Blockchain vs DAG (Byteball's concencus algorithm).

[matein30]

Hi,

DAG (directed acyclic graph) seems to good to be true, no need for miners. No block size issue, no %51 attack. Finalization. More decentrilized.
What are the cons of DAG vs blockchain?
Can bitcoin somehow adapt DAG?

Thanks for answers.

[thejaytiesto]

Hi,

DAG (directed acyclic graph) seems to good to be true, no need for miners. No block size issue, no %51 attack. Finalization. More decentrilized.
What are the cons of DAG vs blockchain?
Can bitcoin somehow adapt DAG?

Thanks for answers.

Good thread. I was also wondering this myself. If this was the case, wouldn't this coin be worth more than BTC already? there must be something, there are always tradeoffs.

I remember reading iamnotback commenting on some Byteball flaws but I dont remember the details.

I don't own any, would like to know more to see if it's worth holding or not.

[Come-from-Beyond]

Can bitcoin somehow adapt DAG?

No. Bitcoiners are scared of changes.

[matein30]

If this was the case, wouldn't this coin be worth more than BTC already? there must be something, there are always tradeoffs.

Coin has distribution problem right now. 87% of all coins are at developer's possession. He tries to distribute it fairly with bitcoin binding. But it will take some time. This why this coin is worthless now.

[cryptohunter]

Hi,

DAG (directed acyclic graph) seems to good to be true, no need for miners. No block size issue, no %51 attack. Finalization. More decentrilized.
What are the cons of DAG vs blockchain?
Can bitcoin somehow adapt DAG?

Thanks for answers.

Good thread. I was also wondering this myself. If this was the case, wouldn't this coin be worth more than BTC already? there must be something, there are always tradeoffs.

I remember reading iamnotback commenting on some Byteball flaws but I dont remember the details.

I don't own any, would like to know more to see if it's worth holding or not.

As I remember it he said BB was one of the only coins he said he'd found interesting to study on here and that that was very rare. Whether he said it was superior in any way to bitcoin I am not certain. If you go to the BB thread there is quite a bit of discussion between him and tonych. Tech wise folks may gain some details there.

[coldmoldy]

IOTA is the best DAG out right now. Zero transaction fees unlike ByteBall.

And they recently partnered with Ubuntu: https://insights.ubuntu.com/2017/02/20/iota-iot-revolutionized-with-a-ledger/

And Innogy: https://innovationhub.innogy.com/news-event/3lj6DX6LS0C4SyKmgEOiQq/meet-our-future-customers--machines-with-wallets


What other coin has done this?

[Big Naturals]

How many current projects using DAG?

[CryptKeeper]

IOTA is the best DAG out right now. Zero transaction fees unlike ByteBall.

And they recently partnered with Ubuntu: https://insights.ubuntu.com/2017/02/20/iota-iot-revolutionized-with-a-ledger/

And Innogy: https://innovationhub.innogy.com/news-event/3lj6DX6LS0C4SyKmgEOiQq/meet-our-future-customers--machines-with-wallets


What other coin has done this?

Yes, IOTA is very innovative and seems to be a good choice for IOT (internet of things, machine2machine communication).

Byteball is the best choice for human2human communication and transfer of value. An easy to use interface and lots of features for real-world use cases (trading bot, merchant bot, assets, private coins, chat).

IMHO these projects are complementary to each other, both have a great future! 

[iamnotback]

I have an entire section (#8) of my whitepaper dedicated to analyzing and explaining Byteball.

It is an interesting discovery. It has flaws (and not just related to the consensus algorithm). And my design is not Byteball, but there is one aspect which is similar to one aspect of Byteball, yet my design would not work if it was only Byteball.

One of the main flaws of Byteball that you should be aware of besides the messed up transaction fees and distribution, is that the consensus of the blockchain can become entirely stuck if > 50% of the witnesses collude or stop functioning. Then it requires a (political gridlock potentially) hardfork to unstuck the blockchain. Ditto Tendermint, Casper, and all Byzantine agreement variants (that includes Bitshares/Graphene/Steem's DPoS, yet the whales can vote to unstuck it without a hardfork). Note there is a mechanism for voting in new witnesses, but because it requires a total order so it will in practice never work out because total orders don't exist in nature.

Yeah Byteball has something important in it, but it is not really the solution.

Iota has an entire different consensus than Byteball, and my stance is it won't work without centralized servers. We've already been down that technical debate in the past, so I won't repeat it and get trolled again by Iota shills. Readers can either learn to recognize that I know what I say, or they can suffer the same fate as all the other times I've been doubted.

And no, Bitcoin can't adopt any of these things. Bitcoin isn't ever going to be anything more than what it already is (which is sufficient). Learn to accept that and move on. Lightning Networks is never going to work (decentralized, which is thus the same as saying it is never going to scale up in terms of relevance).

[Come-from-Beyond]

Iota has an entire different consensus than Byteball, and it doesn't work without centralized servers.

Do you know Java? Can you demonstrate how consensus of IOTA without centralized servers breaks once https://github.com/Come-from-Beyond/Tangle simulator is ready?

[CyanFox]

Can bitcoin somehow adapt DAG?

No. Bitcoiners are scared of changes.

Not only changes, it should be: miners do not like anything let them get less profit, so they embrace BU and don't like SegWit.

[escapefrom3dom]

Can bitcoin somehow adapt DAG?

No. Bitcoiners are scared of changes.

Not only changes, it should be: miners do not like anything let them get less profit, so they embrace BU and don't like SegWit.

they are going to expect less profit in the future so why not to became byteball's witnesses. 

[Rando]

SPECTRE Protocol: DAG Structure to Solve Scalability
http://www.cs.huji.ac.il/~yoni_sompo/pubs/16/SPECTRE_complete.pdf

[Come-from-Beyond]

Iota has an entire different consensus than Byteball, and it doesn't work without centralized servers.

Do you know Java? Can you demonstrate how consensus of IOTA without centralized servers breaks once https://github.com/Come-from-Beyond/Tangle simulator is ready?

I've updated the repo. With Completely Random Walker without attackers global consensus on 84.5% of all transactions was achieved. So the claim "it doesn't work without centralized servers" has already been refuted. The next step is to add Random-Walk Monte Carlo algorithm to show that even under attacks the consensus on significant portion of transactions (subject to connectivity between clusters) is still achieved.

