Exploiting Special Properties of Bitcoin For Uses Other Than Currency

[grondilu]

Wikipedia makes its entire database available for download, plenty of mirrors are around, no fear that such a thing would disappear.

A thirty-two byte hash on one's own user page doesn't stand a remote chance of annoying bureaucrats.   If I put "F all you bureaucrats", that wouldn't even meet the threshold of them wanting to delete it, so why would they do this to recover disk space worth 0.0000000001 BTC?

Many people already put hashes on their own page for the purpose of being able to prove their identity if their account gets hacked.  Knowledge of plaintext = proof of account ownership (google "Wikipedia committed identity").  It's something they actually tend to encourage.  The plaintext doesn't have to be anything in particular, it just has to be something you know.

Still, a would prefer a trust-free system.  Personnaly I don't think Wikipedia will last long.  Too much centralised.

The fact that they depend on donations is a proof of that.  Had it been designed in a purely decentralised manner, they would not need that much money.

[1713481785]

1713481785

[casascius]

Still, a would prefer a trust-free system.  Personnaly I don't think Wikipedia will last long.  Too much centralised.

The fact that they depend on donations is a proof of that.  Had it been designed in a purely decentralised manner, they would not need that much money.

Do you mean making their entire codebase and content available free (GPL/GFDL/etc.) in a huge tarball on a regular basis doesn't achieve an acceptable degree of redundancy?  Their dependence on donations is only to the extent they overtly refuse advertising for philosophical reasons of neutrality.  It's not as though they don't have the traffic base to sustain themselves if they ever went with ads.  If Wikipedia died as you suggest, and If I have a needed to make use of my timestamp from long ago, I am sure its appearance on Wikipedia's mirrors would suffice (WP has so many mirrors that the mere LIST of them is split into alphabetical sections...#ABC - DEF - GHI - JKL - MNO - PQR - STU - VWXYZ)

[grondilu]

Do you mean making their entire codebase and content available free (GPL/GFDL/etc.) in a huge tarball on a regular basis doesn't accomplish that?  Their dependency on donations is only to the extent they overtly refuse advertising for philosophical reasons of neutrality.  It's not as though they don't have the traffic base to sustain themselves if they ever went with ads.  If Wikipedia died as you suggest, and If I have a needed to make use of my timestamp from long ago, I am sure its appearance on Wikipedia's mirrors would suffice (WP has so many mirrors that the mere LIST of them is split into alphabetical sections...#ABC - DEF - GHI - JKL - MNO - PQR - STU - VWXYZ)

Yeah, but then you'll have to trust those mirrors not to remove any data in the edition history.

Personnaly I won't believe in Wikipedia's full persistence until it is fully P2P.  Just mirroring won't accomplish that, imo.

[Anonymous]

To what end?  A digital stock cert is easier, and doesn't require a timestamp.  Anonymous ownership of stock is risky for the investors, and illegal in most nations anyway.  Anonymous "bearer bonds" are also banned in most nations, due to a history of their use in money laundering and finanacing of wars. 

A decentralized equity market would hve no brokerage fees.  This is good enough a reason do make it real, to me.

I don't care if it's illegal or if it can be used for money laundering or whatever.  Laws are decided by people.  I'm part of 'people' so I give my opinion and I say I wish anonymous ownership of shares was legal.

But corporations are creations of the state, and by proxy, so are stocks and bonds that these corporations release.  How, for example, can you ensure that the corporation that you invest in isn't going to deny that you are even an investor without the threat of the force of the courts?  Sure, you could sue in a common law court, but how would you get the losing party to pay the judgement if they don't even recognize the authority of the court? Bitcoin works because there is no counterparty risk that is always central to any particular Bitcoin transaction.  But stocks and bonds are just promises, and are primarily counterparty risk.

What about private companies where the  shareholder is one individual? I dont see anything wrong with that necessarily.

[casascius]

Yeah, but then you'll have to trust those mirrors not to remove any data in the edition history.

