"Dirty Deals in Smoke-Filled Rooms" J. Ranvier discusses a Mike Hearn proposal

[Ragnarly]

Highlights

In summary, a service has launched that allows dishonest users attempt to defraud merchants, and now Mike Hearn is proposing as a solution that we change the Bitcoin protocol to allow a majority of miners to vote on the blockchain to confiscate the newly-minted coins of any other miner.

If this proposal sounds problematic to you, that's because it is. As several other individuals in the thread pointed out, this fundamentally changes the nature of the Bitcoin network and adds a mechanism via which other changes the Bitcoin users do not want (blacklists) can be secretly added at any time in the future.

And

Why are fundamental changes to the Bitcoin protocol, with wide-ranging implications relevant to all Bitcoin users, being discussed in relatively obscure corners of the Internet?

It may be the case that email lists are where programmers feel most comfortable "talking shop", but it also remains the case that Bitcoin doesn't belong to them.

Bitcoin belongs to everyone who uses it. No amount of code contributions will ever give some set of "core developers" the right to impose their decisions on the rest of the network. In fact, the degree to which they recognize that fact is the exact degree to which they will remain relevant to the future. Bitcoin users have a choice of software implementations these days, and implementations which attempt to rule the network instead of serve it will be dropped.

Individuals wishing to propose existential changes to the network should have that discussion in the public sphere, where the users are, so that those users have the best information possible regarding which implementations they should trust.

Core developers are not philosopher-kings who rule the network by imposing their judgement on the hoi polli, and they shouldn't act like it. (Note that this is not the first time Mike Hearn has floated proposals he knew Bitcoin users wouldn't like as trial balloons in relative obscurity). Once there is consensus among the community, or at least after they are aware of the proposal, then the development mailing list is an appropriate place to discuss how to implement it.

[leopard2]

Sources?

[justusranvier]

Sources?

http://sourceforge.net/p/bitcoin/mailman/message/32258096/

http://bitcoinism.blogspot.com/2014/04/dirty-deals-in-smoke-filled-rooms.html

[giszmo]

Uff. Too long, didn't read beyond 20%.

Yeah, Mike Hearn is one of the more ambivalent players here. I love most of what he does and usually defend him but what I'm most concerned about is that on the one hand he promoted micro payment channels (transaction channels) and now whines about zero conf payments not being safe. Damn, get transaction channels out and we win soooo much more than we could ever win by messing with the protocol as suggested here. Damn.

[Bit_Happy]

"If this proposal sounds problematic to you, that's because it is. As several other individuals in the thread pointed out, this fundamentally changes the nature of the Bitcoin network and adds a mechanism via which other changes the Bitcoin users do not want (blacklists) can be secretly added at any time in the future."

That would harm BTC and give new life to dozens of competing alt coins.

[MarketNeutral]

It's the confidence that bitcoin users have in the perception of the bitcoin protocol as it currently exists which gives bitcoin its value.

It's the confidence that bitcoin users have in the perception of the bitcoin protocol as a trustless system which gives bitcoin its value.

It's the confidence that bitcoin users have in the perception of the bitcoin protocol as a decentralized system which gives bitcoin its value.


No doubt Mike Hearn is a smart guy, but his technological arrogance is such that he's playing with fire by desiring to change the core principles as established by Satoshi, the very principles that have caused bitcoin to be the success it is today.

Don't bite the hand that feeds you, Mike. Bitcoin has value precisely because it is not what you want it to be.



Overall, if Mike Hearn feels so strongly about his ideas, then he should create his own altcoin/payment system distinct from bitcoin.

But that's unlikely, for I assume Mike Hearn et al are pursuing such dangerous ideas based upon potential personal profit.

[Carlton Banks]

tl;dr version

• Mike Hearn proposes to let miners vote on "reallocation" of blocks with double spends attempts
• Multiple others point out that this would let the miners vote to "reallocate" any block they wanted to. Examples of many different ways of abusing that mechanism cited
• Mike says "hey you guys don't understand!" in as many different ways he can, and also "bitcoin is a failure if my idea doesn't work!" with enthusiastic/well meaning cadence
• TierNolan and gmaxwell discuss using side-chains of various designs to mitigate the problem in the only usage case that is affected (in person payments)

In summary, Mike proposes a pernicious and controversial mechanism, and no-one agrees that that's the way to solve the problem of offering double spending as a service. Mike tries hard to suggest it's not controversial or pernicious, and no-one agrees with that either.

Case closed. (file under "Mike Hearn - controversial proposals")

[BldSwtTrs]

Is Mike Hearn an NSA mole?

[Remember remember the 5th of November]

Is Mike Hearn an NSA mole?

Was going to say the same thing. I think Mike Hearn is compromised, if this single idea of his goes through, then what the other bitcoin developers said about compromised developers is simply not true and they do indeed control Bitcoin.

So either Google is forcing him to "destroy" Bitcoin, or the government(or some government), or he is simply wishing to destroy Bitcoin himself.

[adamstgBit]

having the majority of the miners decided to relocate a block is perfectly acceptable, i don't get what the big deal is, if you can get 51% of the mining power to agree.... its all good whatever it is, isn't?


that is what makes bitcoin gr8

[Carlton Banks]

if you can get 51% of the mining power to agree.... its all good whatever it is, isn't?

No.

It's not possible to tell which transaction is the double spend. So this idea isn't based on being to prove anything. Current bitcoin rules are based on proving things. The rules you're talking about only let miners disallow blocks where it can be proven they're breaking the rules.

Mike has come up with a way of guessing which transaction is the double spend. It proves nothing, but uses an assumption based logic. Hence it is a guess. So some people might think it's a smart idea, but it's actually a way to:

• blacklist miners (for whatever reason)
• blacklist transactions (for whatever reason)
• blacklist addresses (for whatever reason)

So the idea won't survive it into a core software release, without risking forking bitcoin. I predict the Mike fork would lose the hashing power battle.

Edit: the ability to target transactions and/or address are not part of Mike's proposal, only immature mining rewards can be confiscated.

The problems still remain: miners could develop a cartel to drive minority miners out of the market, as the voting is arbitrary, and not based on any kind of proof.

[TheFootMan]

Sources?

http://sourceforge.net/p/bitcoin/mailman/message/32258096/

Strangely that link, when clicking on 'view entire thread' at the bottom gives the message 'There are no messages in this thread. '


I got to it from the main interface of the archive of the bitcoim mailing list: http://sourceforge.net/p/bitcoin/mailman/bitcoin-development/

Here's a link to the discussion:
http://sourceforge.net/p/bitcoin/mailman/bitcoin-development/thread/CANEZrP2t09bzmDkkWK3V2GpqEt54KhFnUQ8_u9ULMqniMaOA8Q%40mail.gmail.com/#msg32261414

[justusranvier]

Strangely that link, when clicking on 'view entire thread' at the bottom gives the message 'There are no messages in this thread. '

There can't possibly be any usability problems with the Sourceforge web interface, because Gavin Andresen himself insists that the bitcoin-development mailing list is perfectly accessible to the general public.

[TheFootMan]

Strangely that link, when clicking on 'view entire thread' at the bottom gives the message 'There are no messages in this thread. '

There can't possibly be any usability problems with the Sourceforge web interface, because Gavin Andresen himself insists that the bitcoin-development mailing list is perfectly accessible to the general public.

As a matter of fact, I wasn't aware of this proposal from Mike Hearn until I read this very thread. I've now spent a few hours reading, researching and trying to understand all of it. I learned something more about the bitcoin protocol in the process. Thanks OP.

I think everyone involved could benefit from taking a step back and being a bit calmer. While Justus Ranvier maybe went a bit over the hill with his blog title 'Dirty Deals in Smoke-Filled Rooms', I don't think anyone should take that at face value. And esp. not Gavin.

That's just a title used on a blog entry, and nothing to be worked up about. Also, it it a bit sad to see that both Gavin and Mike berates Justus for putting the issue on the table for the larger community.

First of all, a dev mailing list, is more obscure than bitcointalk and reddit. While I understand that there's a very low signal to noise ratio in this forum and on reddit, making a post on one of these places or other places (developer blog?) I think could be beneficial.

Now, as much as Gavin and Mike has done and does for bitcoin, should we all just applaud them and not question their actions? While we should appreciate their actions and contributions, I don't think neither of them should be spared for scrutiny and criticism, in fact I think they both should welcome this, esp. constructive criticism.

It's important to understand the situation from all sides. while Gavin and Mike are devs and wants to discuss with likeminded people without having to deal with too much trolls, it's also important to realize that there's members in the community like Ranvier who genuinely are concerned and worried about what Mike Hearn is bringing up here, and he's brought up controversial ideas before, like colored coins.

Bitcoin is built on a principle of neutrality, and suggesting to impose restrictions and power through changes to the protocol making it possible to remove this freedom is something that should worry us as a community.