[SatoNatomato]

Iota has an entire different consensus than Byteball, and it doesn't work without centralized servers.

Do you know Java? Can you demonstrate how consensus of IOTA without centralized servers breaks once https://github.com/Come-from-Beyond/Tangle simulator is ready?

I've updated the repo. With Completely Random Walker without attackers global consensus on 84.5% of all transactions was achieved. So the claim "it doesn't work without centralized servers" has already been refuted. The next step is to add Random-Walk Monte Carlo algorithm to show that even under attacks the consensus on significant portion of transactions (subject to connectivity between clusters) is still achieved.

Is this a joke?

You think people will allow machines to spend/receive money and rely on only a probability that their transactions will succeed? And rely on another probability that they have the "global" tip and are not sitting in a cluster? Why not make this simpler and just roll a dice and pretend you have money if you get 4 sixes in a row.

Maybe it will work if the "money" you are transacting is worthless. Like worth almost one iota.

The claim "it doesnt work without centralized servers" hasnt been refuted, you have just lowered the bar significantly.

[Come-from-Beyond]

Is this a joke?

You think people will allow machines to spend/receive money and rely on only a probability that their transactions will succeed? And rely on another probability that they have the "global" tip and are not sitting in a cluster? Why not make this simpler and just roll a dice and pretend you have money if you get 4 sixes in a row.

Maybe it will work if the "money" you are transacting is worthless. Like worth almost one iota.

The claim "it doesnt work without centralized servers" hasnt been refuted, you have just lowered the bar significantly.

You were banned from IOTA thread for trolling, why do you think I'll take your words seriously here?

[iamnotback]

Iota has an entire different consensus than Byteball, and it doesn't work without centralized servers.

Do you know Java? Can you demonstrate how consensus of IOTA without centralized servers breaks once https://github.com/Come-from-Beyond/Tangle simulator is ready?

We already had that discussion. The Monte Carlo model (from the white paper) assumes that all payers and payees employ the same algorithmic strategy for disambiguating double-spends. But there is no way to enforce that assumption without centralized servers.

Rather than argue, remove the centralized servers and let's observe.

[Come-from-Beyond]

We already had that discussion. The Monte Carlo model (from the white paper) assumes that all payers and payees employ the same algorithmic strategy for disambiguating double-spends. But there is no way to enforce that assumption without centralized servers.

That link contains an example with completely random picking of tips.

[iamnotback]

We already had that discussion. The Monte Carlo model (from the white paper) assumes that all payers and payees employ the same algorithmic strategy for disambiguating double-spends. But there is no way to enforce that assumption without centralized servers.

That link contains an example with completely random picking of tips.

Random picking is not modeling an attacker who is using a strategic algorithm.

Again instead of arguing about models, remove the centralization and let's observe.

[Come-from-Beyond]

Rather than argue, remove the centralized servers and let's observe.

OK, let's postpone the final dispute to the moment when we switch Coordinator off. Obviously, we can't do it right now just to prove the point to you.

[Come-from-Beyond]

Random picking is not modeling an attacker who is using a strategic algorithm.

We shouldn't confuse countermeasures against an attacker and achievement of consensus. These are different things.

[iamnotback]

Random picking is not modeling an attacker who is using a strategic algorithm.

We shouldn't confuse countermeasures against an attacker and achievement of consensus. These are different things.

I don't have time to delve back into the math. I am interested to see you guys actually remove the centralization, so we can see what happens in the wild. I don't have time to argue with you and also it isn't going to help me to get all the Iota investors pissed off at me (and one of my angel investors is still waiting to sell his Iota so it also doesn't help me to attack your coin).

Let's just say I have my strong doubts (in the absence of myself putting in the effort to do some formal exposition). But let's see how it performs in the wild without centralized servers.

[yvv]

One of the main flaws of Byteball that you should be aware of besides the messed up transaction fees and distribution, is that the consensus of the blockchain can become entirely stuck if > 50% of the witnesses collude or stop functioning.

This is not a flaw, this is a limitation, just like bitcoin 51% vulnerability. Every consensus algorithm has this kind of limitation, nevertheless some of them are working for years without any fault.

[Come-from-Beyond]

just like bitcoin 51% vulnerability

Interesting how sustainable urban legends are. Like http://fc14.ifca.ai/papers/fc14_submission_82.pdf has never existed.

[SatoNatomato]

Is this a joke?

You think people will allow machines to spend/receive money and rely on only a probability that their transactions will succeed? And rely on another probability that they have the "global" tip and are not sitting in a cluster? Why not make this simpler and just roll a dice and pretend you have money if you get 4 sixes in a row.

Maybe it will work if the "money" you are transacting is worthless. Like worth almost one iota.

The claim "it doesnt work without centralized servers" hasnt been refuted, you have just lowered the bar significantly.

You were banned from IOTA thread for trolling, why do you think I'll take your words seriously here?

You dont take kindly to any questions anywhere, it is not surprising due to the big ego you carry. A common trait of sociopaths.

In any case, the quoted was not for you, but for many other readers. 

[iamnotback]

just like bitcoin 51% vulnerability

Interesting how sustainable urban legends are. Like http://fc14.ifca.ai/papers/fc14_submission_82.pdf has never existed.

No you are incorrect. It requires greater than 50% to stall the blockchain by censoring all transactions.

The selfish mining attack you have cited (which only requires 33% control) is applicable to fairness of distribution of rewards, not censoring transactions (as a form of making the blockchain stuck).

[Come-from-Beyond]

You dont take kindly to any questions anywhere, it is not surprising due to the big ego you carry. A common trait of sociopaths.

In any case, the quoted was not for you, but for many other readers. 

When other people repeat your questions I answer them. What does this mean? Don't answer, that's a rhetorical question.

[Come-from-Beyond]

No you are incorrect. It requires greater than 50% to stall the blockchain by censoring all transactions.

The whitepaper claims the opposite, if you want to argue - argue with the authors.

[iamnotback]

Note we are referring to Satoshi's PoW below...

No you are incorrect. It requires greater than 50% to stall the blockchain by censoring all transactions.

The whitepaper claims the opposite, if you want to argue - argue with the authors.

No it doesn't. You don't understand the whitepaper.

The 33% attacker doesn't win every block (can't always create the longest chain). He only wins more block rewards than his 33% share.

