Bitcoin Forum
November 02, 2024, 08:41:06 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 [32] 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 »
  Print  
Author Topic: DECENTRALIZED crypto currency (including Bitcoin) is a delusion (any solutions?)  (Read 91139 times)
TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
January 31, 2016, 04:56:23 PM
 #621

enet you have a reading comprehension handicap. The thread already addresses your reply. I refuse to repeat myself again.

enet
Member
**
Offline Offline

Activity: 81
Merit: 10


View Profile
January 31, 2016, 05:10:55 PM
Last edit: January 31, 2016, 05:23:31 PM by enet
 #622

edit: anyway, I think that's enough. cheers
TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
February 02, 2016, 05:40:16 AM
 #623

If AI progresses to the point where it can model and predict human economics it would rapidly replace humans as primary economic decision makers. However, rather then a single central AI I suspect you would see multiple AI's managing the economics of corporations and even households. The artificial intelligences would presumably not be able to fully model the behavior of other AI's due to processing power limitations. Thus equilibrium would again be obtained by a multitude of actors (this time artificial) working towards their individual goals and walking towards  equilibrium as if guided by an invisible hand.

The impossibility of a top-down omniscience was already proved:

This has already been refuted (by Lindsey Lamport and other Byzantine fault tolerance researchers) because the speed-of-life is not infinite, thus no perspective can be a total ordering. Or stated another way, due to the delay of propagation of information there will exist a plurality of arbitrary perspectives none of which are a total ordering.

Sorry. It is impossible to argue with that truth.

But my pragmatism is, damn the torpedoes and cover thy eyes, ears, and logic. Buy the dips with your student lunch allowance!

It doesn't matter how observers alter their environment, because they can never alter ALL OF IT because the speed-of-light is not infinite.

thaaanos can chase his tail with unbounded failed attempts to obfuscate that inviolable fundamental fact.

Only the Invisible Hand of the trend of entropy to maxium (because time can't be reversed, thermodynamic processes are irreversible) is in control. The entropic force is fundamental. Even gravity has recently been shown to derive from it.

funnyman21
Member
**
Offline Offline

Activity: 109
Merit: 10


View Profile
February 02, 2016, 01:40:20 PM
 #624

I am not sure if the ideal solution exists yet but have faith it will come. When it does hopefully bitcoin will be flexible enough to adapt it.
watashi-kokoto
Sr. Member
****
Offline Offline

Activity: 687
Merit: 269



View Profile
February 02, 2016, 03:03:41 PM
 #625

Create more altcoins Grin
TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
February 02, 2016, 03:22:42 PM
 #626

Create more altcoins Grin

That is not global consensus. It is a Patitioning, with exchange via free market pricing between Partitions, i.e. chaos. A principle property of currency is a common unit-of-exchange.

watashi-kokoto
Sr. Member
****
Offline Offline

Activity: 687
Merit: 269



View Profile
February 02, 2016, 03:25:22 PM
 #627


That is not global consensus. It is a Patitioning, with exchange via free market pricing between Partitions, i.e. chaos. A principle property of currency is a common unit-of-exchange.

You're wrong and probably stupid Grin
TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
February 02, 2016, 03:33:06 PM
 #628


That is not global consensus. It is a Patitioning, with exchange via free market pricing between Partitions, i.e. chaos. A principle property of currency is a common unit-of-exchange.

You're wrong and probably stupid Grin

I appreciate your brevity.

patmast3r
Hero Member
*****
Offline Offline

Activity: 980
Merit: 1001


View Profile
February 02, 2016, 05:04:33 PM
 #629


That is not global consensus. It is a Patitioning, with exchange via free market pricing between Partitions, i.e. chaos. A principle property of currency is a common unit-of-exchange.

You're wrong and probably stupid Grin

I appreciate your brevity.

Man, you've gotten pretty chill. A few pages back that would have gone differently.

YarkoL
Legendary
*
Offline Offline

Activity: 996
Merit: 1013


View Profile
February 03, 2016, 07:14:39 AM
 #630


That is not global consensus. It is a Patitioning, with exchange via free market pricing between Partitions, i.e. chaos. A principle property of currency is a common unit-of-exchange.

You're wrong and probably stupid Grin

I appreciate your brevity.

Man, you've gotten pretty chill. A few pages back that would have gone differently.

The caliber of the addressee probably matters.

