I am going to be analyzing some of Paul Sztorc's blogs.
Let's start with his criticism of oracles incorporated into smart contracts:CoinCube,
Paul Sztorc writes about your upthread concept of the tradeoff between defectors and top-down coordination (do you have a link in the OP?).
Remember AnonyMint was proposing anarchism and a totally free market. You were pointing out that top-down organization is also necessary to prevent divergence (you had presented a biological model to demonstrate the point). AnonyMint had agreed with you that even bottom-up processes are composed of top-down processes, e.g. the owners of small businesses are on aggregate a bottom-up process, but individually they are each top-down run businesses. I visualize this as a fractal organization which nests (recurses) bottom-up and top-down processes within each other.
Honest Oracles Need To Overcharge
The free market uses “brands” as robust indicator of reputation (allowing merchants to “add” quality to a good and “sell” it), but these brands don’t work if competitors are free to copy them. In all interesting cases, Oracles will have an incentive to lie today (if they don’t, we don’t need to worry about them at all, and can safely use multisig). However, we can sometimes overwhelm this lie-incentive with an even bigger incentive to remain honest...
After it submits, it is too late to do anything about the result!
Clearly, we must somehow use multiple results…but multiple results delivered at one time will all be attacked simultaneously (proof by simple addition, or task-redefinition). The real trick is to use multiple results across time: the Oracle has its future to lose.
Why, the very concept of “Honesty” requires “Memory” (and “Identity”).
Then, our focus is this very interesting and very common position: non-compliance is short-run profitable, but a period of lengthy compliance generates greater total well-being. A group can harvest that surplus and divide it up, effectively coordinating their mutually-prosperous joint-future...
“Mechanisms that get external data” are going to need to pay data-providers, not just for their time/effort, but also for their honesty and cooperation (their “brand”). Yet this implies that the info-providers are always going to need to be overpaid relative to “bootleg” info-parasites. The problem is fundamental unavoidable.
Speaking of unavoidable: Ethereum Can’t Overcharge. Anything Goes!...
The Parasite Contract
Behold this outline for a Smart Contract:...
3. Use that Host-Data to alter the Parasite’s state (without paying the Host anything).
Because of this, any Host (external-data contract) can’t grow to a significant size without being invaded by Parasites and leeched to death.
(Probably) Nothing Can Fix This
How might we prevent Ethereum from supporting Parasite Contracts? ... I don’t think it’s fixable at all. The generality is the problem
Paul then (as quoted below) argues that side-chains are a form of governance wherein miners can choose to kill side-chains which are leeching off the oracles (not paying them) or which have dishonest oracles. In other words, Paul's idea for a solution is that block chains should not be permissionless and instead should have governance and the miners should have control. Btw, I have argued that Paul's stance is the antithesis of why we needed block chains in the first place and thus I think he is not only philosophically headed in the wrong direction, but that permissioned block chains will never scale due to competing vested interests and due to the power vacuum of the Iron Law of Political Economics they will collapse themselves just as the hard fork of Ethereum is doing to Ethereum's trustworthiness.Of course, a single chain might enforce a globally-optimal set of rules, but who decides these rules? How do we manage the permissiveness-security tradeoff without a central administrator? If there is a dispute over which rules should be included, who should resolve it? Well, now I’ll stop complaining about broken things, and show you an idea that will probably work.
Bitcoin’s Limited Government
The world of Sidechains has the ideal global incentives for a prosperous blockchain-universe. Miners coordinate the global “law”, governed by a clear principle: maximize the total sale value of the Bitcoins that they mine. This governing principle is desirable for users: the sale value is maximized when miners [1] construct a “portfolio of sidechains” which presents maximally-useful Bitcoins to users (as measured by exchange rate), and [2] optimize the usage of these useful-Bitcoins (measured by transaction-fees).
This essentially a perfect delegation of “the user’s preference for safe, useful cryptocoin features” to a governing authority. Especially because my expectation is for a very small number of active Sidechains (fewer than 10), making the decision making process very straightforward.
Cool, right?
The Monopoly on Violence
So Far, So Good
Peter Todd emphasizes a key sidechain characteristic: miners can destroy/steal-from any sidechain that they merged-mine …at no direct cost. But with the bad comes the good: miners (as a group) can and should censor any sidechain which threatens the value of the “sidechain portfolio” (or affects it superfluously).
Consider “useful sidechains” (those which increase the market value of each Bitcoin). For these, miners are unlikely to 51% attack the sidechain, for the very same reasons that they haven’t yet 51% attacked the main Bitcoin chain: a failed attack would be costly to the miners (in the opportunity cost of wasted hashes), and a successful attack would also be costly to the Miners (in the devaluation of the Bitcoins rewarded to miners, and corresponding decrease in mining ROI). In fact, after endorsing a sidechain, for the mining community to suddenly betray it would almost certainly call into question their general dependability.