It is an asymmetrical statistical advantage against those with less than 33% control, not absolute control.

[yvv]

It does not matter if it is 51% or 33% or 73.5% vulnerability, it is still vulnerability, but not a flaw. A flaw would be something which prevents the network from being used. 51% vulnerability does not prevent bitcoin from being used, it just puts a limit on how secure it is. Same goes with any other consensus algorithm. A lack of security at all would be a flaw.

[iamnotback]

One of the main flaws of Byteball that you should be aware of besides the messed up transaction fees and distribution, is that the consensus of the blockchain can become entirely stuck if > 50% of the witnesses collude or stop functioning.

This is not a flaw, this is a limitation, just like bitcoin 51% vulnerability. Every consensus algorithm has this kind of limitation, nevertheless some of them are working for years without any fault.

In Bitcoin, the miners are not fixed and can come and go as they please. Thus if the value of the token craters from the 51% censoring all transactions, then the miners stop mining and new miners can take over and it becomes unstuck again without any hard fork. It is a naturally correcting system.

Whereas in Byzantine agreement (of which Byteball is an example), then when sufficient witnesses stop responding (or collude to respond towards divergence), then the system can't become unstuck even if the token value declines. (note Byteball is consensus by majority whereas most Byzantine agreement is 2/3 consensus and I explain the technical reason for that difference in my whitepaper)

Also the number of witnesses in Byteball is fairly limited (maybe at most a dozen or perhaps maybe up to 10X more could be considered), whereas, the number of miners in PoW is in the 1000s. Even if PoW becomes centralized, then those huge mining farms will go bankrupt if the value of the token plummets, so then the 1000s of little miners take over (because many individuals mine Bitcoin for altruistic and anonymity of acquisition reasons on a small scale, not just for profit).

So the probability of Byteball becoming entirely and permanently stuck is much greater. And given shorting and the fact that witnesses don't expend any significant resource, a group that wants to profit by destroying the token value entirely can succeed. Whereas they can't sustain such an activity with PoW, because mining requires ongoing expenditures.

With Bitshares' DPoS (also in Steem), the whales can vote in new witnesses at any time, so it can't get stuck unless the whales decide to destroy it.

The challenge is to design a system that isn't so centralized as all of these, yet also has the positive attributes of PoW without the electricity cost. I claim I have designed such as consensus algorithm. The whitepaper is written. I am just trying to cure my disseminated, extra-pulmonary Tuberculosis so I can get back to programming and continue my project.

It does not matter if it is 51% or 33% or 73.5% vulnerability, it is still vulnerability, but not a flaw. A flaw would be something which prevents the network from being used. 51% vulnerability does not prevent bitcoin from being used, it just puts a limit on how secure it is. Same goes with any other consensus algorithm. A lack of security at all would be a flaw.

Incorrect. A 50+% attacker can censor every transaction because he can always build the longest chain with only the blocks he chooses.

Please I wish you would state your claims as questions rather than pretending you actually know what you are doing. You are arguing with an expert, and you are obviously not an expert.

An academic understands not to make strong claims for that which he hasn't written down the theorems and proofs. So many armchair "experts" around here who pontificate absolute bullshit, hand waving, and technical errors. No wonder that speculators have no clue about the technology. Speculators may get confused by your "Legendary" ranking and presume that means you really know the technology.

[yvv]

Whereas in Byzantine agreement (of which Byteball is an example), then when sufficient witnesses stop responding (or collude to respond towards divergence), then the system can't become unstuck even if the token value declines.

Bad witnesses can be replaced.

With Bitshares' DPoS (also in Steem), the whales can vote in new witnesses at any time, so it can't get stuck unless the whales decide to destroy it.

Same with byteball, only replacement mechanism is different.

[Come-from-Beyond]

No it doesn't. You don't understand the whitepaper.

With 33+% of hashing power I can break Bitcoin, this is what the paper says. https://people.eecs.berkeley.edu/~luca/cs174/byzantine.pdf talks about 33% too. 51% works only in unrealistic assumptions. I can imagine a case where an attacker with 90% of hashing power won't break the system. I hope you got my point, I'm not going to extend it because it's an off-topic.

[iamnotback]

Whereas in Byzantine agreement (of which Byteball is an example), then when sufficient witnesses stop responding (or collude to respond towards divergence), then the system can't become unstuck even if the token value declines.

Bad witnesses can be replaced.

With Bitshares' DPoS (also in Steem), the whales can vote in new witnesses at any time, so it can't get stuck unless the whales decide to destroy it.

Same with byteball, only replacement mechanism is different.

No, they can't in practice be replaced. It is not the same. I already refuted that:

Note there is a mechanism for voting in new witnesses, but because it requires a total order so it will in practice never work out because total orders don't exist in nature.

I am sorry if you don't understand the terminology, e.g. the implications of the term "total order". It is indicative of why you are not an expert.

When I discussed this in the Byteball thread, the Byteball author Anthony realized there is a problem and started to talk about avoidance of needing to replace witnesses and how to have a community wide vote and other mechanisms for overcoming the inherent flaw (which means really he will end up needing whales same as for DPoS to avoid chaos so then you are right back to centralization and the failure of Bitshares and Steem again).

And someone wrote upthread that Anthony current controls 87% so we can see once again centralization is employed to avoid the truth that (without centralization) chaos is the only outcome if we don't use PoW.

We don't have decentralization in any blockchain in existence (Monero claims otherwise but I doubt it and the ASICs and mining farms will come if the market cap grows some more). That is a fact. And that is one reason that blockchains are not going mainstream, because the world isn't going to trust some whales to handle the world's blockchain.

[Come-from-Beyond]

Please I wish you would state your claims as questions rather than pretending you actually know what you are doing. You are arguing with an expert, and you are obviously not an expert.

This is how we know that you are the original iamnotback, not someone who bought his account. 

[yvv]

An academic understands not to make strong claims for that which he hasn't written down the theorems and proofs. So many armchair "experts" around here who pontificate absolute bullshit, hand waving, and technical errors. No wonder that speculators have no clue about the technology. Speculators may get confused by your "Legendary" ranking and presume that means you really know the technology.

Oh, smell of "elite" ass here.

[Come-from-Beyond]

Same with byteball, only replacement mechanism is different.