“God does not play dice"
Lutzow
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500



View Profile
February 03, 2016, 07:15:51 AM
 #631

It could be a Pseudo-decentralized like what we're having in Bitcoin. It is decentralized but due to the majority of it are being held by the Chinese, it seems they are controlling it at their own will.

TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
February 03, 2016, 07:23:27 AM
 #632

It could be a Pseudo-decentralized like what we're having in Bitcoin. It is decentralized but due to the majority of it are being held by the Chinese, it seems they are controlling it at their own will.

I believe I have already explained the solution upthread, which is these verification is centralized, but the PoW voting control is decentralized. This requires unprofitable mining and also a very good memory hard hash will help on asymmetry of costs between mining farm and decentralized PoW computation.

monsterer
Legendary
*
Offline Offline

Activity: 1008
Merit: 1007


View Profile
February 03, 2016, 11:58:40 AM
 #633

I believe I have already explained the solution upthread, which is these verification is centralized, but the PoW voting control is decentralized. This requires unprofitable mining and also a very good memory hard hash will help on asymmetry of costs between mining farm and decentralized PoW computation.

I believe there is a way to do this in a completely decentralised way (i.e. signing your PoW). I'm writing a white paper at the moment, I hope to describe it in sufficient detail, once I've run through all the edge cases in my own mind.
enet
Member
**
Offline Offline

Activity: 81
Merit: 10


View Profile
February 03, 2016, 12:10:04 PM
Last edit: February 03, 2016, 12:33:04 PM by enet
 #634

This requires unprofitable mining

No incentives = system will not work. The basic equation of any such system is that all participants / nodes maximise their expected income. So I'd posit the opposite: verification has to be profitable in the long term. There is a problem of defining an appropriate time-horizon and setting in competitive situation.
Such equations could be modelled with game-theory, but I'm not aware of anyone having done that yet. Rather than speculating about AI, it would be more insightful to formulate the utility maximization in a model. There is a long history in AI and economics of study of decisions under uncertainty and adverse behaviour (Bernoulli, von Neumann, Nash, etc.).

Some links on these topics:
http://gambit.sourceforge.net/
https://en.wikipedia.org/wiki/Game_theory
https://en.wikipedia.org/wiki/Mechanism_design
https://en.wikipedia.org/wiki/Agent-based_model
https://en.wikipedia.org/wiki/Utility_maximization_problem
https://en.wikipedia.org/wiki/Solomonoff%27s_theory_of_inductive_inference
https://en.wikipedia.org/wiki/List_of_Nobel_Memorial_Prize_laureates_in_Economics , relevant Nobel prizes in 1994, 2005, 2007
https://en.wikipedia.org/wiki/Utility
https://en.wikipedia.org/wiki/Decision_theory
TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
February 03, 2016, 01:51:50 PM
 #635

This requires unprofitable mining

No incentives = system will not work.

I already justified the incentives upthread. I refuse to repeat myself again.

enet
Member
**
Offline Offline

Activity: 81
Merit: 10


View Profile
February 03, 2016, 02:05:10 PM
 #636

Ok, I'll just leave this here for the interest of the reader

Quote
Profitability of mining has nothing to do with the miner's economics of double-spending.

versus

http://nakamotoinstitute.org/bitcoin/

Quote
6. Incentive
By convention, the first transaction in a block is a special transaction that starts a new coin owned by the creator of the block. This adds an incentive for nodes to support the network, and provides a way to initially distribute coins into circulation, since there is no central authority to issue them. The steady addition of a constant of amount of new coins is analogous to gold miners expending resources to add gold to circulation. In our case, it is CPU time and electricity that is expended.

The incentive can also be funded with transaction fees. If the output value of a transaction is less than its input value, the difference is a transaction fee that is added to the incentive value of the block containing the transaction. Once a predetermined number of coins have entered circulation, the incentive can transition entirely to transaction fees and be completely inflation free.

The incentive may help encourage nodes to stay honest. If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
February 03, 2016, 02:25:14 PM
 #637

I refuse to repeat myself again.

Yet this phrase was repeated several times...
TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
February 03, 2016, 03:59:41 PM
 #638

I refuse to repeat myself again.

Yet this phrase was repeated several times...

