Bitcoin Forum
December 24, 2024, 04:27:45 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they believe that the creator of this topic displays some red flags which make them high-risk. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 [22] 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 ... 764 »
  Print  
Author Topic: IOTA  (Read 1473414 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
ciappa
Hero Member
*****
Offline Offline

Activity: 840
Merit: 501



View Profile
October 29, 2015, 02:16:51 PM
 #421

When ICO will take place?  Shocked

  ███
  ███
   
█████
█▀▄  █
█    ▀█
█▀▄  █
█    ▀█
█▀▄  █
█████
   
  ███
  ███
▄▄▄▄▄▄▄▄▄▄▄▄
██ ▀███▀  ▀█
██        ▀█
██▄       ██
█▀█▄     ███
██▄▄▄▄▄█████

██████▀▀▀███
█████  ▄▄███
████    ████
█████  █████
█████▄▄█████
Whitepaper
Announcement
Bounty
  ███
  ███
   
█████
█▀▄  █
█    ▀█
█▀▄  █
█    ▀█
█▀▄  █
█████
   
  ███
  ███
  ███
  ███
   
█████
█▀▄  █
█    ▀█
█▀▄  █
█    ▀█
█▀▄  █
█████
   
  ███
  ███

                      ▄▄
                  ▄▄████
              ▄▄████████
          ▄▄███████▀████
      ▄▄█████████▀ █████
  ▄▄███████████▀ ▄██████
█████████████▀  ████████
   ▀▀██████▀  ▄█████████
       ▀▀▀  ▄███████████
           ▄████████████
           █████████████
           ████▀  ▀▀████
           ██▀       ▀██
tromp
Legendary
*
Offline Offline

Activity: 991
Merit: 1110


View Profile
October 29, 2015, 02:17:14 PM
 #422

By invalidating a fragment you earn more coins.

How so?

Quote
You can't just replace miner by attacker. The payoff matrix is different for the cases of with and without coin generation, in the former caIt's easy to invalidate a branchse participants are not interested in approval of each other's transactions.

Your design has a problem if as you say "It's easy to invalidate a branch".
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
October 29, 2015, 02:21:19 PM
 #423

How so?

If there are only Alice and Bob then Alice will get more coins if Bob gets none.


Your design has a problem if as you say "It's easy to invalidate a branch".

Not my design, a design with coin generation has it.
TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 05:08:19 PM
Last edit: October 29, 2015, 05:52:07 PM by TPTB_need_war
 #424

Possible? I don't see how it's possible to draw a picture to have longest-path-as-the-score rule to be broken by an adversary.
"Longest-path-as-the-score" differs from what is proposed in the whitepaper. We were talking about another algo.

Longest-chain. There can only be one. Reverting to a block chain, except that chain grows per TX and not per block. But afaics double-spend coherence and complex game theories thereof would require you to violate the CAP theorem.

Simple. Just allow special coinbase txs that additionally need to reference the previous coinbase tx and need so much PoW that they can only happen on average every 10 mins:)

This magically moves Nash equilibrium towards superwide DAG.

Bottleneck to what? It is only recording checkpoints. It is not slowing down the forward advance of the DAG. It is orthogonal, except for the coinbases which can be spent into the DAG (after sufficient # of blocks to be probabilistically sure of coinbases not being reverted by an orphaned chain).

What is this blockchain supposed to checkpoint? DAG topology? Then this blockchain must possess fragmentation flexibility of DAG which is impossible in high-load, unless DAG waits for the blockchain to catchup. You can wait for 1 month before getting ability to spend coinbase coin, but once a corresponding checkpoint is recorded into the blockchain a greedy miner will generate another (better) tip containing a double-spending transaction invalidating tip which has been recorded.

in the event a honest guy tries to reference a legit tip and the attacker's tip, he'll detect the contradiction and won't do it. Therefore, the attacker's subtangle will be abandoned.

This requires not just an honest guy, but a diligent one as well.
The risk is that honest guys will be lazy and rely on others to go far back in history to check all tx for double spending.


The lazy guys risk that their tx's will be abandoned, because the majority of the nodes won't reference them.

That is precisely how I would have answered. It is quite clear that everyone has a strong incentive to be on a correct branch, else any time down stream someone can broadcast a notice that a branch is incongruent then that branch gets abandoned.

But doesn't this mean that there is a great incentive to not include tips in your branch, because these don't yet have enough veracity to be sure they won't end up being a double-spend. In your system there is often no way to prove which of the double-spends were first, so they both are invalid.

