Bitcoin Forum
November 04, 2024, 03:22:18 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 5 »  All
  Print  
Author Topic: Fundamental bitcoin flaw - revisited  (Read 9710 times)
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 01:37:52 PM
Last edit: March 02, 2013, 02:33:11 PM by beeblebrox
 #21



Firstly I need to know at what level do you consider the system secure enough for transactions: so please reply with your minimium average cost to an attacker for a successful attack for the values of $1000, $100,000 and $10,000,000US.
 (eg: for me personally I would feel comfortable knowing that it would cost for a small transaction <$1000US atleast 2x that to mount a successful double spend attack (ie: if the attacker spent twice as much as they stole they it's good enough for me), if for a moderate individual sum say <$100,000 I'd like feel comfortable that it cost atleast 5x and for a large sum <$10,000,000 say 20x

(please note: just edited 1x to 2x for under 1000US)

All that is required, IMHO, is that the cost of a double spend attack to likely be higher than the potential ill-gotten gains.  So if you go and buy a car for $50K in BTC, it should be more expensive an attack than that.  However, you are already overlooking a feature of Bitcoin, the more 'confirmation' blocks that one waits for after the first one that accepts your transaction before you walk away, the more "expensive" (in several ways) that such a double spend attack becomes.  Also, it becomes more expensive at an exponential rate.  Thus, anyone who is selling you that car, considering the sums involved, is going to want to wait for 6 confirmations or so before letting you drive away.  At the current hashrate of about 400 PetaFLOPS equivalent, it would take at least 20 of these to overcome just one block confirmation...

http://en.wikipedia.org/wiki/Titan_(supercomputer)

Therefore, the current level of security is several orders of magnitude beyond what is necessary to disincentivize a frausdster from even attempting a double spend attack.  We crossed that point around 2010.

The security that is being paid for is to protect teh entire system from an institutional attack on the blockchain itself, and there is (likely) not a single nation-state with the spare resources to attempt it for even a few hours.  So I'm going to assume that the current profitablility for miners is more than sufficient to secure the blockchain.

Thus the question then becomes, how do we make sure that the curernt level of profitablity continues after the block subsidy is reduced?  First off, that may not realy matter for decades, as teh growth in value has thus far outweighed the reduction in block subsidy.  What was the exchange value when the subisdy dropped from 50 BTC to 25?  I know that it was under $15, and I'm fairly sure that it was under $10.  So at the current price of $34, we are already well over double the profitablity for miners overall.  As long as the real spending value of a BTC continues to double within a four year period, the concern is moot.

But, of course, eventually it wont.  Such growth is not sustainable, so at some point the value must stablize.  How, then, can we be certain that transaction fees will be enough for miners to continue to secure the network?

In short, we can't really know this, but the economics of the system imply that we can expect that an equilibrium of fees will be reached in one fashion or another.  So long as the overall Bitcoin economy is large & mature enough by that time, a tiny fraction of the GDP would be required to incentivize miners into the foreseeable future.  Far less, in fact, than what is taken from you via inflaiton of fiat currencies; which are at least 2% of their entire monetary base every year.  The big key is that Bitcoin is much more economicly efficient than fiat currencies are.

Hello i'm back.  Sorry that I didn't return earlier when I said I would.
Ok, so I was going to give you actual figures based on the current cost of mining and fees, however, when I read this post of yours above I've realised that you have already cottoned on to what I'm saying and are beginning to take it seriously and think about it.  So I don't need to try to explain it anymore to you.  Smiley
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 01:50:56 PM
Last edit: March 02, 2013, 02:04:44 PM by beeblebrox
 #22

no, the OP is talking about a trusted computer model (where you can both prove that data wasn't tampered with, there is only one copy and nobody looked at a certain part(the private key in this case) oh and also be somehow pseudonymous )
I'm not saying this model is feasible or not, or how much it would cost or even if it even would be reliable. That's not the point to discuss. The OP thinks that it's a flaw of bitcoins that they can be traded in such a manner

Wow, someone who gets what I'm saying (and a junior member like me too Smiley   )