We must realize that anyone wanting to disrupt the network will do so in sneaky ways, and they will be very persistent at it. It's known that NSA has infiltrated organizations before to lobby changes to fit their agenda.

Let us not be naive about this. And while Gavin and Mike might scoff of the idea that they could be working for an intel organization, because in reality they know for a fact that all of that is a lot of bullshit, we who do not know them well, do not know what associations they have off the record, who they speak to, who pays them and who has them in a tight grip.

And a NSA plant could have a long term plan for what he wants to accomplish.

As much as I would like to trust these devs, it's important that the community have their eyes on them, and that should not be looked at as a bad thing.

But here are a few observations:

- Mike's persistent. Defending his idea with great vigour.
- He was not happy about Ranvier's input in his thread regarding the coinbase reallocation to discourage finney attacks, even telling Ranvier in a condecending way not to get in his way, even with ad hominem attacks. If he just took a step back, and said: Ok, Ranvier, I understand your concerns, and next time, when I have some controversial idea like this one, I will surely make a blogentry about it, and post a link on bitcointalk and reddit, it would take 5 mins of my time, and it would prove I'm open about my ideas.

What it reminds me a bit about is politicians making decisions late at a friday, when all journalists have gone home for the weekend to their families, or rushing through a new law right before a public holliday or somesuch. It's still on public display, it cannot be denied, but how many eyes are on it, was it announced? How many knew about it?

Then... when we look logically at it all, this was just a discussion on the bitcoin dev mailing list, like any other discussion. However, what Mike suggests is disturbing, and likewise is his arguments. It seems like his arguments is constructed in a way to push his agenda, not to have an unbiased discussion listing the cold facts.

There are links to his original posts in this thread. If you're interested you should read them.

In my view, he's stressing the fact that real time transactions is very important. I agree that it is important, but not to any cost. He also uses big phrases and talks about 'the end of bitcoin' and what will happen if these changes are not implemented.

To me it seems like typical political speak where you paint the picture of some evil, and then propose a solution or method to remove that evil. And the more evil you can make that thing look, the more support you hope to achieve from others.

The userbase deserve to know about these discussions going on, and they deserve to be educated and to be in on it. Not everyone has english as their first language, not everyone is a software engineer, but they're still here, making this entire experiment possible, donating of their time on several different levels, being a part of the bitcoin ecosystem.

The devs should try to put themselves in the shoes of the ordinary users at times, we all understand they need to protect their time and don't want to go into flamewars, but have some respect for the users and opposing views.

Gavin accusing Justus of FUD was sad to learn about (check comments in Justus' blog). What Justus was saying was not out of line, and I think his blogpost (http://bitcoinism.blogspot.no/2014/04/dirty-deals-in-smoke-filled-rooms.html) was an interesting one.

We cannot have a community where the attitude of the top devs are: "Ssssh.. don't bother me, I'm an expert, and I cannot be bothered with the cesspit that is the bitcoin userbase."

While the bitcoin dev list is for discussing dev issues, and there's no rule saying that there's certain issues can be discussed only after having being publicized, I don't think you need much of a fine-tuned bitcoin-meter to see what kind of issues that will be the most controversial.

Stealing people's funds are in essence what Mike suggests that we do. Luckily the other devs chiming in on the discussion had valid counter arguments which I hope that he understood.

Why does he, as a core dev, keep insisting on these changes for coin control? These issues are disturbing, and while I respect his right to have his opinions and ideas, I'm not sure how well these ideas of his correlate with the 'bitcoin spirit'.

He is a dev that must be watched, because he won't stop pushing these ideas. And if some of his suggestions starts getting traction among the core devs, the userbase has to stand up and voice their opinion. Because the userbase IS bitcoin.

We must remember:

“Give me control over a nations currency, and I care not who makes its laws.”  ~Baron M.A. Rothschild

Let's not be naive, let's sleep with the eyes wide open, and participate in all debates and keep ourself vigilant and educated.

And then lastly, I want to comment on a couple of comments done by Gavin and Mike:

Gavin responding to Ranvier:

Re: [Bitcoin-development] Coinbase reallocation to discourage Finney attacks
From: Gavin Andresen <gavinandresen@gm...> - 2014-04-23 17:47:53
Attachments: Message as HTML   
>
>
> I've formulated my replies to you and this proposal in a more public
> venue, where such discussions of existential changes to the protocol
> more rightfully belong
>
>
I strongly disagree.  It makes perfect sense to discuss changes here,
first, where there are lots of people who understand how the system works
at a very detailed level.

And why do you think your blog is more public than this open, publicly
archived mailing list???

--
--
Gavin Andresen

While Gavin has a point, he should acknowledge Ranvier's concern when he responds to him, and show himself as the greater man. And the last sentence of Gavin is condecending and unnecessary. It's quite easy for me, as an outsider to understand Ranvier's concern, and while he might go at it with a frisky attitude, he has a very good point. If it were not for his blog post, and someone linking to it in this thread, I would be completely unaware of the entire discussion.


Quote by Mike Hearn on reply to Ranvier:

I don't think Twitter is an appropriate medium for discussing the details
of byzantine consensus algorithms.

I'm not going to bother arguing in replies to a blog post.

I think mike could be well served in dropping the elitist attitude of his. It's not that hard to see that concerns that Ranvier has.

And again, Mike in response to Ranvier.

If you want to try and argue that the development list is the wrong place
to discuss development, please do so on another thread (or your blog).
Let's keep this thread for discussion of the original proposal - ideally,
discussed with the dryness that a topic as nerdy as distributed consensus
algorithms deserves

I think the whole mess could easily be avoided if everybody involved was a bit more humble.


There are people involved with bitcoin who actually have a grand view of it, and have visions for its future and greatly care about how it evolves in the coming years, and what code goes into the protocol and what changes are being made.

Open discussion is great, and exchanging ideas is great, and disagreement is to be expected, but a core dev having a heavy hand on the 'regulation and power'-handle ready to crank it down, that's something everybody in the community should know about.

Confiscating and freezing assets of entities is something that bitcoin is supposed to move away from. Bitcoin is not traditional banking 2.0.

[justusranvier]

This is probably worth highlighting:

Hmm, then I think your faith needs to be shaken. Bitcoin  is money, and money is a purely artificial social construct. The interpretation of what a bitcoin means, or what a dollar means, has always been and always will be a human decision taken in order to achieve some socially useful goal. How could it be any other way? Do you want humanity to be enslaved by its own money?

This notion that the block chain encodes some kind of natural, immovable law that's above human judgement is a very strange one to me - I guess it comes from the fact that encryption *is* based on some kind of natural law. Without the key you can't decrypt a message no matter how strong the consensus is. But Bitcoin doesn't use encryption anywhere, just digital signatures. The only thing approaching natural law, that stops majority consensus controlling everything, is lack of information. Hence all the discussion around privacy and anonymity that goes on all the time.

Get it?

Mike Hearn is fine with changing the network to take your bitcoins away as long as he think it achieves "some socially useful goal."

[TheFootMan]

This is probably worth highlighting:

Hmm, then I think your faith needs to be shaken. Bitcoin  is money, and money is a purely artificial social construct. The interpretation of what a bitcoin means, or what a dollar means, has always been and always will be a human decision taken in order to achieve some socially useful goal. How could it be any other way? Do you want humanity to be enslaved by its own money?

This notion that the block chain encodes some kind of natural, immovable law that's above human judgement is a very strange one to me - I guess it comes from the fact that encryption *is* based on some kind of natural law. Without the key you can't decrypt a message no matter how strong the consensus is. But Bitcoin doesn't use encryption anywhere, just digital signatures. The only thing approaching natural law, that stops majority consensus controlling everything, is lack of information. Hence all the discussion around privacy and anonymity that goes on all the time.

Get it?

Mike Hearn is fine with changing the network to take your bitcoins away as long as he think it achieves "some socially useful goal."

Sorry about the 'ad hominem', but Mike Hearn is some kind of an oddball, reminds me about about Matthew N. Wright in some of his argumentation.

The real question is:

- Why is Mike Hearn so eager to put features into bitcoin that will lessen it's current mode of privacy and owner control and making it easier for third parties to control the funds of others?

- The same man recently stated that everybody should use google login for their web apps, why - so that everything can be recorded by google/nsa?

- Why is he using silly argumentation to attempt to further his ideas. Ie. the notion that bitcoin is soon dead because it's fraud rate will be close ot 5% for every-day payments is very far fetched.

I thought that the very reason most people are involved in bitcoin, esp. on a very commited level is because they want something different from the current banking system that we have.

Personally I don't want my transfers to go through a clearing-house, and if they don't like me or my associates, they will deny the transfer, or if they chose to excert violence towards me, they might confiscate the funds.