The Long Arm of the Law
What of a pegged sidechain which does NOT merge-mine? Can such a sidechain escape the governance of the merge-miners?
Who cares? Non-mergers won’t get the 25-BTC-per-10-minute coinbase; they’ll only get transaction fees. Therefore, the hashrate is likely to be overwhelmingly insecure at all times: [1] at first, when the transaction volume is zero, [2] should the transaction volume ever fall toward zero for any reason, at any time in the future, or [3] should the Bitcoin exchange rate suddenly rise (making theft of the pooled funds more-profitable), for any reason at any future time.
Every pegged sidechain needs a trove of at-risk BTC. An unreliable hashrate makes that initial-BTC hard to find. Once found, that BTC might vanish at any time, on the mere rumors of future tx-fee problems (impending theft, new competition, disagreements with rival miners, government action, …).
Thus, the Bitcoin community is protected against globally inefficient (“parasitic”) sidechains, as long as they are pegged to Bitcoin.
It just seems so complicated, and no matter what form the SPV proof takes, it can only prove SPV! Miners can, for free, steal all the coins.
Drivechain: A Simple SPV Proof
Bitcoin blocks are SPV proofs. Since miners can always steal from a sidechain, lets give users “strength in numbers” and make the thefts unambiguous, easy-to-spot, and unforgivable.
Fundamentally, a feature of any SPV proof is that miners can fake the proof, and steal all of the sidechained-coins. This is inherent to the definition of a sidechain, and, while it seems to be a vulnerability, it isn’t completely unsettling and can even be beneficial in cases...
Drivechain’s Security
This model allows a 51% miner coalition to actually steal Bitcoins. How likely are they to do that? What factors influence their decision?
). Paul has just stated that the power vacuum of "winner takes all" Iron Law of Political Economics is desirable. This Ivy League (Yale) indoctrinate is trying to tell us that insecure block chains in the form of side-chains are a good thing because they enable the power vacuum of democracy to be foisted onto to block chains (which was the damn problem we were trying to remove with trustless, permissionless block chains in the first place! 
). No wonder he has been hired by the Peter Thiel BitPay bankster affiliated darkside Bloq group.
Well Paul, you apparently forgot that side-chain merged mining has incompatible incentives:ArticMine, the merged mining for Namecoin with very minimal validation can't be compared to the extensive CPU resources required to verify smart contracts.
I have no confidence whatsoever in Rootstock being merge-mined by Bitcoin miners. Fuhgeddaboudit.
Rube Goldberg machines suck.
Paul then argues that altcoins can't compete with his side-chain nirvanahell, because he thinks the only use for altcoins are for oracles and he had already argued successfully that oracles break Nash equilibrium and he had proposed his side-chain hell as "solution" to the unfixable problem of oracles. So what Paul is effectively claiming is that block chains are as insolubly flawed as fiat and government that came before them.What about Altcoin Smart Contracts (neither pegged nor merged-mined)?
...
First of all, I think Paul is incorrect about non-existence of popular use cases for smart contracts other than oracles. For example, I have already designed a new concept for a "DAO" (some details were only peer reviewed privately) which I think can replace, decentralize, and revolutionize stock markets. And it doesn't require an oracle. The key insight that Paul is missing is that when each investor votes independently, they are entirely in control of their own vote signature and their own real world observations, i.e. each voter is a self-interested oracle so we only have to consider the Nash equilibrium in the context of the game theories around their self-interest. This can be done entirely within a block chain without an oracle.
Secondly, I don't agree that Bitcoin will end up being the CC of the Internet. Microtransactions are going to drive the CC of the Internet, and I have a lock on the superior technology for that. I am nearly certain that Blockstream is going to blow-up Bitcoin in a heap of Rube Goldberg complexity such as that insecure, permissioned, non-trustless, side-chain nonsense.
Thirdly, as for the interaction of law and permissionless block chain smart contract outcomes, the law will not be able to reverse the outcome of a permissionless block chain, so the law will irrelevant. And if we really want oracles, we can possibly employ multi-sig voting to establish external data feeds. As long as each data feed isn't pervasive enough to have a large impact on most outcomes in the block chain, then any gaming of the feeds won't impact the Nash equilibrium of the block chain overall.
In summary, Paul is a somewhat smart guy, but he isn't omniscient. Others are also thinking and working on these issues. He should get out and converse more outside of his Ivy League bankster circle.
Note in the comments on his blog post, Paul got schooled on the issue of the block size. I have a technological solution to the block size dilemma/quagmire.
