Bitcoin Blocksize Problem Video

[tvbcof]

i think we should design any future redundancy models after an industry that has done this before and has proven adept at disaster and attack modeling:  the military industrial complex. 
...

I'd say that the military industrial complex is most proficient at sucking taxpayers dry, and that the likelihood that the US could have defended it's geographical borders with 1/100th the cost is very high.

But there are certainly lessons to be taken away from strategic (and tactical) military planers, many of the pre-dating modern US military doctrine.  Chief among these are the notion that it is rare to ever need to fight a war that one is prepared for and capable of winning.

[cypherdoc]

i think we should design any future redundancy models after an industry that has done this before and has proven adept at disaster and attack modeling:  the military industrial complex. 
...

I'd say that the military industrial complex is most proficient at sucking taxpayers dry, and that the likelihood that the US could have defended it's geographical borders with 1/100th the cost is very high.

But there are certainly lessons to be taken away from strategic (and tactical) military planers, many of the pre-dating modern US military doctrine.  Chief among these are the notion that it is rare to ever need to fight a war that one is prepared for and capable of winning.

while true, if considering weaponry, manpower, homeland security yadayadayada, i'm only talking about from the perspective of maintaining military grade communications via node density of the Internet.  and as you know, it wasn't just the war guys who helped design it, the academic community had an equal role.

you know what they say; the best defense is a good offense.

[jmw74]

You seem to be saying that it is somehow invalid to consider problems which have not yet occurred.  That strategy is unlikely to result in a robust system.  This is not specific to Bitcoin but applies to almost any endeavor.

I said your issue is not related to a change in the block size.

You make a robust system by using systems engineering.  You look at the baseline (do nothing) and you come up with at least 2 alternatives (Larger block size, unlimited block size, etc.).  You take those scenarios and develop a risk matrix of probability vs. severity.  Then you look at possible remediation plans for the risks.  Then you put that all together and compare the risks of the different scenarios.  You don't just pull one scenario out of your hat and say 'this will cause a problem."  Every scenario has problem so you need to pick the best one.

In this case 'do nothing' is the solution which, to me, makes the most sense.

The most rosy scenarios for scaling via block size increase get us up to 'as big as Visa' range.  I've argued for a long time that that is simply not enough to run a fair fraction of street-level transactions of the world on, and the cost of doing this is reducing the number of potential 'peers' down to a low number of well connected and well capitalized entities.  Even then it likely fails at some point anyway and we are back to the same problem but with a much less desirable Bitcoin solution.

This is assuming what, today's hardware? 
http://en.wikipedia.org/wiki/File:Hard_drive_capacity_over_time.png

The blockchain is growing at what pace now, about 10 gigs a year?  Commodity hard drive capacities are growing at 100 times that pace.  The blockchain cannot possibly catch up.  Storage is a made-up concern, as far as I can tell.

Network bandwidth is growing too, although probably not as fast.  So this is still a realistic concern.  Still, unless bitcoin explodes into prominence in the next few years, there seems little chance that it will surpass commodity hardware, especially if some block size limit is kept in place (can still be >1mb).  That limit only needs to be kept such that commodity hardware can handle it.
It will not be long before every transaction on the face of the earth can be very cheaply transmitted and stored.  I don't see the point in artificial scarcity of blockchain space.  The only reason to constrain it is to avoid overloading commodity hardware. 

An alternate solution is to embrace multi-tiered and loosely coupled set of solutions and attempt to retain Bitcoin as the top-most tier in the hierarchy.  Bitcoin could perform that role adequately with the configuration we have today and would allow a multitude of highly dispersed transfer nodes to exist in support of Bitcoin proper.  And to my main points of this thread, there is a high likelihood that they could communicate with one another efficiently even under significant attacks by network carriers.  Such a solution would be difficult to stamp out...and thus something which I and others could have a lot of confidence in.

And who is going to provide these solutions?  If the answer is not "bitcoin", then you've lost me.  Why would you want to create a half-assed solution and then stop and wait for someone else to finish it?

[tvbcof]

This is assuming what, today's hardware? 
http://en.wikipedia.org/wiki/File:Hard_drive_capacity_over_time.png
...