By the very nature of bitcoins, none of this should be possible. Sorry. If someone is a criminal and breaks the laws in a country, then go after that person, I don't see why monetary instruments should be a tool for the rulers to crush anyone at will.

What we essentially see is that confiscation of funds are used as a way to eradicate opponents and difficult people. Let's charge this man with a serious crime, and at the same time confiscate all his bank accounts, so he can't pay for his defense.

Does Mike Hearn not see where he's going with all this? What's his agenda? To be the bitcoin police? To make things just? Bitcoin works well the way it does, without the need to introduce stuff like this.

[justusranvier]

I thought that the very reason most people are involved in bitcoin, esp. on a very commited level is because they want something different from the current banking system that we have.

Bitcoin users who feel this way are going to need to get very vocal, very quickly, or the assholes in the world who do not want the unwashed masses to have this option are going to dismantle it.

[TheFootMan]

I thought that the very reason most people are involved in bitcoin, esp. on a very commited level is because they want something different from the current banking system that we have.

Bitcoin users who feel this way are going to need to get very vocal, very quickly, or the assholes in the world who do not want the unwashed masses to have this option are going to dismantle it.

Justusravier, I take it you're the same person who wrote that blog entry about "Dirty Deals in Smoke-Filled Rooms" ? And the same one who had a clash with Mike Hearn on the bitcoin dev. mailing list ?

In that case, I applaud you for your effort, and I'm a bit worried about the response you've received from Gavin and Mike. Even if they think that you're annoying, your involvement should be applauded and not ridiculed. It's important to see both sides of the coin, also for developers. When you posted on that mailing list, you had a concern, it was not to waste your own time. Therefore I think that should be respected, but my impression was that you got laughed out of the room so to speak.

That's not good.

While we should not taking everything online so serious, bitcoin is mostly an online phenomena, and I do think that core devs have a greater resposibility than the rest of the userbase, also in terms of how they behave.

So my questions currently are:

1. Is there any reason to worry that the current mode of bitcoin development is starting to deviate from the original intentions of Satoshi?
2. Who are the people pushing for such a bad change, and what associations do these people have?
3. What can normal people do about it, normal people who have their plate mostly full with real life issues already?
4. Should there be a new foundation, replacing or in addition to the existing bitcoin foundation, and if so, how would we assure that this foundation also did not become corrupt?
5. Would perhaps the best idea be to monitor the source code and make efforts to alert the community if certain changes were implemented?
6. Is power of various resources in the bitcoin community to centralized? I noticed there's an overlap of mods of bitcointalk and r/bitcoin for instance. Who controls the wiki and so on. I think it's important that there's not a single person or group of persons having too much power. Even if they do not intend to misuse their power, they might if a gun is put to their head, or to the head of their families.
7. The cryptocurrency world is fast paced, and it is hard to pay attention to everything that happens, is there a central repository where the most important issues are handpicked and highlighted? I noticed your blog seems to be a good source.

I would probably have more questions, but let's start with this.

[murraypaul]

In that case, I applaud you for your effort, and I'm a bit worried about the response you've received from Gavin and Mike. Even if they think that you're annoying, your involvement should be applauded and not ridiculed. It's important to see both sides of the coin, also for developers. When you posted on that mailing list, you had a concern, it was not to waste your own time. Therefore I think that should be respected, but my impression was that you got laughed out of the room so to speak.

I didn't read it like that, what I saw was people saying that they would continue to discuss Bitcoin development on an open Bitcoin development mailing list, and thought it slightly silly to try to divert the discussions to someone's personal blog instead.
And given the blog post title, I don't blame them. It totally mischaracterised the discussion.
There were no deals being done. Noone was plotting to change the way the code operates without telling anyone.
Person A said: I think this would be a good idea.
Pretty much everyone else said: No it wouldn't.
How is that bad?

[justusranvier]

1. Is there any reason to worry that the current mode of bitcoin development is starting to deviate from the original intentions of Satoshi?
2. Who are the people pushing for such a bad change, and what associations do these people have?
3. What can normal people do about it, normal people who have their plate mostly full with real life issues already?
4. Should there be a new foundation, replacing or in addition to the existing bitcoin foundation, and if so, how would we assure that this foundation also did not become corrupt?
5. Would perhaps the best idea be to monitor the source code and make efforts to alert the community if certain changes were implemented?
6. Is power of various resources in the bitcoin community to centralized? I noticed there's an overlap of mods of bitcointalk and r/bitcoin for instance. Who controls the wiki and so on. I think it's important that there's not a single person or group of persons having too much power. Even if they do not intend to misuse their power, they might if a gun is put to their head, or to the head of their families.
7. The cryptocurrency world is fast paced, and it is hard to pay attention to everything that happens, is there a central repository where the most important issues are handpicked and highlighted? I noticed your blog seems to be a good source.

I don't have specific answers to these questions.

In general, it's not a good idea to rely on single individuals or organizations to protect your interests. The interests which are threatened by Bitcoin are very good at subverting that kind of organization.

The most important thing you can do as a Bitcoin user is realize that you've got options. Satoshi's client is no longer the only game in town, with libbitcoin and btcd maturing as viable alternatives.

If it were up to me the community's focus would be on making the Bitcoin network heterogenous, with no single implementation running a majority of the network. The fact that all miners run on the same reference implementation is only slightly less of a problem than the 51% attack everybody is so worried about.

The international Bitcoin community should be hard at work building independent alternatives to US-centric services and software if they want their own interests to be protected.

[TheFootMan]

In that case, I applaud you for your effort, and I'm a bit worried about the response you've received from Gavin and Mike. Even if they think that you're annoying, your involvement should be applauded and not ridiculed. It's important to see both sides of the coin, also for developers. When you posted on that mailing list, you had a concern, it was not to waste your own time. Therefore I think that should be respected, but my impression was that you got laughed out of the room so to speak.

I didn't read it like that, what I saw was people saying that they would continue to discuss Bitcoin development on an open Bitcoin development mailing list, and thought it slightly silly to try to divert the discussions to someone's personal blog instead.
And given the blog post title, I don't blame them. It totally mischaracterised the discussion.
There were no deals being done. Noone was plotting to change the way the code operates without telling anyone.
Person A said: I think this would be a good idea.
Pretty much everyone else said: No it wouldn't.
How is that bad?

In general, reading between the lines is important. I'm not interested in discussing technicalities, but let me rephrase what I think's at the core of the issue:

I thought that the very reason most people are involved in bitcoin, esp. on a very commited level is because they want something different from the current banking system that we have.

Bitcoin users who feel this way are going to need to get very vocal, very quickly, or the assholes in the world who do not want the unwashed masses to have this option are going to dismantle it.

Having developers who deviate from Satoshi's original idea and want to implement features in the bitcoin protocol that destroy the features of bitcoin as it is at the moment is worrysome. Esp. confiscating others funds is something we should not do. There should be noone that has any kind of power to confiscate anyone elses bitcoins.

[murraypaul]

Having developers who deviate from Satoshi's original idea and want to implement features in the bitcoin protocol that destroy the features of bitcoin as it is at the moment is worrysome. Esp. confiscating others funds is something we should not do. There should be noone that has any kind of power to confiscate anyone elses bitcoins.

Which is what pretty much everyone else on the mailing list said too.
Where are the dirty deals?

[TheFootMan]

Having developers who deviate from Satoshi's original idea and want to implement features in the bitcoin protocol that destroy the features of bitcoin as it is at the moment is worrysome. Esp. confiscating others funds is something we should not do. There should be noone that has any kind of power to confiscate anyone elses bitcoins.

Which is what pretty much everyone else on the mailing list said too.

Yes, I noticed - and it is good.

Where are the dirty deals?

To my understanding, this was just a blog headline to get attention to the case, no need to spin on that anymore.

Ranvier was probably just a little upset about that such a discussion took place outside the more trafficked bitcoin places online, and voiced his opinion about it and chose a controversial title for his blog post. How can you blame him, he probably felt very strongly about it.

[yayayo]

This is extremely worrisome and has to be prevented. But I don't think that Gavin will support us in this matter - he is clearly pro-establishment (pro-regulation) and above average narcissistic, too.

ya.ya.yo!

[murraypaul]

Where are the dirty deals?

To my understanding, this was just a blog headline to get attention to the case, no need to spin on that anymore.

Well, when someone posts misleading headlines that accuse people of nefarious acts in order to increase traffic to their blog, they shouldn't be surprised when those people get pissed off.

Ranvier was probably just a little upset about that such a discussion took place outside the more trafficked bitcoin places online, and voiced his opinion about it and chose a controversial title for his blog post. How can you blame him, he probably felt very strongly about it.

His response was childish and rude. Yes, I can blame him.

[TheFootMan]

Where are the dirty deals?

To my understanding, this was just a blog headline to get attention to the case, no need to spin on that anymore.