This is a interesting bit, btw. I don't get how 6 witnesses could be replaced if discrepancy in 1 witness is the max of what is allowed.

[iamnotback]

Same with byteball, only replacement mechanism is different.

This is a interesting bit, btw. I don't get how 6 witnesses could be replaced if discrepancy in 1 witness is the max of what is allowed.

Yeah you are getting closer to understanding why Byteball's witness replacement mechanism, is in practice not going to work. But it requires deeper analysis to see that without whales, the mechanism won't be able to not diverge from choosing a new witness replacement.

Bitshares learned by fire that the natural order is divergence in the absence of whales, because of the power vacuum of egalitarianism. That is ostensibly why they launched Steem with a stealth mine so the principals control ~80% of the tokens.

[iamnotback]

No it doesn't. You don't understand the whitepaper.

With 33+% of hashing power I can break Bitcoin, this is what the paper says. https://people.eecs.berkeley.edu/~luca/cs174/byzantine.pdf talks about 33% too. 51% works only in unrealistic assumptions. I can imagine a case where an attacker with 90% of hashing power won't break the system. I hope you got my point, I'm not going to extend it because it's an off-topic.

The 33 - 50% control only gains an unfair amount of rewards. It doesn't convey the power to win every block. The reason that can "break" Bitcoin, is then the other miners have an incentive to join the selfish mining cartel until 50+% control is attained:

This attack can have significant consequences for
Bitcoin: Rational miners will prefer to join the selfish miners, and the
colluding group will increase in size until it becomes a majority. At this
point, the Bitcoin system ceases to be a decentralized currency.

Also with asymmetrical rewards (and all other factors not considered), the 33-50% attacker will over time increase his proportion of the hashrate, because he is more profitable than the other miners.

[SatoNatomato]

You dont take kindly to any questions anywhere, it is not surprising due to the big ego you carry. A common trait of sociopaths.

In any case, the quoted was not for you, but for many other readers. 

When other people repeat your questions I answer them. What does this mean? Don't answer, that's a rhetorical question.

It means you are butthurt and stubborn.

[thejaytiesto]

Can bitcoin somehow adapt DAG?

No. Bitcoiners are scared of changes.

It is not that we are scared of changes. I am eager to diversify some of my BTC portfolio, to make gains faster by getting into a project that is not smoke and mirrors/not a plain meme, the problem is, I can't find it. There is always something that makes me thing im investing into a short lived pump and dump, or medium term pump and dump at best if the project is something ambitious but ultimately has flaws that make it nonviable long term.

I don't feel like getting my hard earned BTC scammed by investing in altcoins that don't end up delivering anything relevant enough beyond what BTC can currently (or in the future) offer. And I work my ass off for a low paying job with bad health in order to invest in my BTC portfolio and continue growing it so that makes me extra cautious when investing a single satoshi.

[SatoNatomato]

Random picking is not modeling an attacker who is using a strategic algorithm.

We shouldn't confuse countermeasures against an attacker and achievement of consensus. These are different things.

[thejaytiesto]

sorry for getting offtopic.

but did you realise that is an almost sig-add free topic.

now back to the topic i tried to understand.

Who the fuck are you?

If you are talking about me, how is it off-topic, and nonetheless, im not even making money from posting since I already surpassed the amount of maximum paid posts for this month on the campaign im at so you fucked up by accusing me of spamming.

Now indeed let's get back on topic.

[Come-from-Beyond]

We shouldn't confuse countermeasures against an attacker and achievement of consensus. These are different things.

This is worth to be added into my collection of your fuckups.

PS: If anyone thinks that those are NOT different things then read http://work.tinou.com/2009/05/faulttolerant-distributed-systems-made-simple.html (you can jump straight to these words:

The Paxos algorithms can help us. The specific Paxos algorithm discussed below is the "basic" one (there's a bunch of Paxos algorithms).  The model is asynchronous and non-Byzantine.  This means that a process may crash and recover, but doesn't do anything weird like sending random, deceitful messages to other processes.

)

[SatoNatomato]

We shouldn't confuse countermeasures against an attacker and achievement of consensus. These are different things.

This is worth to be added into my collection of your fuckups.

PS: If anyone thinks that those are NOT different things then read http://work.tinou.com/2009/05/faulttolerant-distributed-systems-made-simple.html (you can jump straight to these words:

The Paxos algorithms can help us. The specific Paxos algorithm discussed below is the "basic" one (there's a bunch of Paxos algorithms).  The model is asynchronous and non-Byzantine.  This means that a process may crash and recover, but doesn't do anything weird like sending random, deceitful messages to other processes.

)

The laughing image is not enough to describe how hilarious you are.

Thank you man, you provide me with enough hilarity so I can continue to chuckle for weeks.

I cant even focus to make a short explanation to other readers. Just hilarious chuckle worthy material.

[Come-from-Beyond]

The laughing image is not enough to describe how hilarious you are.

Thank you man, you provide me with enough hilarity so I can continue to chuckle for weeks.

I cant even focus to make a short explanation to other readers. Just hilarious chuckle worthy material.

Nothing concrete, as always when you can't defend your position. 90% of your post are from this category.

[SatoNatomato]

The laughing image is not enough to describe how hilarious you are.

Thank you man, you provide me with enough hilarity so I can continue to chuckle for weeks.

I cant even focus to make a short explanation to other readers. Just hilarious chuckle worthy material.

Nothing concrete, as always when you can't defend your position. 90% of your post are from this category.

it is you who should defend your dumb statements and not require handholding like a baby.

Besides most readers dont need explanation for basics in cryptocurrency.

[Come-from-Beyond]

it is you who should defend your dumb statements and not require handholding like a baby.

Besides most readers dont need explanation for basics in cryptocurrency.

You probably forgot how it was:
1. I stated that consensus and attacks are different things
2. You used pics to imply it was wrong
3. I showed that it's right

If you still don't believe me then google difference between Paxos and Byzantine Paxos. As you said it yourself, the most of others don't need explanation for basics in cryptocurrencies.

So, what statement do you want me to defend? Upthread I already gave a link to a counter-example of your claim (which proved my statement) and there are zillions of other links on the Internet.

PS: I don't mind continuing this convo, I like watching you digging a deeper and deeper hole for your "reputation"...

[SatoNatomato]

it is you who should defend your dumb statements and not require handholding like a baby.