Seems to me no one has an incentive to lengthen instead of broaden the tree. But I haven't absorbed the white paper. Did you address that?
Yes. As mentioned somewhere above on this page (or maybe on the previous one), the (default) referencing algorithm works in such a way that it prefers tips with bigger height. So, if you're too lazy and reference some very old tx's, you take the risk that your tx won't be referenced by others.

But that default doesn't seem to be the correct game theory? This is Prisoner's Dilemma game. Afaics, lower incentive to go first on including a new tip. Just noticed yesterday this research on cases where the pessimistic Nash equilibrium is claimed not to hold (but on quick glance I ponder if they have overly simplistic assumptions in their models).

Obviously if everyone defects to making their own branches (maximally broaden the tree), then no one's tips get lengthened and thus the entire system doesn't function. But is the optimum strategy the default that you assume?
We assume that the node knows that most nodes will behave well, and so it's obliged to behave well too.

The attacker doesn't publish it untill he has enough transactions referencing the second doublespending transaction.

The second doublespending won't be referenced because the longest tip already contains the legit transaction.
Anyhow, we are discussing now with CfB ways to define better referral algorithms, which would permit to fence off such attacks in a more efficient way.

Contrary to my initial upthread enthusiasm, I am leaning towards this DAG concept can not work because it appears to attempt to defeat the CAP (Brewer's) Theorem. Before I was thinking the multiple (multifurcating) branches are orthogonal, but it becomes clearer from the game theory issues quoted above, that there are complex dependencies. Analogous issues as the following appear to apply to DAG:

The key failure in your design is the lack of incentive to have a consensus. What is the incentive for voting nodes to agree with the correct fork and for minority nodes to agree with the majority fork? Seems to me they can all disagree and no one can prove otherwise, because they can pretend to have never heard the votes of others (no way to prove receipt of a vote on the internet). This shows that without the objectivity of a PoW, then there is no objectivity and you end up in chaos.

Primarily this is mitigated by the fact that if a node doesn't create a fork, there is nothing to vote on, no consensus is needed.  If I have a signed block chain A0->B0->C0 and it's published, no one can vote between C0 and let's say C1 because there is no signed C1.  If you don't sign forks, no one can vote on your transactions.

I don't comprehend your notation and its applicability, but I was just thinking conceptually that you have a these N block chains operating orthogonally, thus one one can receive the transfer of value from the other. Then you can have double-spends and what not. So then you can have different block chains disagreeing about a plurality of different orthogonal block chain states. There is no global unified state, that is the entire point since missing the global PoW block period to force timely consensus to this single objective reality. If we don't want a global state, then we must use a probabilistic forking structure such as Iota's DAG to obtain Byzantine fault tolerance. You've conflated the independence with the determinism required for global coherence. Global coherence with individual realities (relativism) can only be probabilistic. I believe this follows from Brewer's theorem which says it is impossible to have all three of consistency, availability, and partion tolerance.

In PoW, miners have an incentive to reach consensus because otherwise their rewards won't be honored by the longest chain. In your system the majority of the vote is the winning fork, except there is no penalty for delaying for an indefinite period acknowledging receipt of such a vote. Thus complex game theories arise. Even more critically, the majority vote may be split among multiple forks, such that there is no consensus, because you have multiple chains thus a plurality of permutations of forks.

I do want readers to note which of the three posters in this thread was able to state directly the design error. That should be instructive to investors.

Well-behaved nodes are configured to flip their vote if they observe their fork variant as having fewer votes than another.  The only way to vote is to have a balance tied up in the network.  To vote to confuse the network is to destroy its value which destroys your investment.  The incentive is to retain value in the system rather than accumulate rewards through inflating everyone else.

Not necessarily. They could collude to steal value from another fork by double-spending to the other fork and then disagreeing about the objective time of spending. Perhaps other complex game theory as well. Also it may not be intentional. Per my point above, the objective reality may be indeterminate and the system may have a plurality of minority realities (votes). That is what I expect to be the normal mode due to chaos theory.

mthcl
Sr. Member
****
Offline Offline

Activity: 376
Merit: 300


View Profile
October 29, 2015, 05:21:14 PM
 #425

Quote from: TPTB_need_war
Contrary to my initial upthread enthusiasm, I am leaning towards this DAG concept can not work because it appears to attempt to defeat the CAP (Brewer's) Theorem
Could you please elaborate? In particular, we don't claim this
Quote
Consistency (all nodes see the same data at the same time)
should be true in iota.
Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
October 29, 2015, 05:23:00 PM
 #426

Contrary to my initial upthread enthusiasm, I am leaning towards this DAG concept can not work because it appears to attempt to defeat the CAP (Brewer's) Theorem. Before I was thinking the multiple branches are orthogonal, but it becomes clearer from the game theory issues quoted above, that there are complex dependencies. Analogous issues as the following appear to apply to DAG:

Hard to tell what you mean without knowing what you have sacrificed - C, A or P.
TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 05:42:14 PM
 #427

Now you know why ... They were ... And ...