Personnaly I won't believe in Wikipedia's full persistence until it is fully P2P.  Just mirroring won't accomplish that, imo.

That would have to be one heck of a conspiracy...

I will also have to trust that my neighbor won't burn my house down with me in it... or that my dog won't stab me through the heart with a rough edge of a doggy bone in my sleep... or that I won't slip on a bar of soap and crack my head open and die tomorrow... if any of those happen, my timestamp will be worthless all the same (because I won't have a need for it...)

[grondilu]

That would have to be one heck of a conspiracy...

I will also have to trust that my neighbor won't burn my house down with me in it... or that my dog won't stab me through the heart with a rough edge of a doggy bone in my sleep... or that I won't slip on a bar of soap and crack my head open and die tomorrow... if any of those happen, my timestamp will be worthless all the same (because I won't have a need for it...)

I'm not talking about a full destruction of the whole Wikipedia database.

I'm talking about a cleaning of its history by most mirrors.

[theymos]

If a someone on Wikipedia uses oversight to remove your revision, I doubt any mirrors will go out of their way to keep your data alive.

[casascius]

I'm not talking about a full destruction of the whole Wikipedia database.

I'm talking about a cleaning of its history by most mirrors.

Perhaps if the cost of disk space starts going up (it currently isn't).  But if most mirrors really decide to go to such lengths, I will just have to get my timestamp from one of the ones that didn't.

If a someone on Wikipedia uses oversight to remove your revision, I doubt any mirrors will go out of their way to keep your data alive.

If someone on Wikipedia uses oversight to remove my own committed identity hash from my own user page, I will pinch myself to make sure I'm awake.  This too is about as unlikely as me slipping on soap tomorrow and dying...

[grondilu]

I'm not talking about a full destruction of the whole Wikipedia database.

I'm talking about a cleaning of its history by most mirrors.

Perhaps if the cost of disk space starts going up (it currently isn't).  But if most mirrors really decide to go to such lengths, I will just have to get my timestamp from one of the ones that didn't.

Also, if timestamping was to gain any importance in the future (for instance if it was used to validate official documents and so on...), then some people might be willing to counterfait them.  So there would be some fake Wikipedia mirrors that would make some fake timestamps.  It would then be difficult to prove that your timestamps are more genuine than others.

Finaly, your trust in Wikipedia gives Wikipedia's bureaucrats a power they don't deserve imo.  They could, if they want, forge fake timestamps and then claim ownership of some intellectual work.

Bitcoin's timestamping would be much more robust against counterfaiting.

Truth is that if wikipedia was really reliable as a timestamping server, then we would just not need bitcoin at all (!).   Timestamping is pretty much the very core orignal service provided by bitcoin.  I doubt there exist anything in the cyberspace that can do it better.

[casascius]

Also, if timestamping was to gain any importance in the future (for instance if it was used to validate official documents and so on...), then some people might be willing to counterfait them.  So there would be some fake Wikipedia mirrors that would make some fake timestamps.  It would then be difficult to prove that your timestamps are more genuine than others.

Finaly, your trust in Wikipedia gives Wikipedia's bureaucrats a power they don't deserve imo.  They could, if they want, forge fake timestamps and then claim ownership of some intellectual work.

Bitcoin's timestamping would be much more robust against counterfaiting.

Wikipedia's bureaucrats would never have a clue that's what I was doing, so they'd have no way to abuse that misplaced trust.

I don't mean to suggest that Wikipedia should become the world's de facto timestamping service.  They are just there and practical if I needed something timestamped.  What I understood is that people are arguing for making Bitcoin a system that arbitrarily timestamps things for people, anything they want, not just its own transactions.  Wikipedia obviously won't serve as a backend for timestamping Bitcoin's load, I've never suggested this.