Besides most readers dont need explanation for basics in cryptocurrency.

You probably forgot how it was:
1. I stated that consensus and attacks are different things
2. You used pics to imply it was wrong
3. I showed that it's right

If you still don't believe me then google difference between Paxos and Byzantine Paxos. As you said it yourself, the most of others don't need explanation for basics in cryptocurrencies.

So, what statement do you want me to defend? Upthread I already gave a link to a counter-example of your claim (which proved my statement) and there are zillions of other links on the Internet.

PS: I don't mind continuing this convo, I like watching you digging a deeper and deeper hole for your "reputation"...

You stated 1 which by itself is hilarious statement to make if you want to design publicly accesible and usable cryptocurrencies.
Then you made another statement from a diffrent contexr, proving something not related to statement 1..

PS. I have no reputation and dont wish to aquire it, in fact I shit on both mine and your reputation.

[CyanFox]

Yeah, we know BB's DAG is superior and the most innovative technology in last year, no doubt that it will get more customers on board, don't worry, keep patient.

[Come-from-Beyond]

You stated 1 which by itself is hilarious statement to make if you want to design publicly accesible and usable cryptocurrencies.
Then you made another statement from a diffrent contexr, proving something not related to statement 1..

PS. I have no reputation and dont wish to aquire it, in fact I shit on both mine and your reputation.

You simply just quit the convo? Trolls are so weak these days...

[nillohit]

Byteball is an excellent DAG coin. I'm not very familiar to IOTA

[SatoNatomato]

For visibiility, a discussion on IOTA and IoT, from the Iota unmoderated thread

PoW is a prevention against sybil attacks. The PoW, which is necessary is not very much and will then be of minor significance, once the IRI will be changed for industrial appliances.
why PoW at all? well, you have a synchronized, soon to be decentralized system, where data-integrity needs to be established through the "confirm 2 tx before you conduct a new one" thingy. pretty solid architecture. what would you take?
for the computational power: you ever heard about JINN?
the ternary processors will conduct the necessary PoW in fractions of a second. Right now, I need just a few seconds with my CPU so that's completely fine for users. the IoT will be handled differently, but everyone was told that like a hundred times.
the consensus furthermore will be established in a decentralized manner, once the monte carlo random walk is enabled, because right now, like you know, the coordinator is centralizing it, for security and topology-reason. (the wittnesses in BB btw too)
So what is your point? that the PoW is to heavy? well it isn't very long.
That we have no decentralization? well we will have it in approx. july 2017
That it's not suitable? why not, what is still missing?

That is funny, since last time I checked Iota, the PoW didnt help against Sybils, and instead people were asked for social proof to join the network, that ist he Sybil prevention. 

No, that is not my point that "pow is heavy", read my post again and try really try hard to see the big picture. No offense, just open your eyes.

Hardware, Jinn, if you place one of these on a chip, someone will place 100 000 of them together in one big chip, call it a Specialized Processing Unit, and it would then be able to outpace and outrun at least 100 000 of other smaller chips. What I mean is, at IoT power levels, can not ever compete with a normal PC, lulz that should be obvious and clear as blue day, no matter if you place "specialized non-existent magic hardware" on it or not.

Hence, PoW and IoT are oxymorons. Pick one. You cant protect your IoT devices with PoW scheme.

But you can, with a signature based scheme such as Byteball, and other cryptocurrency, even DPoS works better. See IOTA developers and fans, say, "Oh but IoT will not be a full node, it will only send/sing transactions", Well duh, obviously, any fucking cryptocurrency can delegate a chip to be dumb and trust another full node. What good cryptocurrencies do is, allow the IoT chip to send/receive transactions with its own keys - by signing shit just as other full wallets, and get the protection from scammers and attackers as the rest of the network. Spicy isnt it.


Of course, IOTA, bragging about IoT so much, and now we hear from its supporter "IoT will be handed differently." WHAT. OK.

[Arvydas77]

Can bitcoin somehow adapt DAG?

No. Bitcoiners are scared of changes.

It is not that we are scared of changes. I am eager to diversify some of my BTC portfolio, to make gains faster by getting into a project that is not smoke and mirrors/not a plain meme, the problem is, I can't find it. There is always something that makes me thing im investing into a short lived pump and dump, or medium term pump and dump at best if the project is something ambitious but ultimately has flaws that make it nonviable long term.

I don't feel like getting my hard earned BTC scammed by investing in altcoins that don't end up delivering anything relevant enough beyond what BTC can currently (or in the future) offer. And I work my ass off for a low paying job with bad health in order to invest in my BTC portfolio and continue growing it so that makes me extra cautious when investing a single satoshi.

You're experienced member and eberything you said is reasonable. I, personally, think that in long term Bitcoin will lose its crown and other cryptocurrency will take a lead. But this question is not about a value but about a mass adoption. Bitcoin can sustain its value as a concept of store of value but it is not suitable for everyday transactions. Byteball is revolutionary. I have bytes in my portforlio and doing very well. I also invested in RaiBlocks. It is a perfect micropayment system that, IMO, could overtake BTC in the so-called Third World.

[Come-from-Beyond]

For visibiility, a discussion on IOTA and IoT, from the Iota unmoderated thread

Do you still think anyone believes that you are an expert in anything IT related? I already have two your fuckups which clearly show that your level of expertise approaches zero from negative infinity. You are hanging out here only because you are cheerleading Byteball.

[iamnotback]

I also invested in RaiBlocks.

If you only understood how horrendously flawed that design is.

[iamnotback]

The Byteball algorithm is about a set of witnesses forming a consensus opinion about the total order selected out of a plurality of partial orders in the DAG. By partial orders, we mean conflicting paths through the DAG which yield different ordering of which double-spend was first.

8.1 Byteball’s “Stability Point” Rule

...

Witness units which do not transitively reference their prior unit in their ancestor path^* are provably misbehaving and ignored thus can’t do any harm other than if the majority does. If the threshold of the count for the stability point is only the majority, a single witness could make finality ambiguous by signing two conflicting observations which (transitively) reference their same prior unit without one of the the observations (transitively) referencing the other. The faulty witness could publish one of the conflicting observation units after delay, possibly enabling the reversal of finality for some conflicting transactions. But this requires the minority of witnesses which didn’t reference the first to then reference the delayed observation unit― which seems to require a majority (aka “50+%” or “¹/₂+”) attack even if the delay was within ambiguity due to propagation delay because all (which is not random) of those minority have to join the attack. To increase the safety of finality, the said threshold could be increased to +²/₃ of the witnesses so that reversing finality would require +¹/₃ to sign conflicting observation units and in all likelihood +²/₃ to be malevolent. Thus would reduce the liveness threshold from ¹/₂+ to +¹/₃.