Not many people are bringing up hard drive space because it is not an issue.  Access to the data on the media is a somewhat different story.  In any event, I've outlined my rational on this thread and it has little to do with anything you commented about.

An alternate solution is to embrace multi-tiered and loosely coupled set of solutions and attempt to retain Bitcoin as the top-most tier in the hierarchy.  Bitcoin could perform that role adequately with the configuration we have today and would allow a multitude of highly dispersed transfer nodes to exist in support of Bitcoin proper.  And to my main points of this thread, there is a high likelihood that they could communicate with one another efficiently even under significant attacks by network carriers.  Such a solution would be difficult to stamp out...and thus something which I and others could have a lot of confidence in.

And who is going to provide these solutions?  If the answer is not "bitcoin", then you've lost me.  Why would you want to create a half-assed solution and then stop and wait for someone else to finish it?

A better question is "who's not?"  Everybody and their brother is coming up with an 'alternate crypto-currency' solution and a lot of them have some fascenating concepts.

Ultimately I expect to use a variety of currencies to which happen to best fill niches I need, or promote causes I believe in.  I don't expect that it will be much trouble to exchange between them.

As an overall store of wealth I'll probably use some combination of gold and the most robust and static crypto-currency solution which exists.  Likely there will be a strong correlation between robustness and simplicity for a successful reserve currency.  I may dip into it yearly so the usability requirements I have of it are highly secondary.

[Gavin Andresen]

Network bandwidth is growing too, although probably not as fast.  So this is still a realistic concern.

Network bandwidth is currently growing about 20% per year, or roughly doubling every four years.

Satoshi's original code had a 32MB block size limit, which he dropped to 1MB as part of a bunch of band-aid fixes to make denial-of-service attacks harder.

RE: density of full nodes:  In my opinion, if it is affordable to run a full node (less than, say, $100 per month in server costs-- that is a trivial monthly cost for most businesses and some individuals) then we'll continue to see tens of thousands of full nodes.

Median cost of a dedicated server with lots of bandwidth, disk and CPU is under $100/month these days, which would support a block size at least ten times the current maximum.

And all of THAT is before even starting to think about possible optimizations (e.g. figure out how to mitigate the "insert malicious data" problem-- maybe Peter Todd's security bonds would be helpful-- and a shared DHT storing all valid transactions combined with bloom filters on connections could make it cheap for any one machine to be a fully validating node).

Please, don't listen to all of the FUD being thrown around about raising the block size even before there is any solid proposal for what should be done.

[cypherdoc]

RE: density of full nodes:  In my opinion, if it is affordable to run a full node (less than, say, $100 per month in server costs-- that is a trivial monthly cost for most businesses and some individuals) then we'll continue to see tens of thousands of full nodes.

this would be great but i also think that going forward we should develop a way to measure the square mile or square kilometer density of full node operation and perhaps compare it to how the military has structured the internet to withstand an attack from their perspective.  especially since that data should be relatively available.

[cypherdoc]

i guess i should rephrase that.

instead of assuming that tens of thousands of full nodes would result from keeping server costs below $100, we could measure the outcome of a specified block size increase by determining full node density on a per sq mile or per sq kilometer basis and attempt to model that density after a militarized internet.

i think it should be done on a geographical basis like that as opposed to just # of full nodes in the US b/c i assume ISP's are geographically distributed; something like (and i don't know this for a fact) Verizon having a stronger presence in the Northeast vs Cox Southwest vs Comcast Midwest.  i'm totally making that up but if i'm right, the point being that some ISP's might be more susceptible to being influenced to shut down Bitcoin nodes than others.

[Mike Hearn]

I'm amazed this still comes up. The idea that Bitcoin can survive in a country where the state wants to wipe it out is naive and attempting to actually design a system with that constraint is a poor use of time.

I suspect at some point China will forcibly demonstrate this fact. After all Tor is already banned there and VPNs are regularly disrupted. So, ban port 8333, block websites of exchanges and web wallets, forbid banks from wiring to the primary exchanges, announce that anyone who advertises acceptance of non-licensed currencies will be jailed. Done. All of those things are easily within the abilities of the Chinese government and some of them are quite easily done by other governments too (there's already a large financial sanctions infrastructure in place in the west).

