Bitleaks

[Anonymous]

1.Embed your whistleblowing documents in a proof of work block chain .
2.The entire network confirms it .
3. profit

[theymos]

The block chain is made for timestamping, not storage. Doing that would be like a less efficient version of BitTorrent. And a version where your data can randomly disappear if someone has more CPU power than you.

Block chains are suited only for a narrow class of problems. A block chain is very, very expensive when compared to other P2P technologies. Running a block chain eventually requires that someone care enough about your network to support it with specialized hardware. Bitcoin has a built-in incentive (which has not yet been proven to be effective enough for long-term stability), but few other things do.

If it is at all possible to go without a block chain, you should do so. If you can build onto the Bitcoin block chain, do that instead of making your own. I expect that, for the foreseeable future, all projects making a new block chain will fail.

[RHorning]

If it is at all possible to go without a block chain, you should do so. If you can build onto the Bitcoin block chain, do that instead of making your own. I expect that, for the foreseeable future, all projects making a new block chain will fail.

What extra hooks could be put into the Bitcoin chain to be able to add extra kinds of data into that chain?

In theory there is the potential to put in additional message types beyond transaction and block messages to the whole getblocks/inv/getdata sequence.  Some of these blocks could in theory be other kinds of data such as a stock exchange purchase or the DNS data that has been talked about.

Where I see a problem is coming up with the algorithms to be able to process these extra kinds of data and getting them accepted into Bitcoin directly.  Bitcoin simply isn't that flexible at the moment.  There certainly are no hooks for processing those extra kind of data and verifying if they conform to some sort of standard or not or even identifying who might be involved in establishing those verification standards.

It could get there.  There might be ways to work Bitcoin up to put this extra data into the chain, but is that something which Satoshi is going to accept?  I really don't know either way.

I know you can shove all kinds of random garbage into the Transaction blocks that has nothing at all to do with Bitcoin balance transactions.  Is that really the way this project ought to go?  It is going to scale when Bitcoin transactions are huge as well just processing coin transfer information?  I don't see this scaling very well even if your proposition is correct.

[jgarzik]

In theory there is the potential to put in additional message types beyond transaction and block messages to the whole getblocks/inv/getdata sequence.  Some of these blocks could in theory be other kinds of data such as a stock exchange purchase or the DNS data that has been talked about.

Where I see a problem is coming up with the algorithms to be able to process these extra kinds of data and getting them accepted into Bitcoin directly.  Bitcoin simply isn't that flexible at the moment.  There certainly are no hooks for processing those extra kind of data and verifying if they conform to some sort of standard or not or even identifying who might be involved in establishing those verification standards.

c.f. theymos' first sentence, which you elided:  "The block chain is made for timestamping, not storage."

It is good there are no hooks for processing and verifying arbitrary third party data, such as DNS data.  A digital currency does not need to be loaded down with such crapola.

[RHorning]

c.f. theymos' first sentence, which you elided:  "The block chain is made for timestamping, not storage."

It is good there are no hooks for processing and verifying arbitrary third party data, such as DNS data.  A digital currency does not need to be loaded down with such crapola.

I agree, but that implies theymos is also full of it when he says that any new project requiring a block chain is going to fail, as there are other projects which need a block chain.  The role of the block chain is more than merely timestamping, but also to cryptographically certify the integrity of that data.  It is precisely for that reason which the data is desired to be put into the chain as a way to identify tampering with that data, not merely as a storage medium.

Another is to find some way to utilize the technology of Bitcoins in some other application that doesn't involve necessarily digital currency but provide some method to use Bitcoins as a financial incentive to participate.  So far the choice is to create a separate block and currency system or put that in with hooks and using Bitcoins as a data storage system.  If you know a third choice, I'm totally open to the idea.

Another possible alternative is a flat out fork of the project altogether and a schism of the community where these hooks are put in as I've described.  I don't think that is desired either.

As to if WIkileaks documents qualify as something needing to be both timestamped and having been cryptographically secured from tampering in a distributed network, that seems dubious on a few different levels, especially the time stamping, but I am talking about other similar kinds of data too.

[jgarzik]

If you just need a cryptographically secure chain, store your data in git.

[theymos]

The role of the block chain is more than merely timestamping, but also to cryptographically certify the integrity of that data.

The Bitcoin block chain provides two functions:
- Secure distributed timestamping
- A guarantee that any transaction in a deep enough block is valid

The only use for the validity guarantee is to avoid having everyone download the entire block chain. Bitcoin doesn't even use that feature right now.

"Shoving random garbage" into the Bitcoin block chain provides timestamping, but not validity guarantees. As Bitcoin doesn't even use validity guarantees at the moment, this is clearly useful in many cases. Data that is only necessary for a few weeks, for example, can be included this way: clients only need to download the last 2000 blocks or so, which should never be too difficult.

There are certainly some cases where the double-spending guarantee is required. But just because it is required doesn't mean you can design the incentive structure well enough to attract the necessary CPU power over the long-term. BitDNS, for example, is in a dangerous (and IMO impossible) situation: not creating enough domains will make the system useless in the long-term, but creating too many will not give generators enough incentive. Maybe it's even impossible to get enough incentive for a DNS-only block chain. Trying to predict the exact numbers required is equal to central economic planning, and pointless.

