people cannot transact fast enough to sell their coins).  But 1 MB is too small.

BTW, I'm not against hard forks.  I think hard forking is natural, and in as much as two prongs emerge, that's good too.
Hard forks are great in that they don't need any "majority consensus" which is, by definition, impossible to obtain in a truly decentralized system.

Anybody can propose a hard fork, and if people take it on, then a new coin is born.  That's good.

This is why "government by consensus" if there is no central government, is immutability, THE invention of decentralized crypto.

I fully agree with the silly dogmatism that reigns in bitcoin land.   I have to say I came late to bitcoin ; in mid 2014.  I had heard of it before, but I thought it was something like the failed e-cash system I was very close to about 10 years earlier.  Back then I was enthusiastic, I saw it fail, and I realized that "freedom money" was not going to be possible.  I didn't immediately grasp the decentralized aspect of bitcoin.  I was mesmerized.  THIS was finally "freedom money" !

In the mean time, I saw it evolve from a system where one could, indeed, transact value in a "permissionless" way, into a speculative gambler's feast.  In the beginning, I thought it was great it was taking up value.  Then it started to annoy me that people seemed to focus on speculation more than on usage.  After all, "freedom money" is not to speculate or to get rich with because you happen NOT to be a person occupied doing valuable things, but because you happen to gamble some money at the right time in the beginning and just sit on your ass, right ?  That's exactly the sort of financial game that is making our banking system sick, so this should NOT be the essence of "freedom money", right ?  So when was the speculative bubble of bitcoin going to crash, finally, and start following "Fisher's formula" which is the true value of a currency used to buy stuff with ? After the 2013 crash, I thought that bitcoin was going to "de-bubble" and that people had been burned enough not to start over.  Bitcoin's price was happily going down, and my idea was that it was going to arrive at a few tens of $, its "Fisher price" rough estimation.

But no, speculation took of again, with the "halving", etc....  I didn't understand it.  Where was this sick speculation coming from ?   So I set out finding out why.  I now realize that it was made that way. "gold bug economics" but with huge initial seigniorage, can be nothing else but speculation.  The more I studied the game-theoretical aspects of bitcoin, the more I realized: this thing is broken beyond repair as a currency.  About everything in it is set up for it to fail as a normal day-to-day currency.   However, bitcoin is not dead, and will not die.  But it is something else.  It is not gold either.  Gold has had the bulk of its seigniorage hundreds or thousands of years ago.  Gold, economically speaking, "existed for ever".  It had its "price rise" so long ago, that no economic effect is felt today.  You can *reasonably" speculate on gold, like you can speculate on anything, but you won't do factors of 1000.    So what is bitcoin then ?  It is simply a huge greater-fool system.  No more and no less.  And what's driving it ?   A delusional story, of "the new money for the 21st century", what it is exactly designed not to become.  It is brilliantly designed as one of the better greater-fool traps in history.  

This is one of the greatest dogma's in bitcoin, that it should sustain "all payments of the world" one day.  It is not going to, but if you point out that its economic design is everything but that, and is nothing else but one of the biggest pyramid games in history, you hit a dogma.  I'm sorry that it is that.  I would have preferred "freedom money".  But it isn't.  Its price in the market is not set by the demand for bitcoin in order to buy stuff with.  Its price in the market is set by the demand of speculators that want to leave it to greater fools, making a benefit on it.  That's the definition of a pyramid game. If you mainly want an asset for the sole reason of selling it for a higher price to someone else later, and if this demand is what sets its price, and there's no "sound fundamental" backing it up, then this IS a pyramid game.

The other dogma is a cryptographic idiocy, namely that bitcoin's decentralization is depending on how many copies of the sole ledger are around, which brings us to the block size.  A payment system in which the ledger has to be integrally copied by all/most users, is a system of which the burden *per user* increases linearly with the size of the network.  Such a thing always crumbles under its own weight.    The more users the network has, the higher the burden *per user*.  This is crazy. It means that the total burden of a network goes QUADRATICALLY with the network size.  No reasonable system does so.

But on top of that, it is cryptographically not necessary.  If there's one block chain cryptographically available (no other one is actively being made), then *a few independent copies* are sufficient.  Not every user needs such an integral copy.  It doesn't help him in anything.  There is cryptographically no way to "fake" block chains, because the PoW can be checked by just the header list, and in any case there's no possibility to fake it without delivering the PoW, so without genuine mining. The only thing that must be decentralized as a check, is the *header list*.  You cannot fake it.  Once you have the header list, there's no way in which one can sell you "fake blocks", because their "signature", their Merkle tree hash, is in the (verified) header list.
So whether these blocks are 1 MB, 10 MB, or 50 GB each, doesn't really matter, they cannot be faked if the header list is right.  Nobody can sell you a fake block.  You don't need them all.  You only need those of the transactions you are concerned with, to verify that you obtained a transaction, or that you sent a transaction. (*)

If there are, say, 20 full nodes in the world, serving these data, that's largely sufficient, because no-one can fake the data, and there is no other data "in competition" available.  Satoshi already explained that, his logic is correct, but is conveniently ignored.

