3) Protocol: "Escrow fund is 10% below target. Time to steal some hyperbitcoins from the speculators. YOINK!"
That is the part that I simply do not understand. The "protocol" is not an entity that can take actions. The protocol is a set of rules that all peers use to evaluate the bitcoin messages they receive and build up a shared, agreed-upon concept of what the "global balance sheet" of bitcoin is (in the form of transaction chains stored in the block chain). The protocol dictates rules about transaction validity that individual peers are free to ignore but since other peers have no incentive to ignore the rules, and incentives to obey them, a disobeying peer will get nowhere fast. At every point in the complex dance of bitcoin peers, the protocol rules are constructed to cause natural agreement between everyone with minimal effort. It's a thing of beauty.
You talk about the protocol as if it's something running somewhere in real time making decisions and effecting outcomes. It's not that at all. The protocol is a set of rules, and those rules must be set out ahead of time to effect the actions you want from the bitcoin peer network. Not only that, the rules don't specify what any peer has to do
, only what is valid for any peer to have done
. The protocol rules do not compel any action on the part of any peer, they establish criteria for deciding when what a peer has done is illegal, and because following these rules is to everyone's benefit due to the clever construction of the protocol, everyone naturally obeys them and everyone agrees when someone has done something against the protocol rules and ignores them identically.
So you have to formulate rules that can be described ahead of time and which, for any peer who doesn't know anything about the history of transactions in your system, can be used to ingest all of the block chain blocks and then decide on its own, independently of any other peer, what the state of the "global balance sheet" is after every block; and each peer must be able to do this identically. The identically part is what, in my opinion, rules out appealing to external entities for values to use in protocol equations for determining validity of transactions, because nobody ought to, or ought to be expected to, rely on an external authority whom they have to trust
gives out accurate information to everybody and who is always available to every bitcoin peer and always presents a true, factual, and consistent set of values when queried.
You are quite right in your comments about the protocol. What I wrote in my thought experiment is equivalent to describing the current protocol with words like:
Miner: I found a block!
Protocol: Here's 50 bitcoins! Enjoy!
Miner (later): I found another block
Protocol: I'm only giving out 25 bitcoins per block now. Sorry!
For the protocol to steal 5% of all outstanding hyperbitcoins, all clients have to be running the same rules which cause them to all agree that users holding hyperbitcoins all have 5% less of them because the escrow fund passed some threshold.
Furthermore, the requirement that the protocol establish rules that peers can use to verify transactions themselves using only the data available in the block chain (or other data that is publicly shared via the peer network and is cryptographically secure using hashes and forced work functions) means that the data sets and rules involved in verifying a given transaction must be minimal; otherwise, the work required to verify a transaction chain becomes prohibitive and gets even worse as the network scales.
This last part is why I keep asking for a concrete description of the rules that peers will have to follow to validate transactions. If a client has to a) keep an entire history of every transaction in order to be able to evaluate the validity of a transaction chain (bitcoin peers don't due to the merkle trees), and/or b) appeal to external authorities which may or may not be accessible or trustworthy, and/or c) require the evaluation of complex relationships between transactions or escrow accounts or whatever, and/or d) require every peer to retain huge amounts of data on disk in order to be able to validate any transaction, and/or e) any number of other ways to make the work of peers to establish faith in the validity of a transaction that I haven't thought of yet, then it is an unworkable system.
It is my supposition that your proposal suffers from more than one of these problems; and I've been trying to fish out more detail (admittedly I don't understand every aspect of your proposal so I'm trying to get you to consider my concerns and apply them to your system rather than doing it myself). I don't think you should write to Satoshi or publish a white papeer take any other premature step before addressing these concerns.
Responding to the enumerated concerns, in order:
a) Clients only have to track transactions and exchange rates they care about. If I'm not trading or holding goldcoins, I don't have to download goldcoin transactions.
b) I believe I have described how external data can be imported into the block chain, especially when that data has multiple trusted sources and nodes can reject blocks containing data they believe to be invalid.
c) Yes. If the complex relationship between escrow and hyperbitcoins doesn't work and can't be fixed, then this idea just won't work
d) Miners would have to retain all data for transactions they wish to collect fees for. Peers need headers for bitcoin transactions only (like they do now) until they start playing around with advanced features.
e) Yes, there could be additional problems that haven't been imagined yet. That's what this thread is for
Thanks for your thoughtful analysis.