Ok then, I refuse to refuse to refuse to repeat myself again.   Cheesy

(readers hacker humor I guess)

Ok, I'll just leave this here for the interest of the reader

Thanks for attempting to make the readers misinformed. That will help prevent anyone from seriously implementing before I do. A future white paper can put this issue to rest.

hv_
Legendary
*
Offline Offline

Activity: 2534
Merit: 1055

Clean Code and Scale


View Profile WWW
February 03, 2016, 09:07:30 PM
Last edit: February 03, 2016, 10:44:17 PM by hv_
 #639


Thanks for attempting to make the readers misinformed. That will help prevent anyone from seriously implementing before I do. A future white paper can put this issue to rest.

First: Thanks for that mighty thread here, gives a lot stuff to think about!
And yes, it would be very helpful if somebody is able to concentrate the essence into some single post or even a new thread so that one has a fltered condensate to focus on.
In case nob. voluneers I could try....

May I just ask a bit out of the box :

Compared to the issue with domination of HF traders and the fix by adding up latency to trade lines  making them same length for all traders plus randomizing information , finally  the power of them was really reduced.

Could not be done  sth similar  against a miner concentration in general?
I just think of sth like a timeout to any successful miner. Does that make sense?

And what about giving the owners some voting power that can force the miners to either use a specific version (fork) or decide what miners should be preferred to execute my Transactions?

And how about the likelyhood of a Future legal order from the Chinese gov to the Chinese miners to mine only the new ChinaCoin (planend?) and forbid Bitcoin in one go? I can think of many other risks that might completely mix up majorities in mining over time- operational risk calc is a real nightmare...


Carpe diem  -  understand the White Paper and mine honest.
Fix real world issues: Check out b-vote.com
The simple way is the genius way - Satoshi's Rules: humana veris _
TPTB_need_war (OP)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 262


View Profile
February 04, 2016, 07:30:55 PM
Last edit: February 04, 2016, 08:41:34 PM by TPTB_need_war
 #640

There are some other attempts to solve crypto currency consensus without using the longest chain rule (LCR).

I will quote from Tendermint's white paper (authored by Jae Kwon) and annotate with my analysis.

5. Validators

Validators are users with accounts that have coins locked in a bond deposit
by posting a bond transaction. These validators participate in the consensus pro-
tocol by broadcasting cryptographic signatures, or votes, to agree upon the next
block. We say that a validator has voting power equal to the amount of the bonded
coins. The validator can later unlock its coins by posting an unbonding transaction.
Afterwards the coins remain locked for a predetermined period of time called the
unbonding period , after which the validator is free to transfer or spend those coins
to other accounts. A set of validators with at least 2/3 of total voting power is also
called a 2/3 majority of validators. Similarly, a set of validators with at least 1/3 of
total voting power is called a 1/3 majority of validators.

A block is considered committed when a 2/3 majority of validators sign com-
mit votes for that block. A fork occurs when two blocks at the same height are
each signed by a 2/3 majority of validators. By simple arithmetic, a fork can only
happen when at least a 1/3 majority of validators signs duplicitously.
When a validator signs duplicitously, a short evidence transaction can be
generated by anyone with the two conflicting commit-vote signatures. This ev-
idence is committed into the blockchain which destroys the bonded coins of the
guilty validator(s). As long as the evidence is committed before the guilty valida-
tor’s coins are spent (that is, before the unbonding period is over), the validator
can be duly punished. Note that this does not preclude a 2/3 majority of validators
from publishing a blockchain fork after they had unbonded and sold their coins to
an unsuspecting party. This is called a long-range double-spend attack. A user can
avoid long-range attacks by syncing their blockchain periodically within the bounds
of the unbonding period.A double-spend attack implies a fork in the blockchain.
A short-range double-spend attack occurs when a fork happens at a recent height: recent enough
that the guilty validators still have their coins locked in bond. Since a fork re-
quires at least a 1/3 majority of validators to have signed duplicitously, the penalty
for a short-range double-spend attack is a significant proportion (1/3) of the total
amount of bonded coins. Thus we can adjust the minimum cost of launching a
double-spend attack by tuning the incentive to become a validator. For example,
the cryptocurrency can be inflationary by way of block rewards divided amongst the
validators in proportion to their voting power. The inflation rate need not be fixed,
but can depend on the past average weighted transaction volume of the network as
measured by coin-days-destroyed [8]. If the marginal cost of securing a validator
node is negligible, the reward scheme need not be inflationary; the transaction fees
paid by users may be sufficient.