In *such* a case, a block chain system is NOT having a burden that goes quadratically with its users, but essentially linear/logarithmic, and COULD hence perfectly sustain growth without the slightest problem.  A few full nodes being the "world servers" of the single block chain is good enough, because that chain cannot be faked.  You cannot receive "erroneous data" from such a server, because you can check it against the header list that you DO maintain.

So all this "block size debate" is based upon a totally erroneous/bogus argument, namely the "need for this data to be copied a number of times, proportional to the number of users", which kills its growth.  It is another dogma, but this time, invented afterwards.

So, if bitcoin didn't have an economic design that induces pure speculation, it could have become a freedom currency, but its speculative behaviour transforms it in one of the better pyramid games of history ; and if that silly dogma of "everyone needs a full copy" wasn't maintained, it could technically sustain network growth without a problem.

Bitcoin has OTHER fundamental errors in its design, like using PoW for coin creation AND consensus, which industrializes and centralizes the decision-making process in bitcoin.

This is why I think bitcoin was a good idea, but is so badly designed, that essentially it KILLED the notion of freedom money it was supposed to become.

(*) edit:  it is important to realize that even if there are only 20 nodes out there, you don't need to TRUST them.  They cannot give you a fake block.  The only blocks that you can get from them, are true blocks, because these are the only ones that comply with their Merkle hash to the header list you received.  This is somewhat similar to the fact that you don't have to trust your e-mail server when you receive a cryptographically signed message.  If the signature verifies, then your e-mail server gave you the right copy of that message, he cannot give you a false one.  If you *know* that your e-mail server received exactly one such message (if you KNOW that you want block 480721), then the only thing that e-mail server can do, is to send you the right message, or refuse to send you a message.  This is why one node would in fact be sufficient, apart from the fact that that one node could decide to deny you access.  This is why some copies around are needed.  But cryptographically, from the moment you know that you can get a copy of a specific block, you do not need to trust the entity that gives you that block.  They cannot fake it.

You don't even need a full block, but just the "Merkle path" to the transaction that you need.  It cannot be faked either.

I wouldn't think so.  The most important thing in a coin is a protocol being solid.  Anyone can write software that implements a protocol.  But designing a protocol that will stand, once and for all, never to be changed, and with all game-theoretical consequences thought out before hand is very difficult.  If the protocol contains flaws, the coin is going to behave differently that its intended behaviour.

The problem in crypto is that one confuses software and protocol.  Anyone can write software to implement a protocol.  But fiddling with a protocol is way, way more subtle.   Thinking that one can define a protocol with just software is foolishness, because that essentially means that one is tied to a single piece of software.  There are many open protocols out there.  SMTP is probably the best known and oldest.  Many software implementations of it exist and that makes SMTP essentially immutable, which is the core idea of a crypto currency.

If Satoshi can log in and make things happen, it means that Satoshi is the central authority of bitcoin.
Now, if he has the (moral) right to the name of "bitcoin", why not.

Absolutely not.   Moore's law is alive and kicking.  But Moore's law is an *economic* law, not a law of raw performance.


Essentially, he says that the cost of an individual electronic function goes down by a factor of 2 every 1.5 years, and that's exactly what we need for the economic cost of proof of work.

It doesn't mean that the computational power of a laptop will increase by a factor of 2 every 1.5 years ; that could be a manifestation, but it could just as well be that a telephone with same functionality as 1.5 years ago, is half as expensive.

The real problem with asic mining and its centralization, is that PoW mining is also used for consensus building (= decision power over the protocol and the history).  One should have kept PoW for mining (that is, making new coins) ; but one should have used PoS or a variant of it for consensus.  Then, there wouldn't be that difficulty that those with a lot of mining power are also the masters of the consensus (protocol) ; the stake holders would remain master.

In fact, ASIC-optimized mining has the advantage that after a while, all technological advancement has been squeezed out apart from overall technological advancement (say, Moore's law).  As such, a certain amount of PoW starts to represent an incompressible economic cost.

This is my favorite way for automatic value capping of a crypto currency, by allowing emission of just as many coins as you want that have been burned with an incompressible amount of economic waste.  It would do what the FED is doing, but automatically, and make a real, near-ideal currency (in the sense of Nash ideal money).  Of course it would be inflationary with technological progress, so one should program in a difficulty rise of the order of Moore's law, instead of the difficulty adjustment to keep the coin emission rate on a curve, one should keep the coin *value* on a curve and regulate the emission.

In other words, instead of a difficulty adjustment every 2016 blocks, one should have a difficulty adjustment following Moore's law, and let people make as many coins as they want, until the coin value drops below the cost to make it, at which point it stabilizes in value.

Again, nobody CAN lose a coin just by running or not running a particular non-mining node.  That's trivially obvious.