Well, when someone posts misleading headlines that accuse people of nefarious acts in order to increase traffic to their blog, they shouldn't be surprised when those people get pissed off.

Ranvier was probably just a little upset about that such a discussion took place outside the more trafficked bitcoin places online, and voiced his opinion about it and chose a controversial title for his blog post. How can you blame him, he probably felt very strongly about it.

His response was childish and rude. Yes, I can blame him.

Good points. Noone is without blame. Now let's all be friends! 

[Carlton Banks]

Good points. Noone is without blame. Now let's all be friends!  

All individuals involved have their good and bad days. Overwhelmingly, all have done a great deal more good than they have ever been malign. Don't let one more bad proposal from Mike cause you to overreact. Otherwise, those who object to bad ideas might always end up as "the overreaction contingent". And Mike might never suggest any good ideas either, of which he has contributed many.

[TheFootMan]

Good points. Noone is without blame. Now let's all be friends!  

All individuals involved have their good and bad days. Overwhelmingly, all have done a great deal more good than they have ever been malign. Don't let one more bad proposal from Mike cause you to overreact. Otherwise, those who object to bad ideas might always end up as "the overreaction contingent". And Mike might never suggest any good ideas either, of which he has contributed many.

As much as I agree with what you have to say, I have two things I want to put forth.

1. Core Devs have a greater responsibility, and should therefore in general act more professional imo, esp. the ones who're being paid and have a name and a reputation.
2. Getting bad feedback will not prevent the one who has his heart into something, he will continue no matter what.

But I'll leave it at that, it's subjective opinions after all, but I think much criticism can be handled well if you don't get offensive, but rather appreciate the input and state that you value their concerns.

The more eyes you have on you, the more criticism and feedback you will receive, and although I understand it's easy to be upset at times, esp. when people only point out the bad things, and not the good things, how you handle criticism in general also points a lot to your character. Of course it's not desirable for anyone to get criticism, and a lot of people become defensive very quickly and it might be a natural response, but those intelligent and professional will handle it in a professional manner. From constructive criticism you can grow, and sometimes attacks are just unjust, and then perhaps it's best just to leave it at that.

[tvbcof]

I feel it worthwhile to point out something which I have before when similar threads have come up:

It is NOT an outrageous idea that 'criminal' are held to account.  It is NOT and outrageous idea that solutions contain design elements which facilitate this.  It is, in fact NOT an outrageous idea that the Bitcoin protocol evolves such elements in order to 'fight crime'.  They would be hugely effective at solving this very real problem.

Because these are not outrageous ideas (and are closer to 'common sense' in fact) there will be a lot of people who subscribe to them.  Both technical and non-technical people.

Everybody involved in development in Bitcoin 'cut his teeth' in some technical field or another.  If someone who is currently involved spent a good portion of his career dealing with regulatory and enforcement issues, there is a good chance that a) he agrees in principle with the frameworks that he's been involved with, and b) is inclined to leverage the same basic methods of facilitating enforcement which have proven effective in other solutions.

Holding the opinion that Bitcoin can and should have 'taint' or 'blacklisting' or be able to be generally controlled and managed in a top-down manner by a small group of entities is NOT either evil or illogical, and it certainly doesn't prove that someone is an NSA agent or whatever.  Nor does it disprove the hypothesis of course.

Stakeholders do, however, need to understand the attitudes and influences of various parties in order to make good decisions about how to allocate their support.  To this end, anything which detracts from visibility into the decision making processes (secrecy, censorship, etc) is highly bothersome to me.

---

As people who have read my rants over the years know, I personally am extremely opposed to solutions involving 'taint' and hold a variety of views about Bitcoin which are not very popular and in direct opposition to the direction which Mike and Gavin with to take (and are taking) things.  I was also among the first to call out Mike and Gavin personally for their attitudes and technical decisions which I feel will be counter to my wishes and I took some amount of abuse for it.

My personal animosity to such solutions are philosophical (it is rhetorically impossible to be 'free' to do only 'good' things) and practical (as a systems analysis point of view such developments will eventually collapse Bitcoin or change it beyond recognition and thus my stake in it will suffer.)

Holding the opinion that certain levels of criminal abuse are an acceptable tradeoff for the kinds of damage (and abuse of different types) that could occur with centralized management of the Bitcoin economy is by no means 'evil' or illogical either.  As with the design of any complex system, there are a lot of trade-offs.  I strongly favor fight crime in other ways than damaging the fungibility of the solution, and especially by doing so at the protocol level.

[TheFootMan]

...

Good input.

It's never wrong to fight crime. But something that's a crime somewhere might not be a crime somewhere else, and somebody needs to decide who's a criminal, and that somebody has the power.

Introducing any kind of confiscation into the bitcoin protocol, no matter how 'well meant' it is, is plain wrong.

Bitcoin can be used to buy anything anyone is willing to sell for bitcoins. Crime in this world is not new. It has flourished and the black markets of this world is huge. And most of the trades are done with traditional money.

Bitcoin is not what needs to be attacked, what needs to be attacked or changed is the fabric of society. And Bitcoin can contribute to that cause, but not if it becomes corrupted.

For  instance, there's been asset confiscations now, in the crisis that takes place in Ukraine, some Russian officials have had their assets frozen by the USG. Afaik, the USG kills innocent people with drone attacks very frequently. How many americans have had their assets frozen because of this?

Who is to decide who's committing a crime, and who's money is to be frozen?

While Hearn might be a young man, a product of his environment, and not realizing what he's actually proposing, what he's proposing is the opposite of what Satoshi's orginal intentions were, Hearn need to learn this.

If we wanted to, we could introduce hammers that were dismantled until the user put his thumb on a finger print scanning device, and locked the hammer head into place. Unless the user was registered in the 'allowed hammer users' database, the hammer would not be usable, the shaft and the head would be disconnected. I can see many arguments for such a decision: Thiefs uses hammers to break into houses. Some people kill other people with a hammer. Some kill animals with the hammer. You could tear down your neighborhood fence if you didn't like it, with your hammer.

After all, to prevent crime, all hammers would need to be used only by registered users, and all usage would be recorded, and the same with all other tools and services that could be used for any crime. Ideally we would need to have a drone following every human around the clock to ensure they're not up to anything bad.

The point is that most tools are neutral, and it is the user that decide what it's used for, not the tool itself. Bitcoin is not evil by nature, even though some people will use it for evil purposes, just like they would use oil, gold, USD etc. for the same purpose.

Laws and regulations are essentially a product of what politicians running a country decides upon, often heavily influenced by industry groups and other parties that corrupt the ruling politicians.

Bitcoin is supposed to be something new, something fresh. And it's even more traceable than cash.

If you withdraw 5K USD from your account, and you pay a carpenter that money, he will most likely use it for grocery purchases, and to pay off other service men, in fact that money is quickly spread, and there's no trail of where it went. The trail ends at the ATM when the customer of the carpenter withdrew the money.

If you deposit money to an exchange, you most likely need to be indentified to exchange it for bitcoins. The exchange knows your identity, and so does the bank from where you sent the money to the exchange. And the exchange keeps a record of your transactions on the block chain, essentially forming a link between the money transfer and the blockchain. Any law enforcement can follow that trail. So if the user uses those bitcoins for anything nefarious, it could be traced back to him by an agency having enough resources.

Yet, many scream that Bitcoin is the ideal tool for crime, just like the Internet was the ideal tool for crime in its infancy. It would only be used for pedophiles and criminals.  And those people do use, it but so do billions of people who're not doing any crimes.

Look how the Internet has transformed the world, and how global trade has become, and how important the Internet is for international business. What makes you think it will be anything different with bitcoin? No need to sign up for an account and give all your ID papers to a third party. You download a piece of software, and that's it. You can then send you money to anyone in the world with an internet connection.

You can work with a web designer in indonesia, a programmer in romania and pay them in btc, your webpage can sell a service or items that can be bought from all over the world, be it physical or digital. The bitcoins your receive from the customers can again be used in real world shops and online stores to buy items you need in your daily day, such as groceries and more.

It's something entirely new when it comes to payments online. Forget about all the old systems with draconical rules. If you want to send 1K USD worth of BTC to someone in your family anywhere in the world, how's that the business of anyone but yourself and your family? Forget about waiting a week to have your wire processes from Ireland to New Zealand , a week - you got to be kidding me! Or if your name is something like the name of someone on a watch list, the transfer might even be stopped pending investigation. The government don't care - the bank don't care - but you fucking care - because that money is supposed to be used for your kid attending university on an exchange program! It's your money and you should be allowed to use it exactly as you see fit, nobody has a business meddling with your monetary transactions.