Upthread monsterer and I discussed some of the flaws in such a voting design for consensus.

1. Note that voting power is by proof-of-stake (i.e. bonded stake) and each validator can vote on each block that is added to the block chain. Thus it has the same economic flaws as PoS given that the resource (bonded stake) is stake only once and is not consumed, thus an ongoing 33 - 51% attack can be sustained without additional costs to the attacker, unlike in PoW.

2. Also the nothing-at-stake flaw exists because (especially unarguable in a 33 - 51% attack) validators can vote on multiple forks. In the 33 - 51% attack scenario, the attacker can always override any evidence of duplicity by only voting on forks that ignore (don't acknowledge, i.e. don't record) the evidence. Even without the 33 - 51% attack scenario, there are numerous other attacks due to the fact that propagation is not proof. Offline nodes have no way to know what the vote was, and they can't rely on any node to tell them. With PoW, an offline node can verify the LCR and decide objectively which fork (chain) is the longest. But with voting, there is only ambiguity and thus divergent chaos as newly online nodes have to choose one of the ambiguous relative orderings and as soon as some double-spends conflicts occur between forks (with the derivative spaghetti of transactions in the forks downstream from those double-spends) then it is impossible to remerge these forks thus impossible to converge to consensus. The quote from the Tendermint white paper above argues that long-range attacks can be prevented by "syncing offline nodes within the unbonding period", but that is incorrect because syncing doesn't resolve the ambiguity over propagation, e.g. if the newly online nodes are shown a long-range attack chain that wasn't formerly propagated. Upthread I explained to monsterer why it is not possible to use evidence of cheating to create a winning fork which unambiguously overrides the 51% attackers' fork (and thus for Tendermint can't confiscate the 33 - 51% attackers' bonded stake). The white paper argues that short-term ambiguity about propagation can be resolved by waiting until 2/3 of the validators' votes have been received before accepting that a block is confirmed and to make the penalty (bonding amount) large enough to disincentivize attacking the coin. But due to #1 above and the ability to externalize the profit gained from attacking (e.g. shorting the coin), there may not be any level of bonding which is a disincentive.

6. Consensus

6.1 On Byzantine Consensus

Fischer et al have shown in a seminal paper [9] that in an asynchronous
system (where no assumptions are made about time) of deterministic processes,
no protocol can guarantee consensus even with one faulty process. This is called
the FLP impossibility result. Much research has gone into understanding ways
to circumvent the FLP impossibility result by slightly modifying the problem do-
main, e.g. by sacrificing determinism, adding time, adding oracles etc [10]. Bitcoin
circumvents the FLP impossibility result by making some assumptions about the
synchrony of the network (i.e. nodes soon sync up with the network) and time (i.e.
miners dedicate limited time and resources to the best blockchain).
Our algorithm is based on algorithm 2’ from section 4 of [4] (Dwork et al).
It assumes that the network is partially synchronous; there is assumed to be some
unknown upper bound on the time of messages to be delivered. Intuitively, there
may be arbitrary but finite latency in the network. We also assume that all non-
byzantine nodes have access to an internal clock that can stay sufficiently accurate
for a short duration of time until consensus on the next block is achieved. The
clocks do not need to agree on a global time and may drift at some bounded rate
relative to global time. The algorithm is adapted to work with blockchains on a
gossip network. As in the algorithm proposed by Dwork et al, it can tolerate of up
to 1/3 byzantine voting power.

I explained upthread that synchrony can't exist due to the fact that speed-of-light is not infinite.

The quote above is incorrect. Bitcoin doesn't depend on synchrony! Even nodes which don't sync up can unambiguously verify (via independent computation) the longest chain rule. Some nodes might waste effort mining on an orphaned chain if they don't sync up, but this doesn't weaken the fact that the LCR is not ambiguous nor divergent regardless of propagation/latency (although it is probabilistic and never 100% absolute, but the odds of getting hit by lightning are usually good enough or wait for more confirmations if you need better odds with LCR).

The key aspect is that PoW requires ongoing consumption of a resource (e.g. electricity) which is not self-referential (e.g. not burning stake) to the block chain.

8. Conclusion

Tendermint is awesome. The future is now.

Incorrect! Tendermint is flawed and is a divergent non-consensus design that will crash and burn in the real world.

Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 [32] 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!