For comparison's sake, I also own a Certified Document Services signing key for Adobe PDF.  I had to pay for this.  It comes in the form of a FIPS-compliant USB hardware cryptographic module that I have to unlock with a password each time I use it.  If I digitally sign a PDF, Adobe Reader cryptographically recognizes the signature, which also incorporates a cryptographically based time stamp.  This is what I will use (along with perhaps two or three other methods) if I come up with any invention that I'm scared conspiracies all around me will try to steal.  For all else mundane, Wikipedia will suffice, as will:

- paying for a newspaper ad with the hash (the newspaper may charge a lot or relegate it to the WTF section of the newspaper, but...)

- posting my hash on facebook, twitter, etc.

- printing it on a postcard and mailing it to a few dozen people

- writing it on something that will be filed as public record

etc...

At the end of the day, the world already has plenty of satisfactory timestamping solutions without needing to pollute Bitcoin with another.

[grondilu]

At the end of the day, the world already has plenty of satisfactory timestamping solutions without needing to pollute Bitcoin with another.

Again :  timestamping is pretty much the core of bitcoin service.  The distributed time server is the most original idea of Satoshi's design.

I just don't think any other solution is better.

[casascius]

Again :  timestamping is pretty much the core of bitcoin service.  The distributed time server is the most original idea of Satoshi's design.

I just don't think any other solution is better.

Agreed

[grondilu]

For comparison's sake, I also own a Certified Document Services signing key for Adobe PDF.  I had to pay for this.  It comes in the form of a FIPS-compliant USB hardware cryptographic module that I have to unlock with a password each time I use it.  If I digitally sign a PDF, Adobe Reader cryptographically recognizes the signature, which also incorporates a cryptographically based time stamp.  This is what I will use (along with perhaps two or three other methods) if I come up with any invention that I'm scared conspiracies all around me will try to steal.  For all else mundane, Wikipedia will suffice, as will:

- paying for a newspaper ad with the hash (the newspaper may charge a lot or relegate it to the WTF section of the newspaper, but...)

- posting my hash on facebook, twitter, etc.

- printing it on a postcard and mailing it to a few dozen people

- writing it on something that will be filed as public record

etc...

Using several trusted parties does improve the global trust, but it doesn't change the model.

It's just as if you were advocating in favor of bankin gystem against bitcoin, saying that basically if you don't trust bank A, then you can withdraw your funds and go to bank B or C or D and so on...

The model is alsways the same :  at the end of the day, you have to trust SOMEONE to take care of your data.

With bitcoin, the model is completely different.

[Timo Y]

I saw this analogy on the other thread and I thought it was a good short justification for not restricting Bitcoin use.

In principle, I would consider it a fallacy to try and mimic gold. Gold has many flaws but in the non-digital era it was the best we could find as a currency for lack of alternatives. Bitcoin can be something fundamentally different to gold, and it should be if that makes it a superior currency.
 
If we start using Bitcoin for generalised timestamping and whatnot, this might increase their value, but it will also indroduce additional costs and vulnerabilities into the network.

KISS.

[grondilu]

I saw this analogy on the other thread and I thought it was a good short justification for not restricting Bitcoin use.

In principle, I would consider it a fallacy to try and mimic gold. Gold has many flaws but in the non-digital era it was the best we could find as a currency for lack of alternatives. Bitcoin can be something fundamentally different to gold, and it should be if that makes it a superior currency.
 
If we start using Bitcoin for generalised timestamping and whatnot, this might increase their value, but it will also indroduce additional costs and vulnerabilities into the network.

KISS.

Satoshi himself pointed out that using bitcoin as a timestamping service is something we can not prevent.  See here : http://bitcointalk.org/index.php?topic=2162.msg28533#msg28533.  Therefore, there is no point trying to prevent it from happening.

And it does not add any complexity to the system.  At all.

[sturle]

Again :  timestamping is pretty much the core of bitcoin service.  The distributed time server is the most original idea of Satoshi's design.

I just don't think any other solution is better.

Agreed

Are you all mad?