See what the Internet has done, and imagine what a free flow of monetary transactions can do to the world. Imagine all the time spent earlier for travelling to a bank, waiting in a que, having your papers delivered, signing papers, and then waiting for a week or so to get your debit or credit-card, and then to add insult to the story, you have to wait for days when making an international transfer, and it even has to be reported to your government.

Bitcoin cuts through all that crap and is really usable. Download a program, and you're set to go. Of course there might be issues in terms of mass adoption currently, but it's the start of something great, and it has already grown a lot, and it is started to be taken seriously by many companies and governments.

Start meddling with this freedom, and we're soon back to square one.

You don't need to be a criminal to be concerned about facts like these:

- International transfers are often delayed and subject to excessive fees.
- Your account can be closed at will by the bank if they for whatever reason don't think you fit their ideal customer profile.
- The ability to withdraw cash is often limited, and you need to post note in advance and the amount you can withdraw in one go is sometimes limited.
- The government, if they judge you to be a criminal, they can simply instruct the bank to freeze all your assets.
- The government, if entering a special difficult financial position, could simply confiscate a certain amount of your funds or everything. It's not safe. Look at Cyprus. Believe it can't happen again?


Remember:

Give me control of a nations money supply, and I care not who makes it’s laws.

So, in my opinion let the services and exchanges take care of AML/KYC and leave the bitcoin protocol alone. If there eventually is a fact that bitcoin becomes uscoin, then a lot of people will start using other altcoins.

[GoldenWings91]

This is the epitome of crying wolf. Mike, like many people before him, proposed an idea. That idea was was dissected finding most of its faults. That's all that happened. There were no "Dirty Deals in Smoke-Filled Rooms", the mailing list is public and anyone can propose an idea there. Since the development mailing list is full of people who actually understand how Bitcoin works on a technical level it's the best place to propose changes to Bitcoin as you'll get responses from people who actually know what they're talking about. On this forum you would get a bunch of emotionally charged responses from people who have never seen a line of Bitcoin code.

You can join the mailing list here: https://lists.sourceforge.net/lists/listinfo/bitcoin-development

Mike's controversial idea is neither the first nor the last that will likely not make it on this forum for the simple reason that such ideas will die very quickly on the mailing list. Only the ones that gain traction will eventually be discussed here, just search the payment protocol proposal for an example.


 

It is, in fact NOT an outrageous idea that the Bitcoin protocol evolves such elements in order to 'fight crime'.

What is crime? Who gets to define it? A lot of people, including myself, consider Bitcoins neutrality to be a fundamental part of the protocol.

[tvbcof]

 

It is, in fact NOT an outrageous idea that the Bitcoin protocol evolves such elements in order to 'fight crime'.

What is crime?

It's hard to define, but 'I know it when I see it.'  More importantly, my justice system does.

Who gets to define it?

My justice system (here in the U.S.)  Duh!  We are a democracy which (eventually) adheres to the will of the people, and we currently have the worlds dominant monetary system which pretty much proves that we are doing things better than anyone else.  And if it does not, it doesn't matter anyway because that is how control of the solution will naturally fall once the protocol supports it...if not before.   They don't call us 'the leaders of the free world' for nothing, and it is unarguable that 'you could do worse.'

Any suggestion that the U.S. central governmnet authorities are not the most well prepared to define crime is to silly to pay much attention to, and any suggestion that something could make this reality change in the future is some sort of a wild 'conspiracy theory.'

A lot of people, including myself, consider Bitcoins neutrality to be a fundamental part of the protocol.

Something tells me that that will be the case with you until it isn't.

[5flags]

Just to chime in - the Bitcoin dev mailing list is THE place to discuss ideas relating to really quite technical issues, at least in the first instance. The blog article is a perfect example of why.

Secondly - if I read it correctly, this doesn't affect the fungible nature of Bitcoin, does it? It does not allow for arbitrary blocking of transactions or theft of coins, nor does it "taint" an ouput. Is this understanding correct? Does it not just allow for reallocation of the coinbase?

I agree with Mike on a couple of points - if zero confirmation transactions become sufficiently untrustable, people will not use the Bitcoin network to buy their latte or their Subway sandwich, they will rely on a third party service like Coinbase, so that the transactions can be instant, but off-chain. This isn't necessarily a bad thing, but it does provide a market incentive which would detract from Bitcoin's decentralised aims.

The second point - the provision of Finney attacks as a service is a necessary attack on the Bitcoin network. It is an attack to which the network should be able to adapt to cope with. Yes, you are not obliged to accept zero-confirmation transactions, but see the first point.

[giszmo]

Uff. Too long, didn't read beyond 20%.

Yeah, Mike Hearn is one of the more ambivalent players here. I love most of what he does and usually defend him but what I'm most concerned about is that on the one hand he promoted micro payment channels (transaction channels) and now whines about zero conf payments not being safe. Damn, get transaction channels out and we win soooo much more than we could ever win by messing with the protocol as suggested here. Damn.

quoting myself for I still don't get this.

[Carlton Banks]

Does it not just allow for reallocation of the coinbase?

There's no place for "just" in that sentence. The coinbase is the 25 BTC mining reward, you're suggesting that allowing the other miners to vote on taking a miner's block reward away is an okay way to proceed. Competing miners, who couldn't possibly have any more of a conflict of interest. It's an obvious poor idea.

The majority miners can use it to squeeze their competition. And non-miners with alot of influence can use it to force people to comply with whatever transaction/address lists they determine. Arbitrary mechanisms give way to arbitrary uses, IOW.

[5flags]

There's no place for "just" in that sentence. The coinbase is the 25 BTC mining reward, you're suggesting that allowing the other miners to vote on taking a miner's block reward away is an okay way to proceed. Competing miners, who couldn't possibly have any more of a conflict of interest. It's an obvious poor idea.

The majority miners can use it to squeeze their competition. And non-miners with alot of influence can use it to force people to comply with whatever transaction/address lists they determine. Arbitrary mechanisms give way to arbitrary uses, IOW.

And as Mike accurately points out, if a majority of miners are dishonest, Bitcoin has failed. Game over.

[Carlton Banks]

No, that's incorrect.

Right now, there is no way for the miners to dishonestly pick off mining rewards from each other. To create that opportunity for bad behaviour, then claim that abuse of the mechanism that enabled it means "Bitcoin is dead" is an incredibly poor argument.

[Peter R]

One of Mike Hearn's proposed "solutions" to reduce the success rate, P_0-confirm, of 0-confirm double-spend attempts is to add heterogeneity to the block-acceptance criteria (instead of "longest chain wins" it would now be "longest chain wins except when the longest chain was made by a miner deemed to be fraudulent).  

Ironically, it was heterogeneity in the mempool-acceptance criteria that increased P_0-confirm in the first place.  In particular, it was certain miners deciding that "to make bitcoin 'better,' we will reject TXs from on-chain gambling sites."  But Peter Todd recently demonstrated that this heterogeneity can be gamed to increase the chances that a fraudulent 0-confirm TX is confirmed.  Instead of working on the problem (decrease heterogeneity by education and social pressure), Mike has proposed adding more heterogeneity to "fix" it.

What will happen if certain miners choose not to mine on the new blocks generated by "fraud miners"?  Some will follow the old rules (longest chain) and some will follow the new rules.  What's worse is that the new rules for defining a "fraud miner" can't really be codified, so there will be block-acceptance heterogeneity even between those that adopt Mike's proposal.  The end result will be a greater orphan rate and an increase in the success rate of 1-confirm double spends.  

TL/DR: Peter Todd showed how to game mempool-acceptance criteria heterogeneity to increase P_0-confirm; if Mike's proposal is implemented, someone else will show how to game block-acceptance criteria heterogeneity to increase P_1-confirm.


Mike's other proposal (reassigning coinbase transactions) is coin confiscation.  It would set the following precedent: "control of an address belongs to he who controls its private key except when those bitcoins were acquired in a way that is deemed fraudulent."

[5flags]

Right now, there is no way for the miners to dishonestly pick off mining rewards from each other. To create that opportunity for bad behaviour, then claim that abuse of the mechanism that enabled it means "Bitcoin is dead" is an incredibly poor argument.

There is already opportunity for bad behaviour. I still think Mike is right here. The same forces (market and other) which prevent miners from engaging in bad behaviour now would still apply. I fail to see how Bitcoin would be considered a success with a majority of dishonest miners.

[5flags]

One of Mike Hearn's proposed "solutions" to reduce the success rate, P_0-confirm, of 0-confirm double-spend attempts is to add heterogeneity to the block-acceptance criteria (instead of "longest chain wins" it would now be "longest chain wins except when the longest chain was made by a miner deemed to be fraudulent).... 

Thanks Peter, that's some useful info. I don't fully understand the issue, but that post certainly helps.

[justusranvier]

Secondly - if I read it correctly, this doesn't affect the fungible nature of Bitcoin, does it? It does not allow for arbitrary blocking of transactions or theft of coins, nor does it "taint" an ouput. Is this understanding correct? Does it not just allow for reallocation of the coinbase?