Insults are not welcome in this thread, without an evidence I treat your words as insulting.

Where there is smoke there is fire. No insults intended, just being realistic. Feel free to delete my posts if you want.

Edit: I admire your strict (and level-headed) adherence to sensing versus intuition. I am EN?P (nearly balanced between F and T). I am like 81% N. So I rely a lot on intuition and don't wait to have every fact sensed with full verification. I admire those who are ISTP (but not so much ISTJ). I have to learn to appreciate the virtues of that and yet maintain respect/balance where my intuitions helps me.

Let me help you with that, Myers-Briggs is absolute bullshit equivalent to astrology: https://en.wikipedia.org/wiki/Myers%E2%80%93Briggs_Type_Indicator#Criticism

Every metric is a relative perspective. This one like all others in science have only relativistic truth. Given the very few degrees-of-freedom, one shouldn't expect it to hold sway over complex factors in personality. I think it was Einstein who said chose the question to fit the answer you desire.

TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 05:46:08 PM
 #428

I have no problem with people being skeptical of ICOs and we're not selling securities

My interpretation of USA securities law, it is very likely you are.

iotatoken
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
October 29, 2015, 05:49:13 PM
 #429

I have no problem with people being skeptical of ICOs and we're not selling securities

My interpretation of USA securities law, it is very likely you are.

No, same terms as Augur and Ethereum sale.

TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 05:56:33 PM
 #430

I have no problem with people being skeptical of ICOs and we're not selling securities

My interpretation of USA securities law, it is very likely you are.

No, same terms as Augur and Ethereum sale.

If they did not register with the SEC, then I think their models are illegal, unregistered securities, but IANAL, so consult your own. You can read my complete analysis at the thread I linked to. The key point is marketing to investors.

iotatoken
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
October 29, 2015, 06:04:17 PM
 #431

I have no problem with people being skeptical of ICOs and we're not selling securities

My interpretation of USA securities law, it is very likely you are.

No, same terms as Augur and Ethereum sale.

If they did not register with the SEC, then I think their models are illegal, unregistered securities, but IANAL, so consult your own. You can read my complete analysis at the thread I linked to. The key point is marketing to investors.

We're not marketing to investors. We're going to have a software sale. The tokens are software. Like I said: we make no promises to any investors of these software tokens increasing in value.

All of this will be made even more clear in the ICO announcement of course.

TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 06:05:13 PM
 #432

Contrary to my initial upthread enthusiasm, I am leaning towards this DAG concept can not work because it appears to attempt to defeat the CAP (Brewer's) Theorem. Before I was thinking the multiple branches are orthogonal, but it becomes clearer from the game theory issues quoted above, that there are complex dependencies. Analogous issues as the following appear to apply to DAG:

Hard to tell what you mean without knowing what you have sacrificed - C, A or P.

For example to deal with the double-spend attack stdset has been discussing, to maintain consistency and access you must do something to "fence off" partitions (branches) and give up P.

The block chain creates one partition which is the longest chain. Thus it can maintain C and A. You will have to give up one of C, A, or P. The promise of DAG was to not give up any of those.

I think you can make DAG work but you will end up with divergent partions that can't be remerged (thus losing global consistency of value), same as what will happens to Bitcoin if it is forked (even by network partitioning).

This is a serious fundamental theorem that all of us designing consensus algorithms face.

Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
October 29, 2015, 06:07:31 PM
 #433

The promise of DAG was to not give up any of those.

Where was that promise given?
TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 06:09:42 PM
 #434

I have no problem with people being skeptical of ICOs and we're not selling securities

My interpretation of USA securities law, it is very likely you are.

No, same terms as Augur and Ethereum sale.

If they did not register with the SEC, then I think their models are illegal, unregistered securities, but IANAL, so consult your own. You can read my complete analysis at the thread I linked to. The key point is marketing to investors.

We're not marketing to investors. We're going to have a software sale. The tokens are software. Like I said: we make no promises to any investors of these software tokens increasing in value.

All of this will be made even more clear in the ICO announcement of course.

Okay good, you are doing what I had explained to do. Who was first to document this strategy in public myself or you or some other?