...

The stability point algorithm is able to achieve non-asymptotic BFT with only ¹/₂+ quorums because the ordering of the published observation units (analogous to validator votes) for each witness is orthogonal to those of the other witnesses. Whereas, Byzantine agreement requires +²/₃ quorums because validators much coordinate in quorums such that each validator can claim the unresponsiveness of the others because for a vote to published, all must combine their votes in a quorum.

[Spratan]

I also invested in RaiBlocks.

If you only understood how horrendously flawed that design is.

I am interested to invest in raiblocks. How flawed is it ?
The dev is very active, so is there any chance of upgrade ?

[iamnotback]

I also invested in RaiBlocks.

If you only understood how horrendously flawed that design is.

I am interested to invest in raiblocks. How flawed is it ?
The dev is very active, so is there any chance of upgrade ?

I don't have access to my unpublished whitepaper at the moment wherein I summarized Raiblocks, and I am not sure I want to release that summary (yet) as I contrasted it against my design.

Suffice it to say that Raiblocks is insecure nonsense. You can locate TPTB_need_war's old debates with the creator (it used to be named block lattice). @monsterer also pointed out the flaws (note @monsterer seems to be gone now)

[iamnotback]

I also invested in RaiBlocks.

If you only understood how horrendously flawed that design is.

I am interested to invest in raiblocks. How flawed is it ?
The dev is very active, so is there any chance of upgrade ?

I don't have access to my unpublished whitepaper at the moment wherein I summarized Raiblocks, and I am not sure I want to release that summary (yet) as I contrasted it against my design.

Suffice it to say that Raiblocks is insecure nonsense. You can locate TPTB_need_war's old debates with the creator (it used to be named block lattice). @monsterer also pointed out the flaws (note @monsterer seems to be gone now)

Here is the part I am willing to publish now (some of it is redacted):

RaiBlocks had a separate partition (“blockchain”) for each user balance. Each user balance partition was an eligible witness voter for each transaction event. Consensus voting was required for transfers between partitions to prevent double-spends. The consensus ordering delegate set was the quorum on each epoch of voting, which was claimed to be final. There were alleged security flaws in this design^{[^RaiBlocks-divergence]}, which is obvious given its consensus ordering set is unbounded and has nothing-at-stake, which can’t be secure per the generalized theory...

^{[^RaiBlocks-divergence]} Shelby Moore III. RaiBlocks divergence. Bitcointalk.org, “Block lattice” thread, post #4, Oct 24, 2015.

[Spratan]

I also invested in RaiBlocks.

If you only understood how horrendously flawed that design is.

I am interested to invest in raiblocks. How flawed is it ?
The dev is very active, so is there any chance of upgrade ?

I don't have access to my unpublished whitepaper at the moment wherein I summarized Raiblocks, and I am not sure I want to release that summary (yet) as I contrasted it against my design.

Suffice it to say that Raiblocks is insecure nonsense. You can locate TPTB_need_war's old debates with the creator (it used to be named block lattice). @monsterer also pointed out the flaws (note @monsterer seems to be gone now)

Here is the part I am willing to publish now (some of it is redacted):

RaiBlocks had a separate partition (“blockchain”) for each user balance. Each user balance partition was an eligible witness voter for each transaction event. Consensus voting was required for transfers between partitions to prevent double-spends. The consensus ordering delegate set was the quorum on each epoch of voting, which was claimed to be final. There were alleged security flaws in this design^{[^RaiBlocks-divergence]}, which is obvious given its consensus ordering set is unbounded and has nothing-at-stake, which can’t be secure per the generalized theory...

^{[^RaiBlocks-divergence]} Shelby Moore III. RaiBlocks divergence. Bitcointalk.org, “Block lattice” thread, post #4, Oct 24, 2015.

Thanks for your valuable feedback. I will invest in Rai only for obvious speculative potential short term and wait and see.

[iamnotback]

There is nothing minding blowing here. Just more of the same centralization failure. Well the concept of a DAG is mind blowing in the sense that it allows proof-of-publishing to be orthogonal to consensus finalization, which is one facet of increasing the TPS rate. But the Byteball "stability points" algorithm solution is incomplete. It hasn't solved the holistic problems entirely.

[francisthecrusher]

There is nothing minding blowing here. Just more of the same centralization failure. Well the concept of a DAG is mind blowing in the sense that it allows proof-of-publishing to be orthogonal to consensus finalization, which is one facet of increasing the TPS rate. But the Byteball "stability points" algorithm solution is incomplete. It hasn't solved the holistic problems entirely.

Exactly. It's not trustless. They took the various incomplete research into DAGs (e.g. Bob McElrath) and implimented it in node (node!?). They couldn't find a consensus algorithm that works so they go with a sibyl attack prone trusted node system instead. I bought 1BTC to get a real stake in it though because the community is strong which means they might end up solving these issues, if they do it will be unstoppable.

[sinner]

This thread deserves a bump.  Have IOTA or Byteball made any recent improvements to address Shelby Moore's concerns?

[monsterer2]

This thread deserves a bump.  Have IOTA or Byteball made any recent improvements to address Shelby Moore's concerns?

Neither byteball or Iota can be truly trustless or decentralised; they are flawed.

Byteball requires witnesses which are trusted super users in order to form a consensus:

Looking   for   a   “reality   test”, observe   that   some   of   the   participants   of   our   network   
are   non-anonymous   reputable   people or   companies who   might   have   a   long   
established   reputation,   or   they   are   businesses   interested   in   keeping   the   network   
healthy. We’ll   call   them   witnesses

Iota requires what they used to refer to as checkpoints, now known as 'coordinators' in order to maintain consensus until the currency is 'bootstrapped', which is years to never.

You cannot have a trustless concensus like bitcoin's without a mining reward - that is what creates convergence.

[Come-from-Beyond]

You cannot have a trustless concensus like bitcoin's without a mining reward - that is what creates convergence.

