Does not compute:
You seem to be suggesting that miners, merchants, and exchanges are the only entities (or people...) running nodes.
My claim is that the network would operate just fine without any but merchants, miners, and exchanges running a node. Independents add little to no value to the system. Further, as you acknowledge, there is no economic incentive for an independent to run a node.
Would you agree that the entire economy depending on a single node for validation endangers security and fungibility?
Probably. Which makes it A Good Thing that anyone who is concerned about such centralization is free to run a full node.
So, centralization endangers security and fungibility, but "the network would operate just fine" if validators were centralized into smaller and smaller groups that omitted the vast majority of the userbase? At what point does it become "too centralized?"
Move goalposts much? As long as there is the _ability_ for anyone to run a node (i.e. no regulatory or exclusionary barrier), I am unconcerned about any amount of node centralization. After all, independent nodes add zero value. They can always be routed around by any other network entities. They are essentially non-entities as far as the network is concerned.
Perhaps you can explain to me -- in detailed fashion -- exactly what value you think it is that independent nodes provide? What task do they perform that cannot be countered? How exactly does their presence prevent nefarious action?
Hash power is already highly centralized among a handful of pools; merchants almost entirely transact through two central processors (Bitpay and Coinbase); there are a handful of prominent exchanges and a couple handfuls more of dodgy, scammy ones. The network would run just fine if the entire userbase trusted these few entities to uphold the integrity of all transactions?
It doesn't matter whether or not we trust this small set. Any other nodes can be routed around.
But to answer your implied question, as long as transaction originators (i.e. exchanges, merchants, and wallets) are necessary nodes on the network, I expect their users will keep them honest. This does not omit the majority of the userbase, these entities are representative of the userbase.
If the entire userbase stopped running nodes (save for this few dozen entities), are you suggesting that it would not be easier for say, a miner or a government, to mount a Sybil attack on the network?
Why don't you first explain to me why you think independent nodes provide any sort of protection from Sybil attacks? Actually, first, why don't you describe to me exactly what form of Sybil attack you are concerned about here?
Classic increases the block size in a honest manner. Core increases the block size as well through chicanery. A fully validating node still needs signatures, so it's actual Max block size is anywhere from 1MB to ~4MB, depending upon how much multisig is in that block.
Honesty is not the issue here; network security is the issue.
Agreed. However, the Core SegWit Omnibus Changeset requires as much or more data transfer and storage by each fully validating node than does a simple 2MB bump. The necessary consequence of this is that using '
ZOMG centralization of the poor nodes' as a reason for Core SegWit Omnibus Changeset over simple 2MB is absolute twaddle.
Sure, a fully validating node still needs signatures. And in approaching the increased cost (upload bandwidth) of increased throughput, we can externalize the cost to all nodes or we can distribute the cost to those who are using it (and who can pay for it).
Well, duh. We already have a solution for not-fully-validating wallets. Explain what you mean by 'externalizing the cost to all nodes' -- sounds an awful lot like 'trusting others to do the validation'. Care to explain how it differs?
I don't think anyone here is really arguing about disk space. But could you provide some evidence that "an insignificant proportion of current nodes will stop node-ing" if block size doubles? No data I've seen appears to support that, but maybe you could provide some.
Merely a rationally reasoned conclusion. Can you support an assertion to the contrary?
So... you cite no evidence.
I see you cite no evidence as well.
Then you cite "rationality" as the basis for your claims, without explaining the rationale.
Waah. Where's your rationale?
Whatevs. Anyone running a node today is quite evidently interested in bitcoin. After all, they've devoted more than three dollars worth of disk space to the activity. And enough bandwith to (almost) carry on a Skype conversation. I don't think such a person is going to be deterred from running a node just because the cost rises to six bux and change in disk, and a bit more bandwidth than a Skype conversation. That's my rationale.
But it really doesn't matter, as independent nodes add no value to the network (see above).
For starters, there is a clear negative correlation between node health and block size. As average block size increases, average node count falls.
If there's a point there, you're not making it. Coincidence does not imply causality. And your correlation is poor. Need more rigor if you're trying to claim causality here.
Non-mining nodes, by not trusting mining nodes and enforcing the protocol are integral to the integrity of the p2p system.
No, they are not. It is trivial for
any miner to implement their own forwarding node, connecting explicitly to other miners which share their philosophy, completely bypassing any set of independent nodes.
If miners could trivially bypass any nodes, that would suggest that a Sybil attack would be trivial to mount, correct?
Before I can either disagree or agree with your proposition, you are going to first have to define the characteristics of this Sybil attack of which you speak. Then you are going to have to explain to me why you think any independent node might prevent such an attack. Care to do so?