The proposal is theft of coins.

The Bitcoin protocol right now has no built in mechanism via which a third party can reassign a balance.

If such a mechanism is ever added to Bitcoin, then Bitcoin is worthless. It doesn't matter how little they promise to use it (at first).

When it comes to the question of, "under what circumstances can miners vote to confiscate funds on the blockchain," the difference between "never" and "rarelty" is infinitely greater than the difference between "rarely" and "frequently". Biitcoin only has value if the answer to the question is "never".

[Peter R]

It is NOT an outrageous idea that 'criminal' are held to account.  It is NOT and outrageous idea that solutions contain design elements which facilitate this.  It is, in fact NOT an outrageous idea that the Bitcoin protocol evolves such elements in order to 'fight crime'.  They would be hugely effective at solving this very real problem.

I don't think many people would argue that we shouldn't fight crime.  By all means, if a miner operates an out-of-band double-spend service and knowingly aides people in defrauding others, then they've committed a crime.  Most jurisdiction around the world have laws to deal with fraud.  

Do I think the protocol should be changed?  Absolutely not!  My resolve here is hardened by my belief that any heterogeneity added to the protocol would actually make it less secure for everyone.  Not only would it not help with fraud, IMO it would actually make fraud easier.    

Bitcoin is powerful because it is useful.  It is therefore useful both for good and for bad, by definition.  Any attempt to make it less useful for bad will also make it less useful for good.  

[murraypaul]

Secondly - if I read it correctly, this doesn't affect the fungible nature of Bitcoin, does it? It does not allow for arbitrary blocking of transactions or theft of coins, nor does it "taint" an ouput. Is this understanding correct? Does it not just allow for reallocation of the coinbase?

The proposal is theft of coins.

The Bitcoin protocol right now has no built in mechanism via which a third party can reassign a balance.

Speaking specifically of the coinbase only, that isn't really true, is it?
Miners can already attempt to deliberately orphan a block, which would have the same effect of removing the coinbase allocation.

[Peter R]

Secondly - if I read it correctly, this doesn't affect the fungible nature of Bitcoin, does it? It does not allow for arbitrary blocking of transactions or theft of coins, nor does it "taint" an ouput. Is this understanding correct? Does it not just allow for reallocation of the coinbase?

The proposal is theft of coins.

The Bitcoin protocol right now has no built in mechanism via which a third party can reassign a balance.

Speaking specifically of the coinbase only, that isn't really true, is it?
Miners can already attempt to deliberately orphan a block, which would have the same effect of removing the coinbase allocation.

If a block gets orphaned, then its associated coinbase is simply unusable.  Nothing was re-assigned.  

If you create a mechanism where outputs assigned to a particular bitcoin address can be moved without an ECDSA signature produced by the corresponding private key, then this is coin confiscation.  The legitimacy of the blockchain ledger would be severely shaken (and IMO eventually destroyed).   

[5flags]

Bitcoin is powerful because it is useful.  It is therefore useful both for good and for bad, by definition.  Any attempt to make it less useful for bad will also make it less useful for good.  

This is why I've always been against tainting or blacklisting coins. Transactions must be cast in stone (assuming no orphaning etc), this is fundamental. If there is a theft, then there is a theft. But the coinbase is subtly different...isn't it?

I guess what I'm trying to understand is this: Finney attacks as a service are an entirely predictable reality. What response should there be? Is Mike's proposal any more likely to be abused than a mining pool providing double spends as a service?

[murraypaul]

Secondly - if I read it correctly, this doesn't affect the fungible nature of Bitcoin, does it? It does not allow for arbitrary blocking of transactions or theft of coins, nor does it "taint" an ouput. Is this understanding correct? Does it not just allow for reallocation of the coinbase?

The proposal is theft of coins.

The Bitcoin protocol right now has no built in mechanism via which a third party can reassign a balance.

Speaking specifically of the coinbase only, that isn't really true, is it?
Miners can already attempt to deliberately orphan a block, which would have the same effect of removing the coinbase allocation.

If a block gets orphaned, then its associated coinbase is simply unusable.  Nothing was re-assigned.  

The old block's coinbase is unusable. The new replacement block get a coinbase.
The exact coinbase hasn't been reallocated, but 25 BTC have been taken from one miner, and 25BTC have been given to another.
The financial result is the same as if the original BTC were reallocated, even if the technical details are different.

[LiteCoinGuy]

tl;dr version

• Mike Hearn proposes to let miners vote on "reallocation" of blocks with double spends attempts
• Multiple others point out that this would let the miners vote to "reallocate" any block they wanted to. Examples of many different ways of abusing that mechanism cited
• Mike says "hey you guys don't understand!" in as many different ways he can, and also "bitcoin is a failure if my idea doesn't work!" with enthusiastic/well meaning cadence
• TierNolan and gmaxwell discuss using side-chains of various designs to mitigate the problem in the only usage case that is affected (in person payments)

In summary, Mike proposes a pernicious and controversial mechanism, and no-one agrees that that's the way to solve the problem of offering double spending as a service. Mike tries hard to suggest it's not controversial or pernicious, and no-one agrees with that either.

Case closed. (file under "Mike Hearn - controversial proposals")

best summary  (agree)

[justusranvier]

The financial result is the same as if the original BTC were reallocated, even if the technical details are different.

Those mere technical details are in fact the relevant difference.

Doing a sufficient amount of work to orphan part of the chain has a high cost associated with it. Holders of Bitcoin can calculate the risk losing their funds due to a reorg because that cost can be calculated.

When you allow miners to confiscate generation outputs with a mere vote instead of via the proof of work process it becomes easier to do, therefore it will be used more often.

It also most certainly will not stop with confiscating the rewards of "bad" miners. Of course that's just the small end of the wedge. Once voting by miners, as opposed to producing the valid ECDSA signatures, is established as a legitimate way of editing the ledger, then the path will be cleared to enable all sorts of other editing.

This is exactly how to destroy Bitcoin - by taking away its most important advantage it holds over legacy currencies.

[Peter R]

Bitcoin is powerful because it is useful.  It is therefore useful both for good and for bad, by definition.  Any attempt to make it less useful for bad will also make it less useful for good.  

I guess what I'm trying to understand is this: Finney attacks as a service are an entirely predictable reality. What response should there be? Is Mike's proposal any more likely to be abused than a mining pool providing double spends as a service?

Firstly, I think we need to accept that P_0-confirm will never be 0.  It is simply not possible for the entire world to come to consensus one every transaction in less than a second. 

That being said, how can we minimize the success rate of double-spend attempts?  The answer is to make it easier to come to consensus!  This means that miners and nodes should accept into mempool and relay all valid transactions.  This means that miners should build on top of the longest chain in all circumstances.  This means that protocol rules should be simple and codified. 

Fraud is a crime committed by humans.  It should be fought at the social level.  If a user double-spends against a merchant, how is this different than someone passing off a fake $20?  If a mining service assists a user to double-spend, then how is this different that a counterfeiting cartel selling fake bills at a discount?  We already have mechanisms to fight fraud.   

Is Mike's proposal any more likely to be abused than a mining pool providing double spends as a service?

Q: Why does it take so long for a wire transfer or a cheque to clear in the legacy financial system?  A: Because there is so much complexity in the protocol and consensus mechanism.  Adding more complexity to the bitcoin protocol (i.e., implementing Mike's proposal) will make bitcoin slower and less secure. 

[windpath]

tl;dr version

• Mike Hearn proposes to let miners vote on "reallocation" of blocks with double spends attempts
• Multiple others point out that this would let the miners vote to "reallocate" any block they wanted to. Examples of many different ways of abusing that mechanism cited
• Mike says "hey you guys don't understand!" in as many different ways he can, and also "bitcoin is a failure if my idea doesn't work!" with enthusiastic/well meaning cadence
• TierNolan and gmaxwell discuss using side-chains of various designs to mitigate the problem in the only usage case that is affected (in person payments)

In summary, Mike proposes a pernicious and controversial mechanism, and no-one agrees that that's the way to solve the problem of offering double spending as a service. Mike tries hard to suggest it's not controversial or pernicious, and no-one agrees with that either.

Case closed. (file under "Mike Hearn - controversial proposals")

Great analysis. There really is no "problem" with double spend attempts other then that they are rejected by the network as intended.

[5flags]

Firstly, I think we need to accept that P_0-confirm will never be 0.  It is simply not possible for the entire world to come to consensus one every transaction in less than a second. 

Agreed.

Fraud is a crime committed by humans.  It should be fought at the social level.  If a user double-spends against a merchant, how is this different than someone passing off a fake $20?  If a mining service assists a user to double-spend, then how is this different that a counterfeiting cartel selling fake bills at a discount?  We already have mechanisms to fight fraud.