Great, now just prove this claim because the burden of proof is on you...

[monsterer2]

You cannot have a trustless concensus like bitcoin's without a mining reward - that is what creates convergence.

Great, now just prove this claim because the burden of proof is on you...

Present your counter argument and lets talk about it.

edit: for the interested reader, consider what it was that allowed satoshi to solve the double spend problem that had previously made p2p currencies unworkable.

[Come-from-Beyond]

Present your counter argument and lets talk about it.

Read https://en.wikipedia.org/wiki/Philosophical_burden_of_proof#Holder_of_the_burden and re-read my previous post again, please.

[infer]

Both are good. But people still prefer blockchain more because it has existed for more than 8 years. They need more time to learn about the DAG and adapt it. Byteball is very good. No need to mine, no need crowdfund but they still have a big marketcap right now. I think that DAG will become a strong force in the future with the leader is byteball

[monsterer2]

Present your counter argument and lets talk about it.

Read https://en.wikipedia.org/wiki/Philosophical_burden_of_proof#Holder_of_the_burden and re-read my previous post again, please.

I'm quoting myself here; this is not a formal proof, its a wordy one.

With no competition to mine, the maximum network hashing rate will be impossible to measure, since although transactions may be incoming at a high rate in a mature currency (and assuming a PoW must be submitted with the transaction) , this rate could still be vastly below that of even just one ASIC* such that any adversary looking to double spend would find the task relatively easy.

This also brings into question the entire way in which transaction acceptability can be bounded. In bitcoin the adversary's hashing power relative to the network as a whole is considered, yielding a probability of the best block being reversed, yet with no competition to mine, the maximum hashing rate of the network as a whole cannot be measured since adversaries have nothing to gain by participating in the network's nominal operations, instead they might chose to lie in wait.

edit: the key point is that last one. With no competition to mine, the network hash rate cannot be measured which implies that the time you need to wait to accept a transaction as confirmed is essentially unbounded. This is not acceptable in any currency.

[Come-from-Beyond]

edit: the key point is that last one. With no competition to mine, the network hash rate cannot be measured which implies that the time you need to wait to accept a transaction as confirmed is essentially unbounded. This is not acceptable in any currency.

Just another claim lacking a proof.

[monsterer2]

edit: the key point is that last one. With no competition to mine, the network hash rate cannot be measured which implies that the time you need to wait to accept a transaction as confirmed is essentially unbounded. This is not acceptable in any currency.

Just another claim lacking a proof.

Nope. That is a plain and obvious fact.

[Come-from-Beyond]

Nope. That is a plain and obvious fact.

Could you provide links to sources showing that the claim is a plain and obvious fact?

[monsterer2]

Nope. That is a plain and obvious fact.

Could you provide links to sources showing that the claim is a plain and obvious fact?

If you don't understand what I've written, I suggest you do some research into the subject to better acquaint yourself with the problem at hand.

[Come-from-Beyond]

If you don't understand what I've written, I suggest you do some research into the subject to better acquaint yourself with the problem at hand.

No, thx. You sounded as Shelby Moore in disguise, your replies just proved that. We can stop at this point.

[monsterer2]

If you don't understand what I've written, I suggest you do some research into the subject to better acquaint yourself with the problem at hand.

No, thx. You sounded as Shelby Moore in disguise, your replies just proved that. We can stop at this point.

Ok, no problem, that's your choice.

For other readers who may be interested in ELI5 explanation of the problem:

*) Network hashrate is the overall power of the network - in bitcoin, this is the computing power needed to generate a block.
*) Bitcoin employs a mining reward which creates a competition between miners to produce a block and claim their reward for doing so. Slower miners lose out to faster miners, but they still participate in the competition to produce a block because they stand a chance of winning occasionally.
*) This mining subsidy provides a positive incentive to miners to play by the rules, and encourages them not try to double spending, because they might as well claim the mining reward instead of trying to double spend which is often much more difficult than producing a single block.
*) The mining subsidy also encourages all miners to participate in the mining process, which gives an overall metric for total network hashing power, which you can then use to give an estimate of when it is safe to accept a transaction of a given size, as confirmed, because (on average), the block reward is equal to the electricity cost of mining that block. That means that when your transaction has been buried under enough blocks that the mining subsidy equals the transactions size, it is more or less safe to accept that transaction as confirmed.

Now, imagine the situation with no mining reward.

*) Instead of participating in a competition to win the block reward, miners have no positive incentive to participate anymore. They now are left with the negative incentive to try and double spend.
*) Since these miners are not contributing their hashing power to the network anymore, the overall hashrate of the network in unmeasurable, since these miners are quite likely to leave their ASICs in sleep mode until they want to double spend
*) With the network hash rate unmeasurable, there is no way to put an estimate on when it is safe to accept a transaction as confirmed.

When there is no way to estimate when it is safe to accept a transaction as confirmed, that currency is now useless because any transaction can potentially be reversed.

This is why both byteball and iota use trusted third parties to secure the network, but at that point, you might as well be using VISA.


edit: ELI4 - You work at a bank dealing with money every day. You get paid for your job. Do you steal the money you work with? Now imagine if you didn't get paid. Are you more tempted to steal money? Now imagine if you could never get caught and everything was anonymous.

Cheers, Paul.

[mtraveller]

If you don't understand what I've written, I suggest you do some research into the subject to better acquaint yourself with the problem at hand.

No, thx. You sounded as Shelby Moore in disguise, your replies just proved that. We can stop at this point.

Ok, no problem, that's your choice.

For other readers who may be interested in ELI5 explanation of the problem:

*) Network hashrate is the overall power of the network - in bitcoin, this is the computing power needed to generate a block.
*) Bitcoin employs a mining reward which creates a competition between miners to produce a block and claim their reward for doing so. Slower miners lose out to faster miners, but they still participate in the competition to produce a block because they stand a chance of winning occasionally.
*) This mining subsidy provides a positive incentive to miners to play by the rules, and encourages them not try to double spending, because they might as well claim the mining reward instead of trying to double spend which is often much more difficult than producing a single block.
*) The mining subsidy also encourages all miners to participate in the mining process, which gives an overall metric for total network hashing power, which you can then use to give an estimate of when it is safe to accept a transaction of a given size, as confirmed, because (on average), the block reward is equal to the electricity cost of mining that block. That means that when your transaction has been buried under enough blocks that the mining subsidy equals the transactions size, it is more or less safe to accept that transaction as confirmed.