What you call timestamps are so inaccurate and easy to skew that the best you could do is a datestamp.  If you want to make a reliable system for timestamping, you should at least make the clients to agree on the time within a second or less.  Satoshi could have done that if he wanted to make the system useful for timestamping, but he didn't.  There are many systems out there which are made for timestamping, which are free with microsecond resolution.  If you insist on paying for a datestamp with horrible resolution, you could just use snailmail!  Their datestamps are even accepted by courts of law.

[grondilu]

Are you all mad?

What you call timestamps are so inaccurate and easy to skew that the best you could do is a datestamp.  If you want to make a reliable system for timestamping, you should at least make the clients to agree on the time within a second or less.  Satoshi could have done that if he wanted to make the system useful for timestamping, but he didn't.  There are many systems out there which are made for timestamping, which are free with microsecond resolution.  If you insist on paying for a datestamp with horrible resolution, you could just use snailmail!  Their datestamps are even accepted by courts of law.

I'm well aware that bitcoin timestamping is not accurate, but it is really not an issue at all.

Since there is one new block every 10 minutes or so, globally bitcoin timestamping precision is more or less 10 minutes.

Imagine I make a nice audiovisuel file (movie, song, whatever).  I can sign and timestamp the hash of this file, and now all I have to do is to wait at least a few hours before releasing the file.  Then there is no way anyone could sign my file and timestamp it inside a previous block.  It's just as much impossible as it is impossible to steal some bitcoins from the block chain.

Accuracy is not the issue.  Robustness is.


PS.  I don't care at all about what courts of law accept or not as a proof for time.

[jimbobway]

Thinking outside the box here:

Moon, Mars land registrations using bitcoin.
In general digital lotteries using bitcoin.
Obviously, patents and copyright.


As a side note I don't like the arrogant attitudes of some of the posts in this thread.  Some people here talk like everything they say is fact.  As far as I know you are just an Internet user to me unless you have earned your respect like Satoshi.  Maybe they talk like that to get attention.  Not going to mention any names.

[sturle]

Are you all mad?

What you call timestamps are so inaccurate and easy to skew that the best you could do is a datestamp.  If you want to make a reliable system for timestamping, you should at least make the clients to agree on the time within a second or less.  Satoshi could have done that if he wanted to make the system useful for timestamping, but he didn't.  There are many systems out there which are made for timestamping, which are free with microsecond resolution.  If you insist on paying for a datestamp with horrible resolution, you could just use snailmail!  Their datestamps are even accepted by courts of law.

I'm well aware that bitcoin timestamping is not accurate, but it is really not an issue at all.

Since there is one new block every 10 minutes or so, globally bitcoin timestamping precision is more or less 10 minutes.

Imagine I make a nice audiovisuel file (movie, song, whatever).  I can sign and timestamp the hash of this file, and now all I have to do is to wait at least a few hours before releasing the file.  Then there is no way anyone could sign my file and timestamp it inside a previous block.  It's just as much impossible as it is impossible to steal some bitcoins from the block chain.

Accuracy is not the issue.  Robustness is.

In this case you don't rely on the timestamp, but the sequence number, and you pay a high price by discouraging other people from using bitcoins.  Just read the other comments here.  There are so many other ways of doing what you describe in standard ways, free, accepted by courts, etc, and with precision allowing you to release the file a second later, that you should pause and ask yourself if this is a brilliant way to waste a good currency.

Btw, your hash isn't worth much if the hashing algorithm is broken.  You better sign and post the entire file, not the hash of it.  At least post more than one kind of hash of the file, if it is important to you.  The blockchain in Bitcoins make it impossible to change your hash, but your hash itself may be worthless because someone can claim that you have changed their work in subtle ways to make it match your hash.

All of this can be done out of the blockchain or in a separate blockchain if you insist on connecting it to Bitcoins.  Perhaps another blockchain demanding accurate timestamps, if what you want is timestamps.

[Anonymous]

I dont get why people want to introduce incidental things into the currency chain.
If you want a different purpose start a new project.