Or more germane, which part of my statement are you trying to refute, by ignoring it in favor of your own proposition? Do you disagree that any miner could implement their own forwarding node? Do you disagree that said miner could connect explicitly to specific nodes? Do you disagree that these other nodes might be owned by other miners? Do you disagree that these other miners might plausibly have the same game intent as others? Or that the cost of such node be essentially noise to an industrial mining operation? What else in my assertion could you possibly be disagreeing with?
--as they could simply bypass all honest nodes. Miners have carried out attacks in the past, so why not Sybil attacks? If it's so easy to bypass the entire decentralized node system, why aren't miners attacking the userbase for profit on that basis? If miners can trivially control most nodes, they can censor and double-spend all day until the cows come home. Yet.... this doesn't happen. Why?
Bullshit. But I'll first answer your questions -
because it is not in their rational self interest. Now to your points...
What proportion of miners do you think it is that does not broadcast to other miners? Do you understand that every hop in the chain adds latency, and thereby increases the chance that their block will be orphaned? In the light of this, why on earth would they trust the broadcast to some ad-hoc association of fly-by-night independent nodes, when they can broadcast directly to other miners? Or to the (oddly centralized) relay network?
I'll await your description of the Sybil attack you so fear before addressing that.
I never said miners could control most nodes, I said that independent nodes are of no value in keeping miners in check.
Any given miner cannot truly censor any given transaction, when the next miner to solve a block might include the 'censored' transaction. No value in trying. And independent nodes would have no power to stop this anyhow. Each miner is the sole determinant of what transactions to include in any given block. What power does any node have to 'anti-censor'?
Any given miner attempting to double-spend will find his double-spent transactions (thereby blocks) ignored by the rest of the mining network. Thereby losing his entire block reward. And independent nodes would have no power to stop this anyhow. Explain why you think otherwise?
That miner you mention is also competing against all other miners to have his blocks validated by most nodes accepted by the next miner to mine a block, so the presence of honest nodes miners disincentivizes him from attempting any attack on that basis ... "Bypassing any set of independent nodes" is meaningless if most nodes miners on the network are still enforcing the same rules. Either the miner is honest and bypassing any nodes is a moot point, or the miner is dishonest and bypassing any nodes causes his blocks to be rejected (e.g. as with double-spends) if he does not control most nodes miners.
^FTFY. The miner that solves a block doesn't give a rat's ass about what other nodes think. His interest is to have the next miner to solve a block to build on the chain he already extended. Period. This is fundamental.
Ignoring hashpower-based attacks, I don't see any basis for your point unless this miner (or mining consortium) controls most nodes on the entire network, or sufficiently clusters Sybils in a given area sufficient to censor or double-spend transactions in that region. If he does not control most of the network, bypassing independent nodes accomplishes nothing.
There you go moving the goalposts again. The proposition under discussion is not whether it is in the interest of any miner to bypass independent nodes, it is that independent nodes add no ability to the network to keep miners in check. I have demonstrated above that there is nothing that independent nodes can do that any given miner cannot route around.
A necessary corollary of this is that attempts to maximize independent node count is useless.
Summary [eta: still stands]:
1) 'Node Centralization' is no reason to choose between 1MB Core and 2MB other
2) Doubling block size will have negligible impact upon node count
3) In the end, nodes are negligible marginal utility anyhow.
With IBLTs and weak blocks, and after segwit, I'd be more confident in #1.
Good...
I don't think you've provided a modicum of evidence for #2.
And I don't think you've provided a modicum of evidence against it. I agree, simple reasoning is weak in the face of contrary evidence. Yet, I have not seen any contrary evidence yet - from you or other.
Regarding #3, the utility of, and incentive to run[ning] a node are elusive but not non-existent.
We're not arguing about the incentive for an individual to run a node, we're arguing about whether or not independent nodes add any value to the network. I say no, and I think I've conclusively demonstrated so. I await your rebuttal.
Non-mining nodes are essential to maintaining the integrity and security of the protocol, and many on this forum including myself and David Rabahy above me, can attest to running nodes because we want the system to succeed and/or are invested in its success.
You may be running a node because you want bitcoin to succeed. I think your reasoning is incorrect. As far as David Rabahy, I certainly got the impression that he agreed with me that independent nodes add no value to the network.
1) agreed; the debate is fees vs. adoption; I, for one, would rather delay the onset of fees in favor of adoption for now
2) agreed; with >5800 full nodes, I sincerely doubt all that many will be forced off the network unable to keep up
3) agreed; which is unfortunate; I, for one, would like to see non-mining full nodes paid at least a little bit
As for me, I run a node because I am not gonna trust my Bitcoin to any other -- no way, no how. But this benefits me, not the network.
But the more you squeeze node operators, the less of us there will be.
While probably true, this is only relevant to #2, and I deny the assertion that doubling storage and bandwidth requirements provides a significant squeeze.