Yes, fraud is a social problem. But what is Bitcoin, if not a technological solution to a social problem (i.e. the need to transact securely and freely)?

[Peter R]

The financial result is the same as if the original BTC were reallocated, even if the technical details are different.

Those mere technical details are in fact the relevant difference.

Doing a sufficient amount of work to orphan part of the chain has a high cost associated with it. Holders of Bitcoin can calculate the risk losing their funds due to a reorg because that cost can be calculated.

When you allow miners to confiscate generation outputs with a mere vote instead of via the proof of work process it becomes easier to do, therefore it will be used more often.

It also most certainly will not stop with confiscating the rewards of "bad" miners. Of course that's just the small end of the wedge. Once voting by miners, as opposed to producing the valid ECDSA signatures, is established as a legitimate way of editing the ledger, then the path will be cleared to enable all sorts of other editing.

This is exactly how to destroy Bitcoin - by taking away its most important advantage it holds over legacy currencies.

What I highlighted in bold is key.  To spend an output, one must produce a valid ECDSA signature.  If it ever becomes possible to spend ("reassign") outputs without a valid ECDSA signature but with a vote instead, then the legitimacy of the blockchain ledger is lost.  Any balance would be subject to confiscation by popular opinion (tyranny of the majority). 

[murraypaul]

Bitcoin is powerful because it is useful.  It is therefore useful both for good and for bad, by definition.  Any attempt to make it less useful for bad will also make it less useful for good.  

I guess what I'm trying to understand is this: Finney attacks as a service are an entirely predictable reality. What response should there be? Is Mike's proposal any more likely to be abused than a mining pool providing double spends as a service?

Firstly, I think we need to accept that P_0-confirm will never be 0.  It is simply not possible for the entire world to come to consensus one every transaction in less than a second. 

That being said, how can we minimize the success rate of double-spend attempts?  The answer is to make it easier to come to consensus!  This means that miners and nodes should accept into mempool and relay all valid transactions.  This means that miners should build on top of the longest chain in all circumstances.  This means that protocol rules should be simple and codified. 

The likely way forward to provide merchants more security for 0-conf transactions would seem to be a service offered by a collection of large mining pools, where the merchant could submit a transaction, and receive the following guarantees:
- We have not seen a conflicting transaction
- We will accept your transaction
- We will not replace it with any conflicting transaction
- We will relay your transaction to all of our peers
- We will include your transaction in our next block
(Controversially, if the merchant pays extra)- If a block is created with a conflicting transaction, we will not build off it, but will work to orphan it and include your transaction in our replacement block

If enough hashing power agrees to offer guarantees like that, it would be in the interests of all other miners not to mine a conflicting transaction either, to avoid being orphaned.

[Peter R]

Bitcoin is powerful because it is useful.  It is therefore useful both for good and for bad, by definition.  Any attempt to make it less useful for bad will also make it less useful for good.  

I guess what I'm trying to understand is this: Finney attacks as a service are an entirely predictable reality. What response should there be? Is Mike's proposal any more likely to be abused than a mining pool providing double spends as a service?

Firstly, I think we need to accept that P_0-confirm will never be 0.  It is simply not possible for the entire world to come to consensus one every transaction in less than a second.  

That being said, how can we minimize the success rate of double-spend attempts?  The answer is to make it easier to come to consensus!  This means that miners and nodes should accept into mempool and relay all valid transactions.  This means that miners should build on top of the longest chain in all circumstances.  This means that protocol rules should be simple and codified.  

The likely way forward to provide merchants more security for 0-conf transactions would seem to be a service offered by a collection of large mining pools, where the merchant could submit a transaction, and receive the following guarantees:
- We have not seen a conflicting transaction
- We will accept your transaction
- We will not replace it with any conflicting transaction
- We will relay your transaction to all of our peers
- We will include your transaction in our next block
(Controversially, if the merchant pays extra)- If a block is created with a conflicting transaction, we will not build off it, but will work to orphan it and include your transaction in our replacement block

If enough hashing power agrees to offer guarantees like that, it would be in the interests of all other miners not to mine a conflicting transaction either, to avoid being orphaned.

This is (sort of¹) how bitcoin already works except the merchant receives this "service" by default.  And this is why even 0-confirm double-spend attempts careful crafted to game mempool acceptance heterogeneity still only succeed with a small probability.  

I think most people who want to "fix" bitcoin don't realize how secure it already is!


¹Bitcoin is more secure and not as convoluted.

[Peter R]

I wanted to add a note to new readers:

At any time, I can modify the bitcoin source code to allow me to spend your coins.  But since no one else will agree to use this source code, my transactions will only be accepted by my node.  If I mine a block where I spend your coins, then the network will reject my block (and I'll also lose the 25 BTC coinbase award).  I could keep mining on my "Peter R" fork, and in fact could award myself 1,000 BTC block rewards, but if no one wants to play by my rules, then doing so would be pretty pointless.  

The point is that no one can force a change to bitcoin.  Only simple changes with extremely broad support would ever be adopted because the process is entirely voluntary.  We'll never agree on something like re-assignment of balances by popular opinion and even if enough people supported it (and they won't), the network would fork and we'd have two coins: (1) confiscation coin, and (2) bitcoin.  If you had 10 BTC at the time of the fork, you'd control 10 BTC on the bitcoin chain and 10 BTC on the confiscation-coin fork.


Just look at how long it took us all to agree that the new unit should be 10^-6 BTC and that it should be called "bits"!

[murraypaul]

The likely way forward to provide merchants more security for 0-conf transactions would seem to be a service offered by a collection of large mining pools, where the merchant could submit a transaction, and receive the following guarantees:
- We have not seen a conflicting transaction
- We will accept your transaction
- We will not replace it with any conflicting transaction
- We will relay your transaction to all of our peers
- We will include your transaction in our next block
(Controversially, if the merchant pays extra)- If a block is created with a conflicting transaction, we will not build off it, but will work to orphan it and include your transaction in our replacement block

If enough hashing power agrees to offer guarantees like that, it would be in the interests of all other miners not to mine a conflicting transaction either, to avoid being orphaned.

This is (sort of¹) how bitcoin already works except the merchant receives this "service" by default.  And this is why even 0-confirm double-spend attempts careful crafted to game mempool acceptance heterogeneity still only succeed with a small probability.  

I think most people who want to "fix" bitcoin don't realize how secure it already is!
¹Bitcoin is more secure and not as convoluted.

There is no guarantee that a transaction will be included in the next block.
And 3-4 are assumed to be default behaviour, but not required?
Plus, the merchant currently only receives the 'service' from the node they submit to. Receiving it simultaneously from pools covering say 60% of hashing power is a much more powerful guarantee.

[snarlpill]

I wasn't able to read through the whole thread at the moment, but is there really a problem with double-spends and the BTC network? I've never had any occur, or seen any myself.

[Peter R]

There is no guarantee that a transaction will be included in the next block.

There cannot be a guarantee that a transaction will be included in the next block unless you control 100% of the hash power. 

And 3-4 are assumed to be default behaviour, but not required?

I don't follow. 

Plus, the merchant currently only receives the 'service' from the node they submit to. Receiving it simultaneously from pools covering say 60% of hashing power is a much more powerful guarantee.

Merchants can already estimate the % of the network that has accepted a transaction into mempool by employing a well-connected listening node.  The "service" of finding out if a peer has TX1 (or a conflicting variant TX2) in mempool is just one of the perks of being a node lol.


If most of the network has accepted TX1 into mempool, then most likely it will be TX1 that gets mined.  If 10% of the hashpower has TX2 in mempool then the probability that TX2 gets confirmed (instead of TX1) is approximately 10%. 

[Peter R]

I wasn't able to read through the whole thread at the moment, but is there really a problem with double-spends and the BTC network? I've never had any occur, or seen any myself.

Here's an example of one of the possible issues:

Right now, Miner E controls 10% of global hash power and will not accept TXs that spend outputs to certain on-chain gambling sites, while most other nodes and miners accept and relay all valid TXs.  

As Peter Todd demonstrated, if a fraudster wants to attempt to double-spend a 0-confirm TX, then he can create a TX that pays 0.1 BTC to a merchant and 0.001 BTC to an on-chain gambling site.  This TX will be accepted by 90% of the network hashpower (rather than almost 100% if he hadn't included the 0.001 BTC to the gambling site).  

Next, the fraudster receive the merchandise from the store, goes to his car (before the TX is confirmed) and broadcasts a new TX that double-spends those coins to an address that he controls.  Most nodes and miners reject it, but Miner E accepts this into mempool (b/c they don't perceive it to be a double spend).  Since Miner E controls 10% of the global hash rate, he succeed in defrauding the merchant approximately P = 10% of the time.  