Just as slight clarification, I not against being able to trade coins in this manner.  Infact, I think it is the way-to-go since it is extremely efficient and instant.  However, the fact that they can be traded like this means that the protocol as-it-is will need to be forked/modified to survive.  To address this issue, what I personally would like to see is that the miners can collect dead-coin (ie: coins that haven't been moved for a long time)-- let's say something like the coins can sit untouched in a wallet for 2 years but after that at the end of the every six months the miners can take 5% of the original amount until either the owner transacts the coins on chain or they are completely reclaimed by the miners.
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 02:03:40 PM
 #23

This has been discussed before. I remember talking about use of TC hardware for improving confidence in unconfirmed transactions years ago, and indeed, this is one of the reasons we want to change the default mining algorithm to allow parents to pay for no-fee children.

If people are building long chains of transactions off the chain by relying on secure chips that's absolutely fine and is not a "flaw" in anything, indeed, it's something I'd encourage. When the chains are eventually resolved by broadcasting them online whoever is doing so can attach a fee to the end and that will encourage confirmation of all dependent transactions recursively.

I guess I don't understand how this is meant to cause problems for Bitcoin. The fees that are being placed onto the network are supposed to be high enough to incentivize sufficient mining to keep the double spend rate acceptably low. If people use secure hardware then the double spend rate is made lower via other means and less mining is needed.


I think you've completely missed the point.  There are no chains of coin transaction history that get resolved and there are no fees that get accumulated.  The bitcoin protocol as-is doesn't demand any such thing.

The way to understand how DRM coin exchange works is to picture an electronic version of casascius coin. But instead trusting casascius to load the key-pair in the coin and to not keep a copy of the private key,it relies on the services offered by the TC chips inside the computer.  (ie: you trust the TC chip not a person)
Just like casascius coins, there is NO fee involved when they change hands from person to person.  And they can change hands an arbitrary number of times.  There is no record of who has had the coin.  Indeed, they NEVER need go back on-chain at all to still be useful.  Most importantly, this scheme is perfectly compatible with the bitcoin protocol:  ie, nothing in bitcoin as-is can stop someone from creating this software.
ancore
Member
**
Offline Offline

Activity: 60
Merit: 10


View Profile
March 02, 2013, 03:24:27 PM
 #24

I get what you are saying, however I don't get why you keep insisting on bitcoin in that case.
see my other post
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526
Merit: 1134


View Profile
March 02, 2013, 05:18:52 PM
 #25

I think you're the one who missed the point actually. I understand how TC hardware works. Heck I have a copy of the book "The Intel Safer Computing Initiative" on my bookshelf. My response remains - regardless of how you implement it or what the chips do, this does not seem to be a flaw in Bitcoin itself. Indeed it'd be a nice extension of it. If people are passing around value outside the chain, all that means is that less money needs to be spent on mining, because less value is being secured that way. How is that a problem?
Littleshop
Legendary
*
Offline Offline

Activity: 1386
Merit: 1004



View Profile WWW
March 02, 2013, 06:18:36 PM
 #26

So it is possible to trade bitcoin off the blockchain in a similar way that cash is traded outside of banks.   Guess that is gonna KILL the US dollar banking industry because banks can not profit off of every transaction.

This is not a flaw, it is a feature.  It gives bitcoin a mode of transfer OFFLINE as well as ONLINE making bitcoin that much more flexible. 

Could off blockchain transactions kill bitcoin?  No.  They need to be done in person and MOST bitcoin transactions need to be done online.  If you want to visit SatoshiDice in person and play (if they allowed that) FINE, but that will not cut into the blockchain version of that business.  The blockchain will have plenty of customers.




Piper67
Legendary
*
Offline Offline

Activity: 1106
Merit: 1001



View Profile
March 02, 2013, 07:03:38 PM
 #27

Grasping at the flaw-straw is what this thread is.
Ichthyo
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
March 02, 2013, 08:50:36 PM
 #28

Up to now OP hasn't done his homework.

