What is the right and fair way to stop Mike Hearn?

[NanoAkron]

We can create real passports, that are actually more valid than a government produced effort. I don't know why anyone would trust government passports anyway, it proves that either it's real, or that you had the money and means to get a fake. Not really much use as an ID in the 21st century anyway.

Go for it! If you think you can verify and issue identities that are harder/more expensive to forge than passports, and which the majority of people are eligible for, then the "Carlton Banks Pass" would work just as well. There's no particular reason it has to be a government issued ID, it just happens that governments put a lot of effort into issuing these things at scale, there are international standards for them, they can be read using Android phones, and lots of people already have gone through the process to obtain one. So in that sense it's a convenient existing infrastructure that can be reused.

That's an almost perfect example of argument from ignorance, ergo: I can't think how to make something like passports, therefore it can't be done.

You've still not addressed the concerns over requiring external tokens.

We expect better from someone so deeply involved in bitcoin development.

[1714748648]

1714748648

[1714748648]

1714748648

[Mike Hearn]

Mike, it might have got lost in the noise (I think it's the other thread for the video), but did you see my question about active authentication? I'm really curious.

No, I didn't, thanks for the reminder. I replied on the other thread.

[augustocroppo]

Nope. Still not trust, only verification. There is no assumption of trust anywhere. Even in the case of a majority of nodes actively attacking, there is still no need to trust - the attack can be seen in quasi real time.

 

So, what is up, bro? You were speaking about trust there, right? Now you are changed the subject to "only verification".

Totally different issue. If I'm a simpleton I have to "take it on trust" that 5 + 7 is 12. That doesn't mean that mathematics is based on trust.

Bro, if you are a simpleton you are likely to trust an electronic device to tell you that 12 is really the result if 7 + 5.

Let's take another look at your original statement:

Unconditional trust is still required to form the P2P network. Each client have to trust each other in order to work.

False.

Wow, bro.

Much explanation.

[erik777]

Bro, do you even ... solve the Byzantine Generals problem?

What is needed is an electronic payment system based on cryptographic proof instead of trust,
allowing any two willing parties to transact directly with each other without the need for a trusted
third party.

 

Bro, you are misinterpreting the holly scripture. The almighty Satoshi is speaking about a specific functionality of the Bitcoin software. He is not speaking about the unconditional trust that is necessary to operate any P2P network. Do you even understand the difference, bro? There is not necessary trust between two parties to validate a transaction, but there is necessary trust from all parties to form the network. You are ignoring the fact that elimination of a central authority to validate the transaction do not translate in a complete elimination of trust to operate the network. The only trust eliminated is the trust in a third party to validate a specific transaction, not the trust that each user must have to participate in the whole network. The required trust from the end user increases in proportion to his own lack of technical understanding. As less an end user understand the process to participate in the network, more trust is required from him to participate in the network.

You see, grandma have to trust that the software she is using (she do not even know what that means) is not a corrupted code. Grandma have to trust the peers connected to the software she is using (she do not even know what that means) are not corrupted nodes. Grandma have to trust the hard earned BTC she is sending to an exchange platform (she do not even know what that means) are going to be exchanged by real money.

Augusto, I agree with you that it is true that a trustless transaction system can exist in any type of p2p network, including one built with human trust institutions (like SSL).  However, there are many reasons why a human "trustless" p2p network is preferred over one built on human trust institutions. 

More accurately, some of us would like to preserve to the fullest extent possible:

- transaction user anonymity
- node anonymity
- global network accessibility (keep governments from being able to block access)
- network uptime (keep anyone from shutting down honest nodes)
- secure (not easily compromised just because a human institution or its data become compromised)

It's clear that some people have no regard for anonymity, some value it a little, but not essential, and many regard it as essential to protecting our freedom in world where technology is increasingly concentrating central power -- and power corrupts.  So, once a person is identified as being in the first two camps, the rest of us, well, aren't likely to trust them. 

The great thing is we can use the very technology used to create bitcoins, including the combination of the p2p network and the blockchain, to create new concepts that strengthen the network without throwing privacy to the wind. 

While node trustability is distinct from the transactions in the blockchain, the blockchain is in effect our first large scale p2p database.  This type of database depends on the survival of the p2p network.  Likewise, the p2p network can better survive if it is extended to leverage not only the bitcoin blockchain, but new blockchains that can hold new types of information.  Perhaps the next evolution of a highly resilient self-healing p2p network is one with its own non-currency blockchain(s) so it can learn, build intelligence, and respond intelligently to threats. 

