Nebula-The upcoming cryptocurrency that will incentivize reversible computation.

[firhatnawfanh]

Hi there i stumbled here while searching for $nas,

This is a very interesting idea, I wonder whether such reversible computer / crypto will enable an cryptographic algorithm based on cellular automata to create a protocol/system that can self govern itself?

[1713497367]

1713497367

[jvanname]

News: There are already cryptocurrencies named "Nebulas" (MARKET-CAP $346,031,635) and "Neblio" (MARKET-CAP $182,594,614). Furthermore, the name "Nebula" is far to generic. I therefore plan on changing the name of the cryptocurrency. The name of the individual coins shall be called CIRCs which stands for Certificate of Innovation in Reversible Computation. I still need to finalize the name of the entire cryptocurrency though instead of the individual coins (I have an idea in mind).

[p3ngu1n]

News: There are already cryptocurrencies named "Nebulas" (MARKET-CAP $346,031,635) and "Neblio" (MARKET-CAP $182,594,614). Furthermore, the name "Nebula" is far to generic. I therefore plan on changing the name of the cryptocurrency. The name of the individual coins shall be called CIRCs which stands for Certificate of Innovation in Reversible Computation. I still need to finalize the name of the entire cryptocurrency though instead of the individual coins (I have an idea in mind).

I am looking forward to it.

[jvanname]

As an update, I am still working on the security of the POW problem.  A lot of security issues arise because I want to design a POW that incentivizes the construction of the reversible computer in the best possible way. For R5, I will use reversible linear cellular automata of dimensions 1 and 2. However,
I can list several security anomalies that arise from the use of linear cellular automata of dimension 1 including the following:

1. Suppose that f,g are involutions which are related to each other in some way. Then the composition fg is a permutation with cycles of an exceptionally low period. I so far have not been able to explain this phenomenon.

2. Cryptosystems require a large amount of non-linearity in order to thwart linear algebraic attacks. My POW problems however need to have as much linearity as possible since the CNOT gates (which are reversible and linear) will be much easier to construct than other reversible gates.

3. Reversible linear cellular automata over Z_2 of dimensions 1 or 2 over the torus of size 2^n x 2^n or circle of length 2^n have exceptionally low periods.

4. Reversible linear cellular automata over Z_2 of dimensions 1 or 2 have a Sierpinski triangle structure which indicates that these functions are not disorderly enough for cryptographic use.

Of course, I can solve these issues simply by basing my POW problems on something other than reversible linear cellular automata of dimension 1 or 2, but I do not want to do that because these reversible linear cellular automata are literally the simplest reversible objects that I can use, and I need my POW problem to be simple enough so that it will be as easy as possible for reversible computing manufacturers to construct machinery to solve these POW problems.

[riderinred]

As an update, I am still working on the security of the POW problem.  A lot of security issues arise because I want to design a POW that incentivizes the construction of the reversible computer in the best possible way. For R5, I will use reversible linear cellular automata of dimensions 1 and 2. However,
I can list several security anomalies that arise from the use of linear cellular automata of dimension 1 including the following:

1. Suppose that f,g are involutions which are related to each other in some way. Then the composition fg is a permutation with cycles of an exceptionally low period. I so far have not been able to explain this phenomenon.

2. Cryptosystems require a large amount of non-linearity in order to thwart linear algebraic attacks. My POW problems however need to have as much linearity as possible since the CNOT gates (which are reversible and linear) will be much easier to construct than other reversible gates.

3. Reversible linear cellular automata over Z_2 of dimensions 1 or 2 over the torus of size 2^n x 2^n or circle of length 2^n have exceptionally low periods.

4. Reversible linear cellular automata over Z_2 of dimensions 1 or 2 have a Sierpinski triangle structure which indicates that these functions are not disorderly enough for cryptographic use.

Of course, I can solve these issues simply by basing my POW problems on something other than reversible linear cellular automata of dimension 1 or 2, but I do not want to do that because these reversible linear cellular automata are literally the simplest reversible objects that I can use, and I need my POW problem to be simple enough so that it will be as easy as possible for reversible computing manufacturers to construct machinery to solve these POW problems.

I hope you are doing fine and keep making progress.
Just wanted to drop by and give you some positive vibes
Would love to hear about any new stuff you got.

[alexwolf011]

Hi, Jvanname

How is this project going? I still think that this project will be a very promising one in the future.

The market also needs something new and interesting to attract new comers. Hahaha

Hope everything goes well!

[Traxo]

EDIT(Nov 21):  
Here is an official Circcash announcement:

https://bitcointalk.org/index.php?topic=5292018.0;all


You can find relevant project updates here:
https://github.com/jvanname/circcash  

Circcash is a fork of Bitcoin using Hashspin as a proof-of-work algorithm. Hashspin is designed to accelerate the development of reversible computing hardware. Hashspin is the only cryptocurrency mining algorithm that is designed to solve an extremely important scientific problem.

I have started the unofficial ANN thread:  

[ANN] Circcash [unofficial :: unmoderated]
https://bitcointalk.org/index.php?topic=5290467.0;all

[jvanname]

Now is probably a good time to list some weaknesses of R5 and some of my early ideas of reversible mining algorithms (this in part explains why I did not release any cryptocurrency earlier).

Multiple mining algorithms-Multiple mining algorithms have been largely untested in the cryptocurrency community. From my experience, the Bitcoin community is quite conservative and they would not accept multiple mining algorithms running in parallel each with their own difficulties. The Bitcoin community does not like new ideas that could potentially bring a security risk like having multiple mining algorithms. Furthermore, having multiple algorithms means that each of those algorithms has to be vetted for cryptographic security. Even though cryptocurrency mining algorithms could easily be made secure by adding more rounds (I did this) and there is not much history of broken mining algorithms, this is not a risk that people should be willing to take.

Iterating compositions of involutions-If f,g:X->X are involutions, then you do not want to use an iterate of fg or anything like an iterate of fg in a cryptosystem since such a component presents a security weakness. I originally wanted to use this construction because of its simplicity, but this sort of construction is not very secure (this is why you do not see it in cryptosystems such as AES and SHA-256 despite its simplicity).

Lack of solution lottery technique-Without the solution lottery technique, the reversible mining algorithms look much more like reversible cryptographic hash functions. This presents a security issue. First of all, reversible cryptographic hash functions are a better at incentivizing the development of reversible computation than something like SHA-256d, but they are not optimized for this task. Second of all, the solution lottery technique means that the new portion of the mining algorithm does not have to have much cryptographic security. For example, the reversible portion of Hashspin (Circcash's mining algorithm) only requires 16 bits of security while SHA-256d mining requires about 128 bits of cryptographic security. For this reason, using the solution lottery technique, one can use the security buffer to focus on designing the algorithm to accelerate the development of reversible computing hardware.

[jvanname]

I guess the moral of this story is that mathematicians should not trust themselves with more than 16 bits of security.