[RHorning]

The role of the block chain is more than merely timestamping, but also to cryptographically certify the integrity of that data.

The Bitcoin block chain provides two functions:
- Secure distributed timestamping
- A guarantee that any transaction in a deep enough block is valid

The only use for the validity guarantee is to avoid having everyone download the entire block chain. Bitcoin doesn't even use that feature right now.

I would add to this that Bitcoin also verifies block and transaction information to identify if it conforms to some sort of network protocol standards, which include aspects like making sure that double spending isn't happening and weeding out some flood attacks on the database.  Placing data into the transaction script as random superficial data is not going to be measured against any sort of network protocol at all or verifying that the data may have been duplicated.  The only defense against abusing this vector of attack is the transaction fees for transaction size.

"Shoving random garbage" into the Bitcoin block chain provides timestamping, but not validity guarantees. As Bitcoin doesn't even use validity guarantees at the moment, this is clearly useful in many cases. Data that is only necessary for a few weeks, for example, can be included this way: clients only need to download the last 2000 blocks or so, which should never be too difficult.

I could see a thin client only having to be "watching" for recent blocks sent around and verifying that a transaction got incorporated into a block, and furthermore that the block was accepted into the primary chain where additional miners are adding on additional blocks.  Such a client would not be in a position to identify double-spending, however, without the full block chain.  That could involve "trust" of the core nodes which are involved in the mining activity.

The validity "guarantee" as I've described above is to see that the data being included meets some sort of criteria for inclusion.  Verification of "ownership" of a piece of data is also included here, such as if somebody has the ability to spend a particular transaction output.  In the case of something like BitDNS, it would be to verify that the person making the transaction has "ownership" of the domain record to be able to make changes or modifications to that data and to produce a chain of evidence in terms of who authorized those changes.  Currently Bitcoin only performs this "service" for transaction data alone and my suggestion was that perhaps it could be more generalized in some fashion to include other data.

A "thin" BitDNS client would only have to see the changes to the data records and not the full chain of evidence in a full block chain, and perhaps they might only be interested in information about "their" domains thus filtering out even more information that is of interest to the central nodes for full verification.

There are certainly some cases where the double-spending guarantee is required. But just because it is required doesn't mean you can design the incentive structure well enough to attract the necessary CPU power over the long-term. BitDNS, for example, is in a dangerous (and IMO impossible) situation: not creating enough domains will make the system useless in the long-term, but creating too many will not give generators enough incentive. Maybe it's even impossible to get enough incentive for a DNS-only block chain. Trying to predict the exact numbers required is equal to central economic planning, and pointless.

In terms of deciding where to draw this balance as you are trying to suggest, that is what a market is for.  Certainly no single individual is going to figure that out, but setting up in effect an auction market which makes this prediction through economic incentives is something that I think is going to provide a much stronger balance for this situation.  If too many domains are created and created on the cheap, fewer people will be interested in participating in mining and processing the transactions.  If domain creation is too expensive and rare, there will be incentives for somebody to create a new node that starts to accept more domain transactions at a cheaper price and where many more people will start to participate in the network.

The issue here to me isn't if the concept of domain registration done in this way would work, but rather how it is going to be paid for and who pays for that service.  My hope here would be to get those using the service to pay for that service, and ideally to pay for that service in Bitcoins.  This could be a source of additional revenue and fees for miners and thus strengthening the main Bitcoin block chain with additional CPUs as well as growing the size of the Bitcoin economy.  If the members of this community don't want that money, however you define that money, it will go elsewhere.  There is a market for a service of this nature with real demonstrated demand for such a service.  I just think it is sort of sad that it is being driven out of the Bitcoin economy is all.

[theymos]

I would add to this that Bitcoin also verifies block and transaction information to identify if it conforms to some sort of network protocol standards, which include aspects like making sure that double spending isn't happening and weeding out some flood attacks on the database.  Placing data into the transaction script as random superficial data is not going to be measured against any sort of network protocol at all or verifying that the data may have been duplicated.

That's what I said. Random data has timestamping guarantees, but since it isn't validated, it doesn't have guarantees for validity (such as against double-spending) unless you download the entire data set.

Such a client would not be in a position to identify double-spending, however, without the full block chain.

You're thinking in Bitcoin terms. Other things don't need that level of guarantees. For example, DNS entries that have expired do not need to be remembered because they are totally irrelevant to the system. Of course, if you create an overly-complicated DNS system that actually has "credits" that need transferal...

In terms of deciding where to draw this balance as you are trying to suggest, that is what a market is for.

A block chain DNS system would not provide a market mechanism to adjust supply appropriately. The cost for generators to include a domain registration is basically 0. Allowing generators to include as many registrations as they want will quickly use up all useful names. The generators themselves will be incentivized to fill up blocks with as many dictionary words as possible, since they can then sell the names. The generators can distribute names as a replacement for registrars, but:
- This scheme is quite centralized. Someone like ArtForz could quickly become the new ICANN.
- I'm still not sure these properties would combine to make a system that is attractive enough to both generators and registrants.

Limiting the domains per block according to any fixed formula is bound to fail, as it does not adapt to the market.

I can only speak generally, since no one seems to have any unified idea of how BitDNS would actually work.