You can't have a currency which people are afraid to advertise acceptance of because the utility of a currency is the square of its participants. An outlaw currency isn't even useful to outlaws.

If you want to build a currency that can operate in a world where accepting it leads to immediate punishment then go right ahead and try, but it won't be easy and block sizes are the very least of the problems you'll have to solve.

[Peter Todd]

e.g. figure out how to mitigate the "insert malicious data" problem-- maybe Peter Todd's security bonds would be helpful

Ask Gregory Maxwell about his excellent solution to the malicious data problem. Sadly it can't stop timestamping, penny bets, tips and many other abusive uses though.

As for fidelity bonds they're only useful if the bad behavior being punished can be evaluated in an automated fashion.

-- and a shared DHT storing all valid transactions combined with bloom filters on connections could make it cheap for any one machine to be a fully validating node.

You probably missed the many discussions we've had about having transactions provide proof that their transaction inputs exist in the UTXO set so validating nodes don't have to store any blockchain data at all. (albeit with the serious risks that UTXO proof implementations have for many other reasons) But that just makes the bandwidth problem even worse, and it's anonymous censorship resistant bandwidth that is the limiting factor for scalability.

[oleganza]

Block size will be raised when it's economically profitable. And at some point it will be for almost everyone.

http://blog.oleganza.com/post/49174658108/economically-limited-resource

[tvbcof]

I'm amazed this still comes up. The idea that Bitcoin can survive in a country where the state wants to wipe it out is naive and attempting to actually design a system with that constraint is a poor use of time.

I suspect at some point China will forcibly demonstrate this fact. After all Tor is already banned there and VPNs are regularly disrupted. So, ban port 8333, block websites of exchanges and web wallets, forbid banks from wiring to the primary exchanges, announce that anyone who advertises acceptance of non-licensed currencies will be jailed. Done. All of those things are easily within the abilities of the Chinese government and some of them are quite easily done by other governments too (there's already a large financial sanctions infrastructure in place in the west).

You can't have a currency which people are afraid to advertise acceptance of because the utility of a currency is the square of its participants. An outlaw currency isn't even useful to outlaws.

If you want to build a currency that can operate in a world where accepting it leads to immediate punishment then go right ahead and try, but it won't be easy and block sizes are the very least of the problems you'll have to solve.

I don't think that it would be technically unfeasible to devise such a solution, nor do I believe that it is as trivial as you make it sound for a society to stamp out things that the leadership does not like.  If so, there would not be such a thing as 'contraband', and it is absurd to turn a blind eye to the existence of such things or to their value (which happens to often rise dramatically due to artificially straining the supply/demand curve.)

I don't know how prevalent CP is and I imagine that the problem is blown out of proportion for political reasons, but I am sure that it does exist.  This in spite of nearly universal negativity on the part of almost every society and strong support for enforcement it has not been stamped out.

In contrast to CP, efforts to interfere with a distributed crypto-currency would probably be seen for what they are by large segments of the population;  self-serving and unfair policies designed under a crony regime to benefit their well connected friends.  In short they are likely to receive much less public support and subject a much broader segment of the population to abuse.  This will impose some limit on the level of punishment that a state can impose on those caught participating in the economy.  Of course that will vary from state to state, but we are talking about a global phenomenon here.

I am speaking about a 'reserve' currency role.  Arguments about the ability of the state to interfere with Skittle purchases are in a different category.  Those are not the kinds of transactions inherent in a 'reserve' role, but I do not believe that value in a 'reserve' capacity is negated because an item has no realistic 'exchange' function.  Certainly it is not what we see in precious metals.

I do suspect that you are right that Bitcoin will simply not be the solution which ends up being a trusted reserve currency.  This is not because it is could not be.  Indeed, one has to work at it to make it NOT fall into this role.  It is more that much of the development team simply sees no value or role for such a solution and if anything seems to consider it an undesirable thing and something to be actively avoided.