If we assume that F = 5% of the population attempts to double-spend at every opportunity and has the capacity to game the mempool heterogeneity, then the total losses due to zero-confim fraud are:

   losses = F x P = 0.1 x 0.05 = 0.5%

If this (or whatever loss % applies to your business [F and P are not constant]) is too great a risk, then require 1 or more confirmations.  

The Mike H proposal is to try to reduce P by adding additional complexity to the protocol that will result in heterogeneity to the block-acceptance criteria.  IMO this will actually make the network less secure and increase fraud risk.  


I agree that many people are hand-waving about the dangers of 0-confirm double spends but I've never seen any real statistics on F and P in various cases; perhaps BitPay has them...

[murraypaul]

There is no guarantee that a transaction will be included in the next block.

There cannot be a guarantee that a transaction will be included in the next block unless you control 100% of the hash power.  

There is no guarantee that [once] a transaction [has been received by a pool it] will be included in the next block [mined by the pool].

And 3-4 are assumed to be default behaviour, but not required?

I don't follow.  

There is nothing stopping a node deciding to drop a transaction from its mempool and prefer a different one, or deciding not to relay it.

Plus, the merchant currently only receives the 'service' from the node they submit to. Receiving it simultaneously from pools covering say 60% of hashing power is a much more powerful guarantee.

Merchants can already estimate the % of the network that has accepted a transaction into mempool by employing a well-connected listening node.  The "service" of finding out if a peer has TX1 (or a conflicting variant TX2) in mempool is just one of the perks of being a node lol.

If most of the network has accepted TX1 into mempool, then most likely it will be TX1 that gets mined.  If 10% of the hashpower has TX2 in mempool then the probability that TX2 gets confirmed (instead of TX1) is approximately 10%.  

How many merchants are going to be interested in running a full bitcoin node, just to be able to safely process transactions?
I'm sure most would rather pay a small fee to someone else to provide that guarantee for them.
The way to gain mainstream acceptance is to hide the technical details, and provide simple services, not to require everyone else to learn all about it.
Merchants don't have to deal with each and every little bank out there, they deal with Visa and Mastercard instead.

[Peter R]

There is no guarantee that a transaction will be included in the next block.

There cannot be a guarantee that a transaction will be included in the next block unless you control 100% of the hash power.  

There is no guarantee that [once] a transaction [has been received by a pool it] will be included in the next block [mined by the pool].

A sufficiently high fee should (nearly) guarantee inclusion in the next block found by honest miners.  Market-driven floating fees and child-pays-parent prioritizing should also make the TX priority criteria more transparent and flexible in the future.  Your idea would actually give less predictable results while paying the miners twice (the standard fee and some "monthly service fee" you seem to be proposing).    

And 3-4 are assumed to be default behaviour, but not required?

I don't follow.  

There is nothing stopping a node deciding to drop a transaction from its mempool and prefer a different one, or deciding not to relay it.

Nothing besides the source code.  Compliant nodes neither accept double-spent TX variants into mempool nor relay them to their peers.  If a non-compliant peer floods the network with numerous TX variants spending the same outputs, they will be dropped as part of DoS mitigation.  

If you imagine a network where the majority of nodes and miners just start doing "whatever" then we have bigger problems lol.  

Plus, the merchant currently only receives the 'service' from the node they submit to. Receiving it simultaneously from pools covering say 60% of hashing power is a much more powerful guarantee.

Merchants can already estimate the % of the network that has accepted a transaction into mempool by employing a well-connected listening node.  The "service" of finding out if a peer has TX1 (or a conflicting variant TX2) in mempool is just one of the perks of being a node lol.

If most of the network has accepted TX1 into mempool, then most likely it will be TX1 that gets mined.  If 10% of the hashpower has TX2 in mempool then the probability that TX2 gets confirmed (instead of TX1) is approximately 10%.  

How many merchants are going to be interested in running a full bitcoin node, just to be able to safely process transactions?
I'm sure most would rather pay a small fee to someone else to provide that guarantee for them.
The way to gain mainstream acceptance is to hide the technical details, and provide simple services, not to require everyone else to learn all about it.

Merchants can employ a listening node by using a third-party payment processor such as BitPay.  Your idea would actually give less predictable results.  

[EFFV]

It's the confidence that bitcoin users have in the perception of the bitcoin protocol as it currently exists which gives bitcoin its value.

It's the confidence that bitcoin users have in the perception of the bitcoin protocol as a trustless system which gives bitcoin its value.

It's the confidence that bitcoin users have in the perception of the bitcoin protocol as a decentralized system which gives bitcoin its value.


No doubt Mike Hearn is a smart guy, but his technological arrogance is such that he's playing with fire by desiring to change the core principles as established by Satoshi, the very principles that have caused bitcoin to be the success it is today.

Don't bite the hand that feeds you, Mike. Bitcoin has value precisely because it is not what you want it to be.



Overall, if Mike Hearn feels so strongly about his ideas, then he should create his own altcoin/payment system distinct from bitcoin.

But that's unlikely, for I assume Mike Hearn et al are pursuing such dangerous ideas based upon potential personal profit.

+1

[dwma]

The article led me to research Peter Todd and Mike Hearn.  I came away a new fan of Peter Todd. 

LOL @ developers scared to post on the dev list because of him.

I wonder what the nature of the smoke in the backroom was ?

Dan Larimer and Peter Todd FTW.

[tvbcof]

The article led me to research Peter Todd and Mike Hearn.  I came away a new fan of Peter Todd. 

LOL @ developers scared to post on the dev list because of him.

My reaction as well.  I thought it sounded like something from The Onion.

Seriously, anyone who is hiring developers who are to timid to defend their work or put up with some occasionally harsh criticism might want to keep their HR dept active.  Nothing is more valuable than having a bright and sometimes antagonistic set of eyes making observations in my experience.

And for several years I seem to notice a pattern of Gavin saying some pretty offensive things in a passive/aggressive manner then acting all butt-hurt when others escalate things.

I wonder what the nature of the smoke in the backroom was ?

Dan Larimer and Peter Todd FTW.

I've been a fan-boi of Todd's and Maxwell's for a while now.  Garzik used to be up there but has fallen off.  I don't follow things closely enough to know much about Larimer.

I'm really heartened to see the grey-beards working on sidechains.  I like the treechains idea even better in principle but I'd take either.  And maybe even both.  I'll bet that those who are involved with both efforts have the native ability to recognize the strengths, weaknesses, and overlaps of the respective works, and I hope they choose to cooperate be it in Bitcoin or on a more general-use publishing system.

[HeliKopterBen]

If we assume that F = 5% of the population attempts to double-spend at every opportunity and has the capacity to game the mempool heterogeneity, then the total losses due to zero-confim fraud are:

   losses = F x P = 0.1 x 0.05 = 0.5%

I couldn't imagine F being that high anyway. 

This problem would mainly apply to face-to-face transactions of little value and merchants could be alerted as soon as a double spend is detected.  The thief would hardly have left the building by that time and could be arrested in many cases.  Let the justice system handle it for now and if it becomes a chronic problem then revisit the issue.

As we have seen with the March 2013 fork, protocol changes can have unintended consequences.  I vote to tread as lightly as possible in that respect.

[froggyfeels]

1. Is there any reason to worry that the current mode of bitcoin development is starting to deviate from the original intentions of Satoshi?
2. Who are the people pushing for such a bad change, and what associations do these people have?
3. What can normal people do about it, normal people who have their plate mostly full with real life issues already?
4. Should there be a new foundation, replacing or in addition to the existing bitcoin foundation, and if so, how would we assure that this foundation also did not become corrupt?
5. Would perhaps the best idea be to monitor the source code and make efforts to alert the community if certain changes were implemented?
6. Is power of various resources in the bitcoin community to centralized? I noticed there's an overlap of mods of bitcointalk and r/bitcoin for instance. Who controls the wiki and so on. I think it's important that there's not a single person or group of persons having too much power. Even if they do not intend to misuse their power, they might if a gun is put to their head, or to the head of their families.
7. The cryptocurrency world is fast paced, and it is hard to pay attention to everything that happens, is there a central repository where the most important issues are handpicked and highlighted? I noticed your blog seems to be a good source.

I don't have specific answers to these questions.

In general, it's not a good idea to rely on single individuals or organizations to protect your interests. The interests which are threatened by Bitcoin are very good at subverting that kind of organization.

The most important thing you can do as a Bitcoin user is realize that you've got options. Satoshi's client is no longer the only game in town, with libbitcoin and btcd maturing as viable alternatives.

If it were up to me the community's focus would be on making the Bitcoin network heterogenous, with no single implementation running a majority of the network. The fact that all miners run on the same reference implementation is only slightly less of a problem than the 51% attack everybody is so worried about.

The international Bitcoin community should be hard at work building independent alternatives to US-centric services and software if they want their own interests to be protected.

Very well put my man.