[augustocroppo]

[trilli0n]

I don't see any way for Bitcoin to have any real impact in a country where using it is illegal.

No! Cryptocurrencies will prove to have the most impact in countries where they are illegal or will be made illegal.

I believe that bitcoin is designed to be resilient against attack from any person or body, including the government. Any change in the bitcoin system which reduces anonymity, or creates any extra barriers to participate in it, or extends its functionality besides exchanging bitcoin, will weaken it and must be avoided at all cost.

Proof of passport seems a draconic measure to mitigate an impractical attack vector. In your example you mention someone in a public place connecting through a malicious hotspot which stages a man-in-the-middle attack. If it is only possible to perform a Sybil attack if you control someone's link to the internet, then such attack would be quite elaborate and difficult. In short, it seems to be a solution in search of a problem and it raises an unnecessary barrier.

I am wondering if increased and relative trust between nodes can't mitigate this issue almost entirely. With setting up a challenge-response when connecting to a node for the first time, and challenge-response checking each subsequent connection, it can be assumed with sufficient certainty that the node that was first connected to is still the same one and not part of an instantly whipped-up simulation. If I do this for a number of nodes, then it becomes impractical to do a Sybil attack. And a node should not even care if the other node can be fully trusted - as long as enough nodes are present that have been seen before, it can be reasonably assumed that the link to the internet has not been tampered with.

[augustocroppo]

Augusto, I agree with you that it is true that a trustless transaction system can exist in any type of p2p network, including one built with human trust institutions (like SSL).  However, there are many reasons why a human "trustless" p2p network is preferred over one built on human trust institutions. 

Bro:

No results found for “trustless”.

More accurately, some of us would like to preserve to the fullest extent possible:

- transaction user anonymity

You still need to trust the network is preserving the anonymity.

- node anonymity

You still need to trust the network is preserving the anonymity.

- global network accessibility (keep governments from being able to block access)

You still need to trust the network is blocking government intervention.

- network uptime (keep anyone from shutting down honest nodes)

You still need to trust the network is verifying the node uptime.

- secure (not easily compromised just because a human institution or its data become compromised)

You still need to trust the network is secured against data corruption.

It's clear that some people have no regard for anonymity, some value it a little, but not essential, and many regard it as essential to protecting our freedom in world where technology is increasingly concentrating central power -- and power corrupts.  So, once a person is identified as being in the first two camps, the rest of us, well, aren't likely to trust them. 

The great thing is we can use the very technology used to create bitcoins, including the combination of the p2p network and the blockchain, to create new concepts that strengthen the network without throwing privacy to the wind. 

While node trustability is distinct from the transactions in the blockchain, the blockchain is in effect our first large scale p2p database.  This type of database depends on the survival of the p2p network.  Likewise, the p2p network can better survive if it is extended to leverage not only the bitcoin blockchain, but new blockchains that can hold new types of information.  Perhaps the next evolution of a highly resilient self-healing p2p network is one with its own non-currency blockchain(s) so it can learn, build intelligence, and respond intelligently to threats.

Agreed, bro.

[Carlton Banks]

We can create real passports, that are actually more valid than a government produced effort. I don't know why anyone would trust government passports anyway, it proves that either it's real, or that you had the money and means to get a fake. Not really much use as an ID in the 21st century anyway.

Go for it! If you think you can verify and issue identities that are harder/more expensive to forge than passports, and which the majority of people are eligible for, then the "Carlton Banks Pass" would work just as well. There's no particular reason it has to be a government issued ID, it just happens that governments put a lot of effort into issuing these things at scale, there are international standards for them, they can be read using Android phones, and lots of people already have gone through the process to obtain one. So in that sense it's a convenient existing infrastructure that can be reused.

I think a viable "BitCloud"-type documents storage solution is a pre-requisite for my idea. There was a more convincing proposal than actual BitCloud in the Projects sub-board, I remember you contributing to that discussion. Combine that with a WoT tiered access and verification for the stored documents, and you've got a very 21st century system, with bitcoin ID protocol as the base level binding it together, providing a monetary incentive not to deceive.