He claimed that off-chain transactions based on some conventional kind of trust will necessarily drive people to abandon using the Bitcoin network proper.

This is a claim. The proof for this claim is lacking. In fact, any serious argument is lacking
Besides, going just for plausibility: was there ever any trust based secure method of value exchange available free of charge?



What's the lection we can draw from this?
The innovative nature of Bitcoin is hard to understand. There is more about it than just "mining digital gold".
Once Bitcoin is perceived more as a competitor by existing and upcoming payment networks, we'll see a lot of campaigns using bzzzwords like "trusted computing". Since you can't win with arguments against buzzwords, in the end I think the actual economic and practical properties of those competing system will be what counts.
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 09:30:38 PM
 #29

The way to understand how DRM coin exchange works is to picture an electronic version of casascius coin. But instead trusting casascius to load the key-pair in the coin and to not keep a copy of the private key,it relies on the services offered by the TC chips inside the computer.  (ie: you trust the TC chip not a person)
Just like casascius coins, there is NO fee involved when they change hands from person to person.  And they can change hands an arbitrary number of times.  There is no record of who has had the coin.  Indeed, they NEVER need go back on-chain at all to still be useful.  Most importantly, this scheme is perfectly compatible with the bitcoin protocol:  ie, nothing in bitcoin as-is can stop someone from creating this software.

There are people like me who will never trust that method of transferring coins. If it isn't written in the block chain, I don't want it.

So while you may have a way for some people to exchange bitcoins off the chain, they will not be fungible with actual bitcoins.

I'm not saying it's a bad idea. If people want to trust hardware instead of the block chain, fantastic!


You already do trust your hardware!!!  (ie: You trust that your CPU has no backdoors or flaws that people/organizations can exploit to gain access to your machine)
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
March 02, 2013, 09:31:57 PM
 #30


Ok, so I was going to give you actual figures based on the current cost of mining and fees, however, when I read this post of yours above I've realised that you have already cottoned on to what I'm saying and are beginning to take it seriously and think about it.  So I don't need to try to explain it anymore to you.  Smiley

I understood your argument better than you think, and right from the start.  It's one that I thought of myself, three years ago.  I was wrong then and you are wrong now.  At least that I can claim that I actually researched the topic before posting; for over two weeks.  The solution that you are reaching for, but don't know it, is called demurrage; (storage fees for very deep transactions, basicly) and it's a core element to freicoin.  It's also unnecessary.  And even if it wasn't, any successful method of implimenting demurrage that freicoin could come up with would just be taken into Bitcoin proper, should freicoin (or any other alternate cryptocoin) grow legs and offer a real challenge to Bitcoin's superior market position.  The only way that does not happen, is if the new cryptocurrency were to develop an obvious advantage for which Bitcoin could not replicate.  This is not impossible, but is rather unlikley in my view.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
March 02, 2013, 09:33:37 PM
 #31

The way to understand how DRM coin exchange works is to picture an electronic version of casascius coin. But instead trusting casascius to load the key-pair in the coin and to not keep a copy of the private key,it relies on the services offered by the TC chips inside the computer.  (ie: you trust the TC chip not a person)
Just like casascius coins, there is NO fee involved when they change hands from person to person.  And they can change hands an arbitrary number of times.  There is no record of who has had the coin.  Indeed, they NEVER need go back on-chain at all to still be useful.  Most importantly, this scheme is perfectly compatible with the bitcoin protocol:  ie, nothing in bitcoin as-is can stop someone from creating this software.

There are people like me who will never trust that method of transferring coins. If it isn't written in the block chain, I don't want it.

So while you may have a way for some people to exchange bitcoins off the chain, they will not be fungible with actual bitcoins.

I'm not saying it's a bad idea. If people want to trust hardware instead of the block chain, fantastic!