Now, imagine the situation with no mining reward.

*) Instead of participating in a competition to win the block reward, miners have no positive incentive to participate anymore. They now are left with the negative incentive to try and double spend.
*) Since these miners are not contributing their hashing power to the network anymore, the overall hashrate of the network in unmeasurable, since these miners are quite likely to leave their ASICs in sleep mode until they want to double spend
*) With the network hash rate unmeasurable, there is no way to put an estimate on when it is safe to accept a transaction as confirmed.

When there is no way to estimate when it is safe to accept a transaction as confirmed, that currency is now useless because any transaction can potentially be reversed.

This is why both byteball and iota use trusted third parties to secure the network, but at that point, you might as well be using VISA.


edit: ELI4 - You work at a bank dealing with money every day. You get paid for your job. Do you steal the money you work with? Now imagine if you didn't get paid. Are you more tempted to steal money? Now imagine if you could never get caught and everything was anonymous.

Cheers, Paul.

Paul this is compelete bullshit what you said right here. Seriously.

How are you comparing the people who specifically mine bitcoin "MINERS" that was born with a consensus specifically PoW which earns the "MINERS" a reward for securing the chain, with a totally new TECH with a different consensus for securing the graph, which didn't promise any "MINERS" any reward because they are not needed in the first place.

GTFO!

You see we live in a time where the ignorent is ruling the world.

and Yes this is my first post with this account.

[dagfan]

If you don't understand what I've written, I suggest you do some research into the subject to better acquaint yourself with the problem at hand.

No, thx. You sounded as Shelby Moore in disguise, your replies just proved that. We can stop at this point.

Ok, no problem, that's your choice.

For other readers who may be interested in ELI5 explanation of the problem:

*) Network hashrate is the overall power of the network - in bitcoin, this is the computing power needed to generate a block.
*) Bitcoin employs a mining reward which creates a competition between miners to produce a block and claim their reward for doing so. Slower miners lose out to faster miners, but they still participate in the competition to produce a block because they stand a chance of winning occasionally.
*) This mining subsidy provides a positive incentive to miners to play by the rules, and encourages them not try to double spending, because they might as well claim the mining reward instead of trying to double spend which is often much more difficult than producing a single block.
*) The mining subsidy also encourages all miners to participate in the mining process, which gives an overall metric for total network hashing power, which you can then use to give an estimate of when it is safe to accept a transaction of a given size, as confirmed, because (on average), the block reward is equal to the electricity cost of mining that block. That means that when your transaction has been buried under enough blocks that the mining subsidy equals the transactions size, it is more or less safe to accept that transaction as confirmed.

Now, imagine the situation with no mining reward.

*) Instead of participating in a competition to win the block reward, miners have no positive incentive to participate anymore. They now are left with the negative incentive to try and double spend.
*) Since these miners are not contributing their hashing power to the network anymore, the overall hashrate of the network in unmeasurable, since these miners are quite likely to leave their ASICs in sleep mode until they want to double spend
*) With the network hash rate unmeasurable, there is no way to put an estimate on when it is safe to accept a transaction as confirmed.

When there is no way to estimate when it is safe to accept a transaction as confirmed, that currency is now useless because any transaction can potentially be reversed.

This is why both byteball and iota use trusted third parties to secure the network, but at that point, you might as well be using VISA.


edit: ELI4 - You work at a bank dealing with money every day. You get paid for your job. Do you steal the money you work with? Now imagine if you didn't get paid. Are you more tempted to steal money? Now imagine if you could never get caught and everything was anonymous.

Cheers, Paul.

All full nodes perform validation. Witnesses are a small subset of full nodes. Witnesses simply point full nodes to look at the witnesses in the recent history to establish the path of the Main Chain; i.e. the path that goes through as many witness-authored units as possible, providing a sequenced path for eliminating any potential double spends. They simply provide a sequenced path which would otherwise not be clear within a DAG.

Your objections simply don't apply to this architecture.

[JohnSWinger]

I do not feel like the BTC is taken advantage of by investing in a laptop without end up providing anything relevant beyond what the BTC is offering (or in the future). And I work for a low-income job with ill health to invest in my BTC portfolio and continue to grow it. I can not even concentrate to explain briefly to other readers. Just hilarious chuckle worthy material. But you can, with a signature-based program like Byteball, and other cryptocurrency, even DPO works better. "IoT but IoT will not be a full button, it will only send / sing the transaction," Well duh, obviously, any fucking cryptocurrency can commit a silent chip and full trust button. Thank you

[Acalon]

I have an entire section (#8) of my whitepaper dedicated to analyzing and explaining Byteball.

It is an interesting discovery. It has flaws (and not just related to the consensus algorithm). And my design is not Byteball, but there is one aspect which is similar to one aspect of Byteball, yet my design would not work if it was only Byteball.

One of the main flaws of Byteball that you should be aware of besides the messed up transaction fees and distribution, is that the consensus of the blockchain can become entirely stuck if > 50% of the witnesses collude or stop functioning. Then it requires a (political gridlock potentially) hardfork to unstuck the blockchain. Ditto Tendermint, Casper, and all Byzantine agreement variants (that includes Bitshares/Graphene/Steem's DPoS, yet the whales can vote to unstuck it without a hardfork). Note there is a mechanism for voting in new witnesses, but because it requires a total order so it will in practice never work out because total orders don't exist in nature.

Yeah Byteball has something important in it, but it is not really the solution.

Iota has an entire different consensus than Byteball, and my stance is it won't work without centralized servers. We've already been down that technical debate in the past, so I won't repeat it and get trolled again by Iota shills. Readers can either learn to recognize that I know what I say, or they can suffer the same fate as all the other times I've been doubted.

And no, Bitcoin can't adopt any of these things. Bitcoin isn't ever going to be anything more than what it already is (which is sufficient). Learn to accept that and move on. Lightning Networks is never going to work (decentralized, which is thus the same as saying it is never going to scale up in terms of relevance).

Hey, a link to your White Paper by any chance? Sounds interesting

[The Last Account]

Hey, guys! Can anyone explain how is data stored in DAG? Nodes? In other words, what provides decentralization feature?