If you could have your personal details (birth certificate, driving licence, street address, telephone+VOIP handle, e-mails, social networks pages etc) all stored and publicly accessible on a decentralised cloud platform, you could offer tiered access to the details fields and documents pertaining to you (I think with cryptographic access so that it can't be browsed without owner permission). You could have various zero-knowledge proofs to ascertain ownership of documents (as in your suggestions), and you could additionally offer proof that the same street address information that your siblings or parents have is the same that you're offering to the company you have your new phone contract with (using the same mechanism WoT has to cross-check fingerprints). Proof of genuine family ties could be a zero-knowledge DNA fingerprint comparison between you and your ostensible family members, or perhaps instead cross referencing with social network pages for friends that can vouch for your address (perhaps weighted by the length of time you've been associated on that network)

That's the sort of direction I believe this technology could and should be heading in. Passports are primarily international travel permits, not ID's. The centralised model has allowed them to be abused by some government departments, so they're not reliable as ID's really.

[colour]

That's an almost perfect example of argument from ignorance, ergo: I can't think how to make something like passports, therefore it can't be done.

You've still not addressed the concerns over requiring external tokens.

Mike Hearn isn't stupid. He knows pretty well that his proposals aren't going to be popular with the average Bitcoin demographic. His arguments (not only in this thread) may seem "ignorant", but that's because he simply doesn't care what the average bitcoiner thinks, he has his own game going.

Does anyone really believe that Mr. Hearn invests 6 months (!) into preventing some rather obscure attack scenario without carefully evaluating the pros and cons? He probably has some good reason which he isn't intending to make public (yet).

In my opinion, he probably wants to have the proper preparations ready to turn Bitcoin into "Paypal 2.0", for when the media begins to call for hard regulations. I think it is very likely that sooner or later Bitcoin will get connected to some terrorist act or some other large scale crime (and I don't mean some guys selling a bit of weed and ecstacy on the silkroad). At that point, global media will pummel the public with demands of either eradicating Bitcoin completely or implementing very tight restrictions. Then Mr. Hearn will be there to offer his services, probably together with a business like CoinValidation, to seemlessly make the transition from the old Bitcoin to the new Bitcoin, where all participants in the network are known to the authorities. Miners will be required to only allow transaction from/to verified addresses, with known identity of the owner. Unlicensed miners will get punished harshly. Even if they do not get caught by authority, they will be mining coins that will not be accepted by addresses in the "new Bitcoin", so most miners will probably get their license or risk getting rewarded with coins that only have a fraction of the worth of the coins that are inside the authorized system. No upstanding citizen will want to touch those coins and their usability and their dollar value will drop harshly. The prohibited part of the system will probably fade into obscurity, only being used by criminals.

Like it or not (I certainly do not), but from this point of view it seems like a smart move to prepare for this kind of scenario right now. Bitcoiners will attack Mr. Hearn for his ideas at this point, but the majority of them will be glad to get a Paypal-Bitcoin-hybrid instead of having no Bitcoin at all.

Disclaimer: I am not a smart man and everything I write may be complete nonsense.

[trilli0n]

You still need to trust the network

Trustless means: not having to trust a single entity. "Trusting the network" is pretty much the definition of trustless.

[erik777]

Augusto, I'm not arguing that we are not trying to define node trust.  We are.  But, in the words of the great hen master:

"What is needed is an electronic payment system based on cryptographic proof instead of trust,
allowing any two willing parties to transact directly with each other without the need for a trusted
third party."

In this debate, we discuss the important distinction of trust in human third-party institutions and human perceptions versus purely machine derived trust.  Even PGP's web of trust requires human input, where as Bitcoin, using a combination of cryptography, p2p and probability, today does not.  

To sum up these concepts, let's coin a new phrase: "human trustless".  Combining those two Websters definitions, a "human trustless" solution is one that does not require trust in humans.  

I like trillion's definition, too. 

"'Trusting the network' is pretty much the definition of trustless."

[trilli0n]

That's an almost perfect example of argument from ignorance, ergo: I can't think how to make something like passports, therefore it can't be done.

You've still not addressed the concerns over requiring external tokens.

Mike Hearn isn't stupid. He knows pretty well that his proposals aren't going to be popular with the average Bitcoin demographic. His arguments (not only in this thread) may seem "ignorant", but that's because he simply doesn't care what the average bitcoiner thinks, he has his own game going.

Does anyone really believe that Mr. Hearn invests 6 months (!) into preventing some rather obscure attack scenario without carefully evaluating the pros and cons? He probably has some good reason which he isn't intending to make public (yet).