You already do trust your hardware!!!  (ie: You trust that your CPU has no backdoors or flaws that the people/organizations can exploit to gain access to your machine)

No, I trust my hardware, but only to a point.  I don't trust your hardware at all.  Trusted computing used for the exchange of bitcoins would require that the vendor trust the sender's machine, and probably more than he should rationally trust his own.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 09:44:16 PM
 #32


Ok, so I was going to give you actual figures based on the current cost of mining and fees, however, when I read this post of yours above I've realised that you have already cottoned on to what I'm saying and are beginning to take it seriously and think about it.  So I don't need to try to explain it anymore to you.  Smiley

I understood your argument better than you think, and right from the start.  It's one that I thought of myself, three years ago.  I was wrong then and you are wrong now.  At least that I can claim that I actually researched the topic before posting; for over two weeks.  The solution that you are reaching for, but don't know it, is called demurrage; (storage fees for very deep transactions, basicly) and it's a core element to freicoin.  It's also unnecessary.  And even if it wasn't, any successful method of implimenting demurrage that freicoin could come up with would just be taken into Bitcoin proper, should freicoin (or any other alternate cryptocoin) grow legs and offer a real challenge to Bitcoin's superior market position.  The only way that does not happen, is if the new cryptocurrency were to develop an obvious advantage for which Bitcoin could not replicate.  This is not impossible, but is rather unlikley in my view.

I'm perfectly aware of freicoin and know what demurrage is.  Infact, I mention both in my original post.  (by-the-way I belive freicon takes a fixed percentage of the total money supply every year whereas I perfer a system that takes money form inactive wallets- similar but different)
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 10:38:59 PM
 #33

The way to understand how DRM coin exchange works is to picture an electronic version of casascius coin. But instead trusting casascius to load the key-pair in the coin and to not keep a copy of the private key,it relies on the services offered by the TC chips inside the computer.  (ie: you trust the TC chip not a person)
Just like casascius coins, there is NO fee involved when they change hands from person to person.  And they can change hands an arbitrary number of times.  There is no record of who has had the coin.  Indeed, they NEVER need go back on-chain at all to still be useful.  Most importantly, this scheme is perfectly compatible with the bitcoin protocol:  ie, nothing in bitcoin as-is can stop someone from creating this software.

There are people like me who will never trust that method of transferring coins. If it isn't written in the block chain, I don't want it.

So while you may have a way for some people to exchange bitcoins off the chain, they will not be fungible with actual bitcoins.

I'm not saying it's a bad idea. If people want to trust hardware instead of the block chain, fantastic!


You already do trust your hardware!!!  (ie: You trust that your CPU has no backdoors or flaws that people/organizations can exploit to gain access to your machine)

No, actually, I don't. My private keys are all created offline.

I which means that your bitcoins are not being actively traded.  Ie, you are just storing them as an investment.  Anyone who actually *uses* bitcoins and trades them on-chain must trust their machine.
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 10:56:22 PM
 #34

Just looked up "trusted computing" and quickly skimmed the Wikipedia article -- sounds like a whole lot of vaporware. Just like this thread. Where is this special coin with DRM? Link please!

If he's talking about something similar to "Mint Chip" or devices resembling "Yubikeys" then that has been discussed to death. You're either forced to trust some central authority or you're forced to rely on hardware security. Roll Eyes

So let me get this straight,  you' just admitted that, until now, you've been trashing me without actually understanding what it is that I've been talking about?

---------

Look, just forget the DRM stuff for a minute.  Ask yourself these questions:

In the future when transactions fees are the main source of income (as opposed to block reward) for miners, when someone exchanges bitcoin off-line (however they do it, using casascius coin, bitbills, printcoin bills, or DRM coin) does the miner benefit from it?

The answer is NO.  (except in very rare cases where the transaction is very large in KB size and the fee very small)

So does the miner the lose-out if a transaction that would have been transacted on-chain is moved off-chain?

The answer is YES. Because they lose a potential fee.

Now here's the important one: So if the majority of transactions move off-chain what happens to the miners and consequently what happens to the network hash rate (ie: what happens to the famed bitcoin security)?  

I won't answer this one, instead I'll let you think about this.