But unless you actually enforce the vestment amounts to a small amount per individual, then you might have a difficult time arguing in court that you were not marketing to investors, given where you've announced this coin and especially if you are allowing an individual pay $5000 for your software.

mthcl
Sr. Member
****
Offline Offline

Activity: 376
Merit: 300


View Profile
October 29, 2015, 06:12:55 PM
 #435


I think you can make DAG work but you will end up with divergent partions that can't be remerged
Why? If there are no conflicting tx's, someone can issue a tx referencing 1 tx from partition 1 and 1 tx from partition 2, et voila.
TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 06:14:16 PM
 #436

The promise of DAG was to not give up any of those.

Where was that promise given?

I have seen a statement up thread by one of you three about branches being able to remerge.

I think it is pretty clear from the white paper and general discussions that there was assumed to be some magic here without explaining that you must give up something when restoring the partition intolerance of a block chain.

So I just want you all to enumerate what you are giving up specifically. Seems like you are still working this out, so I am just giving you some food for your thought process.

Peer review. And I think readers need to read review and see your responses.

TPTB_need_war
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
October 29, 2015, 06:29:53 PM
 #437


I think you can make DAG work but you will end up with divergent partions that can't be remerged
Why? If there are no conflicting tx's, someone can issue a tx referencing 1 tx from partition 1 and 1 tx from partition 2, et voila.

Due the quoted Prisoner's Dilemma that I outlined (for which I believe your response was inadequate for the following reason) in that no one has an incentive to be first to lengthen the tips, the game theory is going to devolve to everyone agreeing to blacklist double-spends without actually abandoning branches containing conflicting transactions where they have transactions.The Prisoner's Dilemma is only solved in favor of lengthening if double-spends won't cause a branch to be illegitimate. Thus the branches will diverge while they lengthen. Your preferred algorithm will not hold over time. CAP's theorem is guidance, and now you just need to model it or put it into the wild and observe.

You might try to formulating some fencing or "longest-path" algorithm, but you are just going to end up back at a block chain (giving up Partition tolerance) once you have solved the Consistency and Access issues.

Any way if I am wrong, then kindly be the first to disprove the CAP theorem. Good luck with that.

Come-from-Beyond (OP)
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
October 29, 2015, 06:33:37 PM
 #438

I have seen a statement up thread by one of you three about branches being able to remerge.

I think it is pretty clear from the white paper and general discussions that there was assumed to be some magic here without explaining that you must give up something when restoring the partition intolerance of a block chain.

So I just want you all to enumerate what you are giving up specifically. Seems like you are still working this out, so I am just giving you some food for your thought process.

Peer review. And I think readers need to read review and see your responses.

Sorry, but you are wrong. It's silly to build a distributed system violating CAP theorem, in no circumstances anyone of us would even attempt that, it's the same as trying to fly faster than speed of light.
mthcl
Sr. Member
****
Offline Offline

Activity: 376
Merit: 300


View Profile
October 29, 2015, 06:44:21 PM
 #439


I think you can make DAG work but you will end up with divergent partions that can't be remerged
Why? If there are no conflicting tx's, someone can issue a tx referencing 1 tx from partition 1 and 1 tx from partition 2, et voila.

Due the quoted Prisoner's Dilemma that I outlined (for which I believe your response was inadequate for the following reason) in that no one has an incentive to be first to lengthen the tips, the game theory is going to devolve to everyone agreeing to blacklist double-spends without actually abandoning branches containing conflicting transactions where they have transactions.The Prisoner's Dilemma is only solved in favor of lengthening if double-spends won't cause a branch to be illegitimate. Thus the branches will diverge while they lengthen. Your preferred algorithm will not hold over time. CAP's theorem is guidance, and now you just need to model it or put it into the wild and observe.

You might try to formulating some fencing or "longest-path" algorithm, but you are just going to end up back at a block chain (giving up Partition tolerance) once you have solved the Consistency and Access issues.

Any way if I am wrong, then kindly be the first to disprove the CAP theorem. Good luck with that.
If, for example, I'm a merchant who accepted a payment in the "smaller" branch, then I have all the motivation to do some more PoW to make the branches re-merge and therefore increase my safety.  And please stop randomly citing Big Important Theorems that have only a vague connection to what we are discussing. In academic circles such behaviour is not welcome.
Tobo
Hero Member
*****
Offline Offline

Activity: 763
Merit: 500


View Profile
October 29, 2015, 07:55:10 PM
 #440

CoinTelegraph did an interview with me ( David ) yesterday. It will be of interest and answer some questions that people who is following IOTA might have. http://cointelegraph.com/news/115508/iota-a-blockchain-less-gasp-token-for-the-internet-of-things

Nice article! Good use cases mentioned in the articles. Another use case can be the medical data collection. Like Iwatch and Fitbit can collect medical data from individuals to resell to doctors/health organizations and pharmaceutic companies by micro-paying the individuals for the data.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 [22] 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 ... 764 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!