In my opinion, he probably wants to have the proper preparations ready to turn Bitcoin into "Paypal 2.0", for when the media begins to call for hard regulations.

Uncomfortably enough, this makes actual sense. How can we trust Mike Hearn not to have a double agenda? Anyway, the more bitcoin will be regulated, the more likely it will be that at some point it is going to be dropped in favor of a cryptocurrency which regains resilience and privacy, such as Zerocoin.

[waxwing]

How can we trust Mike Hearn ..

You don't need to - you can verify him now (slide 10,11): https://docs.google.com/file/d/0B4t9VJLm_PWhRkFKa1pQTm54WU0/edit?hl=en&forcehl=1



Slightly more than zero knowledge, though

[Mike Hearn]

I haven't "invested six months". As I said in the talk that apparently nobody bothered listening to, I started thinking about it six months ago. Very different things!

As I also noted in the talk, the ZKPOP idea cannot be implemented today because the necessary code isn't even available.

[trilli0n]

the ZKPOP idea cannot be implemented today because the necessary code isn't even available.

Will you continue your efforts regarding ZKPOPs? And if so, would you mind sharing your thoughts on why you think it is a good idea? Perhaps you can respond to some critiques, mostly which real world issue ZKPOP stops, and why you think it is better than for instance a solution based on challenge-response?

I would genuinely appreciate it.

[erik777]

I haven't "invested six months". As I said in the talk that apparently nobody bothered listening to, I started thinking about it six months ago. Very different things!

As I also noted in the talk, the ZKPOP idea cannot be implemented today because the necessary code isn't even available.

If we're going to nitpick specific words in your presentation, can we get a transcript?  I'd like to quote the Iowa statement.  lol

The quote I'd really appreciate you giving us is:

"You know, the passport thing seemed like a good idea. It is certainly interesting. But, now that I've learned more about its cons through the concerns of others, I think I'd rather focus on solutions that don't require trusting third parties, human input or human identity.  It is clear that Bitcoin will be better off if we create security solutions independent of changes to the outside world...  solutions that will be available to all users of Bitcoin, regardless of citizenship, financial position or political affiliation."

[pand70]

Am i reading this right? Passports? Like physical government - issued ones?

Afaict this solution might be a very clever one to reduce the possibility of a sibyl attack but it's one of the
least elegant things that i 've heard in the context of bitcoin. It just doesn't feel right.

Ps. The "propose something else/better or stfu" argument, is NOT an argument whatsoever.

[augustocroppo]

You still need to trust the network

Trustless means: not having to trust a single entity. "Trusting the network" is pretty much the definition of trustless.

 

No, bro. The Oxford English dictionary disagree with you nonsense. Trusting the network is pretty much the definition of... Trusting the network!

[erik777]

You still need to trust the network

Trustless means: not having to trust a single entity. "Trusting the network" is pretty much the definition of trustless.

 

No, bro. The Oxford English dictionary disagree with you nonsense. Trusting the network is pretty much the definition of... Trusting the network!

Augusto, as someone who's been programming computers for 35 years, I can testify that the Oxford English dictionary is not where new technology and the concepts it introduces is born. 

[tvbcof]

the ZKPOP idea cannot be implemented today because the necessary code isn't even available.

Will you continue your efforts regarding ZKPOPs? And if so, would you mind sharing your thoughts on why you think it is a good idea? Perhaps you can respond to some critiques, mostly which real world issue ZKPOP stops, and why you think it is better than for instance a solution based on challenge-response?

I would genuinely appreciate it.

Being able to reliably execute code on another person's machine and trust the results (and do so with reasonable resource usage) is a stunningly powerful thing.

It might be pointed out that there is a difference between trusting a third-party a few microseconds and trusting them forever (or a longer duration) since if you rule out attacks which require some setup the attack surface narrows significantly.  The PCP work opens up the former case and that is what really got me off.

I was under the impression that the work described at the 2013 SJ conference (Eli Ben-Sasson, et-al) was available.  I was planning to build their compiler and piddle around with a hello-world class experiment when I got home, but never got around to it.

I've not watched this presentation (for bandwidth reasons) but I assume it's similar to what he presented that the Bitcoin conference:

  http://www.youtube.com/watch?v=CjUNj8ow6UE

If nothing else, the comments section alludes to why the developments are so exciting.