[gglon]

I do suspect that you are right that Bitcoin will simply not be the solution which ends up being a trusted reserve currency.  This is not because it is could not be.  Indeed, one has to work at it to make it NOT fall into this role.  It is more that much of the development team simply sees no value or role for such a solution and if anything seems to consider it an undesirable thing and something to be actively avoided.

Look around you and ask yourself how many people share your vision of bitcoin. I'm afraid not many. Most share Satoshi's vision.  And that's probably not because it's better, but it was first one and everyone get used to it. High fees, limited to the rich currency is just not what we believe bitcoin is. It's not what we love. It's you who want to change that vision. The blocksize limit was probably reduced to 1MB as a temporary solution for attacks. And once the problem is fixed, it should be raised back. Simply because, this is what bitcoin is.

[tvbcof]

I do suspect that you are right that Bitcoin will simply not be the solution which ends up being a trusted reserve currency.  This is not because it is could not be.  Indeed, one has to work at it to make it NOT fall into this role.  It is more that much of the development team simply sees no value or role for such a solution and if anything seems to consider it an undesirable thing and something to be actively avoided.

Look around you and ask yourself how many people share your vision of bitcoin. I'm afraid not many. Most share Satoshi's vision.  And that's probably not because it's better, but it was first one and everyone get used to it. High fees, limited to the rich currency is just not what we believe bitcoin is. It's not what we love. It's you who want to change that vision. The blocksize limit was probably reduced to 1MB as a temporary solution for attacks. And once the problem is fixed, it should be raised back. Simply because, this is what bitcoin is.

Hah!  I'm neither unused to nor uncomfortable with being in a minority.

Neither is this the first time I've seen people adopt a counter-intuitive action of Satoshi as evidence to support their own side of an argument.  For my part I simply do not know why the guy set the block size as he did.  He certainly knew it was going to be a significant issue in the trajectory of the solution yet neglected to outline his rational in the commit log or even mention it.  He could have simply been running late for a date for all I know.

One thing is for sure, however, and that is that hardware has not changed significantly since Satoshi felt the need to protect the system in this way, though software has undergone some optimizations.  Even with these though they seem somewhat strained to keep up in spite of our barely touching the economic balances imposed by the current, and (purportedly) temporary 1MB quick-fix.

I don't expect things to go 'my way' here.  They should not both because my efforts have been minimal compared to those of others, and because I very well could be wrong about a lot of things.  I don't think it hurts to provide a different point of view however as it is clearly the case that people tend to get tunnel vision.

[jdillon]

Median cost of a dedicated server with lots of bandwidth, disk and CPU is under $100/month these days, which would support a block size at least ten times the current maximum.

So answer this for us: Do you believe Bitcoin users will be able to run a mining pool anonymously? Is that even important to you?

And all of THAT is before even starting to think about possible optimizations (e.g. figure out how to mitigate the "insert malicious data" problem-- maybe Peter Todd's security bonds would be helpful-- and a shared DHT storing all valid transactions combined with bloom filters on connections could make it cheap for any one machine to be a fully validating node).

Yeah, all those possible optimizations have been debated to death here, and Peter and Greg seem to do an excellent job finding all the ways they don't even begin to work in the face of attack.

DHT's? Seriously? You're just spewing out techno-babble frankly for how little thought you put into that.

Please, don't listen to all of the FUD being thrown around about raising the block size even before there is any solid proposal for what should be done.

Peter: You should write up a quick one and put it here.

You can't have a currency which people are afraid to advertise acceptance of because the utility of a currency is the square of its participants. An outlaw currency isn't even useful to outlaws.

You really do live in a sheltered world. Black market currency use exists all over the world in lots of countries with capital controls. I personally know people from places under those constraints, and non-state-approved currencies do just fine even though you have to transact them physically, putting yourself at risk.

Sometimes I think when you see the challenge of regulation all you want to do is sidle up to the state and say "Please Please! Bitcoin transactions aren't anonymous! We can make blacklists! You can regulate me!"

I don't even want to think about what you'd do if you were working on the Tor project...