Why DRM/TC coin is so dangerous, as opposed to other current off-chain mechanisms, is because potentially it involves no fee, is instant, quite secure and can be done locally or over the internet.  This makes it a very attractive alternative to on-chain transactions for someone who wishes to trade with bitcoin.
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 02, 2013, 11:15:47 PM
 #35

So it is possible to trade bitcoin off the blockchain in a similar way that cash is traded outside of banks.   Guess that is gonna KILL the US dollar banking industry because banks can not profit off of every transaction.

.....


Hmm, you do know how banks make most of their money don't you?? 

(here's a hint: I've deliberately highlighted a word in that question)
(incase you still don't get it:  it's NOT by transaction fees)
solex
Legendary
*
Offline Offline

Activity: 1078
Merit: 1006


100 satoshis -> ISO code


View Profile
March 03, 2013, 02:26:25 AM
 #36

So it is possible to trade bitcoin off the blockchain in a similar way that cash is traded outside of banks.   Guess that is gonna KILL the US dollar banking industry because banks can not profit off of every transaction.

.....


Hmm, you do know how banks make most of their money don't you??  

(here's a hint: I've deliberately highlighted a word in that question)
(incase you still don't get it:  it's NOT by transaction fees)

The merchant bank I used to work for made their money in many ways, but primarily though through spreads, commissions, interest and capital gain on prop positions. Retail transaction fees are not essential.

Littleshop
Legendary
*
Offline Offline

Activity: 1386
Merit: 1004



View Profile WWW
March 03, 2013, 04:14:29 AM
 #37


Please explain to be why this is not considered the major problem with bitcoin and why it is not discussed on this forum.


Because it will not happen.  The possibility of off block chain transactions is a FEATURE not a problem.  While most transactions are on the blockchain, you can (with less security) trade off the blockchain as well.  You may gain speed, low transaction costs or novelty but you give up SECURITY.  Because you give up something, the blockchain will still be the choice for most transactions.

Using the blockchain avoids needing to rely on trusting ANYONE.  In person transactions rely on trusting SOMEONE.  That someone may be the person you are trading with (by using open private keys), the maker of a system like Casascius coins or some horrible DRM system that you talk about.  You will have to trust someone.  With the blockchain all you have to do is trust in MATH.  I trust math.  Do you?

 

jhansen858
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
March 03, 2013, 05:13:04 AM
 #38

I agree with this ^^

It will be more useful in many circumstances to have transactions on the block chain for an official record.  Paying your mortgage?  Buying plane tickets?  Paying taxes?  Your going to want a receipt for that.

Hi forum: 1DDpiEt36VTJsiJunyBc3XtG6CcSAnsQ4p
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 03, 2013, 06:25:47 AM
 #39

I agree with this ^^

It will be more useful in many circumstances to have transactions on the block chain for an official record.  Paying your mortgage?  Buying plane tickets?  Paying taxes?  Your going to want a receipt for that.


I just bought some plane tickets a fee weeks ago and guess what: I didn't use bitcoin but I HAVE got a receipt for it.  Receipts have been around for thousands of years. You don't need bitcoin to legally prove that you've paid for something.
beeblebrox (OP)
Member
**
Offline Offline

Activity: 117
Merit: 10


View Profile
March 03, 2013, 06:26:57 AM
 #40


Please explain to be why this is not considered the major problem with bitcoin and why it is not discussed on this forum.


Because it will not happen.  The possibility of off block chain transactions is a FEATURE not a problem.  While most transactions are on the blockchain, you can (with less security) trade off the blockchain as well.  You may gain speed, low transaction costs or novelty but you give up SECURITY.  Because you give up something, the blockchain will still be the choice for most transactions.

Using the blockchain avoids needing to rely on trusting ANYONE.  In person transactions rely on trusting SOMEONE.  That someone may be the person you are trading with (by using open private keys), the maker of a system like Casascius coins or some horrible DRM system that you talk about.  You will have to trust someone.  With the blockchain all you have to do is trust in MATH.  I trust math.  Do you?

 

I do trust in math.  Indeed it is the SAME type of math (crypto) that makes DRM secure that bitcoin uses.
Pages: « 1 [2] 3 4 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!