Why ?  After all, each time you make two coins, they are evaluated in the market.  If most users find the improvement much better than the original, they will put all the market cap on the new one, and none on the old.  In PoW, the miners follow the market cap (in fact, they follow the block reward in $$ but if the rewards are comparable, the miners follow the market cap).  So if users decide to buy up the new coins, and dump the old ones, the market cap of the old ones goes to 0, and the market cap of the new one takes over all of it.

If the users are divided over the utility of the modification, two coins emerge with comparable market cap, mostly half of what used to be the original coin, which is a good thing too: it means that essentially a useless modification was applied, at least as evaluated by the market.

I would think the multitude of different coins a good thing ; but actually, one doesn't need to fork off bitcoin to do so, one can also start a chain from scratch.  That is what about 700 or more other crypto currencies have done.   The more the market is varied, the more different coins there are, the better the experiment, and the more fluid the market ; the better the outcome.    Monopolistic markets are a bad thing.  Variation and choice is good in my book.  I think bitcoin has been having a monopoly for far too long a time, and finally, other crypto is being considered somewhat, even though in a crazy speculative game.

If there is a strong majority forking away in bitcoin, the slow difficulty adaptation in bitcoin will simply kill the small minority chain: its block rate will be ridiculously small.  So any 10/90 % split in bitcoin will result in a 0/100% split almost directly by the miners, and no miners are going to stick with the slow chain ; that was the difference with ETH/ETC.

Note that you are contradicted that every hard fork needs to lead to two prongs in reality: most regularly hardforking coins like ethereum, DASH, monero, .... are in any case so much centralized on their "Core" dev team, that only in very contentious cases, two prongs emerge, as was the case with the winding-back HF on ethereum.


Yes.  That's good in my book.


The funny thing is that a UASF is exactly the same.  You make two coins if the soft fork chain is minority, even though it is a soft fork.  UASF is asking users to only consider a segwit-only chain, and hope that a minority of miners will make a segwit-only chain that those UASF nodes will accept (otherwise, they stop).  But the old majority chain continues of course.  We ALSO have a fork and two coins: don't call the new one "bitcoin" in that case, you might confuse people.

However, this kind of fork is extremely dangerous.  Because the majority chain may be orphaned after a month or so if they don't transform it into a bilateral hard fork.

But the current price IS already that of a derivative (not trustless for the moment ): an exchange IOU.
By far most crypto is only bought and sold on an exchange, never to see the block chain.  I'm pretty sure that at a certain moment, if there are sufficient regulations in place that exchanges are financial institutions like banks etc... and have settling layers between them (not even necessarily "crypto") that one could go on trading coins when all block chains stop.

Bitcoin has done x3 in price without increasing transaction adoption (the blocks are full so they cannot accomodate x3 for the moment).  Many coins have had factors X in appreciation without their blockchain transactions move much.  

The price of crypto is the price of exchange IOU, and the block chains behind it almost don't matter any more.   In fact, a stopped block chain would be the absolute security that an exchange cannot get hacked or cannot run with your coins !  If tomorrow, the bitcoin block chain stops, then all exchanges have their guaranteed "true bitcoin backing" which nobody can steal any more and the risk of them getting hacked or run away with your coins falls to zero.  It would be the ultimate security of exchange IOU.  It would be the ultimate maturity of crypto as a speculative gambling asset.  Maybe this is the market transition we are witnessing.

You should try to understand what a hard fork is.  Miners are making two different chains from a certain common block onward.  In a bilateral hard fork (the simplest to understand), the rules that say that a block is valid on one of the prongs, say that a block is invalid on the other prong and vice versa.

Whether other nodes copy these data blocks or not doesn't matter in fact.  Miner pool nodes are building one prong, or the other one.  Without them building these chains, nobody can get them, and the ONLY chains they can get, are these two chains because nobody is making any other one (by definition of "non-mining").

As a single chain defines a coin (by the creation and transaction rules on that chain), after the split, we have two different coins, which are just as different as bitcoin and litecoin.  Satoshi has been mining bitcoin all by himself for quite a while in the beginning, so a miner can very well make a block chain without any non-mining node being around.  No other node was around at that time, and nevertheless the bitcoin chain was made at that point.  Satoshi could have made some fun, and could have made a hard fork at a certain point, making two prongs, and continue mining on the two prongs.  If those two prongs would have continued up to today, we would have had two different bitcoins.  Whether non-mining nodes were looking at that time or not.  So, Satoshi, all by himself, could have made a hard fork, and two coins emerging from one.

There wouldn't be any other chain around apart from these two chains, with a common origin.  These chains are, by definition, made by miner nodes (chain builders).  And nobody else is needed ; and nobody else can make anything else without, himself, becoming a miner.

Of course, you can "lose coins" if in one of the chains, there's a rule that denies the existence of your coins.  But that was the protocol that miners used to make that fork.  Not your node's fault.  If tomorrow, bitcoin is split in two, and in one of the two forks, my addresses are considered spent, then I lost my coins.  But that is because the miners that decided to build that forked chain, decided so.  Not because I was running a node or not.