[Peter Todd]

Please, don't listen to all of the FUD being thrown around about raising the block size even before there is any solid proposal for what should be done.

Peter: You should write up a quick one and put it here.

Good point. I'll have one on the website, and I'll post one here soon too.


stonecanoe sent me their preliminary story boards. We discussed a whole bunch of changes to them, so what's actually in there isn't what's final, but that's the gist of it. We also made a bunch of tweaks to the script to emphasize the anonymity and resistance to regulation the blocksize provides rather than just the cost of running a mining pool - thanks everyone for your feedback!

[tvbcof]

An idea hit me this afternoon spurred in part, I'm sure, from discussions on this thread.

  https://bitcointalk.org/index.php?topic=192273.0

~jdillion:  You and I seem to be in a a similar predicament and of a similar mindset so you might be interested in the thought.

[hashman]

Peter: Interesting! I wish you had told me about this project earlier. You have my support:

Code:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.10 (GNU/Linux)

hQEMA8xUMVQPvvGFAQf/d8rd6E0ZvrsKFE8skNjoyuX3RwGj7UE6eP5zwDyO9xxm
o0wuIFwoR9a/wAnkx9ncg+eC86LTIvUE27oTEWGLY64Z9PIxRfnsehAQKPiPwz82
zl+W3FxSA2DsGDMByHoNxRuh2VnXwE47G2h/rmenHlH6J6q2s8TqaueCW8y8u002
j2Ie1EI3bu2nFWAhHbMjVqmw7VKqGtiMcnuclYB7LDGGWYgkTb6mg5tlPPl4hyI+
ebEsM/6rB+hGEbGbSg1vXYZ0H4Zd4Wrvog5lruPXC/mMQV04/kR+HHUGV6kD7sEO
b9AoZgMo3dbOH1pnwkwLELd6Y381CexRZ4ls6FeWZ4UBDAO4Pc5vOCVNqAEH/R0C
Wkozd5Ktsk3ajU2HHXb8LFnTQBKx9cK5hMm2cBSlrq5mrU+OX8gM2wIT3+BXWXEJ
n+87FnI8wk1fxyiPtGXowPVhsjoTDgW86IOavc+sq+dMuy93kIjXHodeWMdcG3hQ
rvw66hRXEZQAYcao9wBuX87w07l6RYrLEZHcVg+/RbzIuRIW6Pq2MwJ8r/jwxKBx
NVh1b2cHehiXjGimW+7+jdO9rmpalA5R2HOrKzOwh0PiAITDm+fQ4ZNkaPplPv1r
wMzw23fEVpUr9/58kHxvegYY73+h3hFJY4sU8NJKCYVuIGalybYE+r+OwHBcYLIg
4z+hzfps6u8OH/zQnDjSwTQB+A4YqZhKt/i0RMtiKBSFmv+0mLutPy6p99RSQJn0
HzFVP3nN8XZ4VF7YIiaoTNOeg316Yr9TRCRgBcg/MXIUSoB8Nzew5QdSyQRNdvpq
t1b2YUqLbcTpB9nuZ8jlTdfIPwr5+CcHWkpC3cACfGtKaxyGzbGqU0N7NvSM10ik
1pYLguIwLb1tzUwp67Xfv760ya0mZ3fNl9A7xi4nBSIVvlZOqKPBIyt9/spWkpuQ
ReDr0+r91MbL9aeo2jvyK1TD4rLqo9nyZJTtw1aHqYRcV8gybq2wxn5p5xw9ZB4c
NlMYmnzk9ndOQCpnWIwP9sd2HnI49BmIJ2WB1euCQofHub09BS3MjS0M2dIT5bgw
qPiNPoNOmcBkR6VCMZUKBp/N0bOEodg1facK3A9w1qUP2hA54ZoYhlfzti4XTfTK
ObmOXWnaTqohoDliMbl2lj3QIlojqrgYWB8Bw4aLhkBqATvBYuc1tdZbiAYuHGRk
aFXne4/AIItM+er7XrKq7Doms2onMLvICr/oVyTnl3BknzuwTSWMsBawJBCzrn3/
WMbqtDZk616Eo8Qecn12cfcYqPJsqZ+QZiExN42eXD8VTguFVsxuvK/IiRccwzWY
3KZncAY1HY+B8aio5OWp8XJXCPpHvZZ5t530i6fEy2ZS2O1drw==
=TAMA
-----END PGP MESSAGE-----

Hilarious. I love that you're donating with an off-chain tx system. But for the sake of transparency, I will say that was a 1BTC donation.

Great thread, thanks posters   For further sake of transparency, might I enquire the nature of this off-chain tx?  My guess is that this is an encrypted bitcoin private key.  In which case, it's not really secured to a keypair that only you retep control, until you put an additional tx in the chain moving that coin to the address that only you control.  In which case, it's not really "off chain" is it.  Or perhaps in that message is jdillon also claiming to destroy all records of this privkey, and you retep trust jdillon to do so?  Or are you using some third party scheme like what gavin proposed ages ago but still nobody has implemented publicly? 

Thanks thanks --       

[Peter Todd]

Great thread, thanks posters   For further sake of transparency, might I enquire the nature of this off-chain tx?  My guess is that this is an encrypted bitcoin private key.  In which case, it's not really secured to a keypair that only you retep control, until you put an additional tx in the chain moving that coin to the address that only you control.  In which case, it's not really "off chain" is it.  Or perhaps in that message is jdillon also claiming to destroy all records of this privkey, and you retep trust jdillon to do so?  Or are you using some third party scheme like what gavin proposed ages ago but still nobody has implemented publicly? 

Thanks thanks --       

EasyWallet URL.

[theymos]

A video about this might not be a bad idea, but there's no need to stick to 1 MB forever. Even if you want every Bitcoin user on a desktop computer to run a full node, optimizations and hardware improvements will eventually allow the max block size to be increased. I also don't like the word "democracy". Bitcoin isn't a democracy, or at least it's very different from most other things that are called democracies.

[Peter Todd]

A video about this might not be a bad idea, but there's no need to stick to 1 MB forever. Even if you want every Bitcoin user on a desktop computer to run a full node, optimizations and hardware improvements will eventually allow the max block size to be increased. I also don't like the word "democracy". Bitcoin isn't a democracy, or at least it's very different from most other things that are called democracies.

We discussed how to approach communicating the 1MB limit for quite awhile before we decided on the approach that we did. There isn't anyone reasonable in this discussion that thinks the limit is set in stone forever, however it will be years before it's safe to raise it, if ever. Network bandwidth is something limited not by technology, but by what regulatory environment you live in. It has everything to do with what your local telecom monopolies and governments think the internet should be used for than it does how many transistors can fit on a piece of silicon. Anonymous network bandwidth is especially fragile: look at how Japan's national police force has been talking about forcing ISPs to block Tor and proxies and even making using them illegal. EDIT: apparently this is incorrect The decision that it's safe to raise the 1MB limit won't be one made on technical grounds and it can't be made safely until we better understand how governments perceive Bitcoin.

With that in mind simplifying the message to talk about the 1MB limit directly, rather than talking about it as some wishy-washy "small blocks" message seemed like the right approach. By the time the limit can be raised safely many years will have passed, plenty of time for people to understand the nuances involved.


As for calling Bitcoin a democracy again I and the rest of my team decided it was quite reasonable to talk about it that way. The mining process is a strange type of vote, but in the grand scheme of things it's still a vote. For instance P2SH was implemented by miners voting that they would ban transactions that didn't follow the P2SH rules.

The Bitcoin blockchain rules are essentially our Constitution. They can be changed, but it takes a supermajority agreement to do so. 51% of miners need to agree to do so, and a reasonably large fraction of economic activity needs to follow.

You have to remember that a lot less than a majority of economic activity needs to follow because a blockchain without majority support from miners the blockchain is not secure. Specifically, note how with just over 2/3rds miner support the remaining 1/3rd of miners can be attacked by those supporting the new rules. That 1/3rd can't outvote the new blockchain, and at the same time they themselves can be outvoted, IE 51% attacked, making the blockchain with less miner support insecure and worthless regardless of what the economic majority wants.