Alternative to hiding away the wallet until launch using signed genesis block?

[rarkenin]

Being frustrated with launch delays recently, I was wondering about the effectiveness of keeping wallets secret via a password or waiting to release it, and how ineffective that's proven.

I was wondering if it is technically reasonable to provide a wallet immediately, with the hash (exact) of the genesis block (or an ECDSA pubkey that must sign the genesis block), so the actual mining operations cannot start until after that block is released. Obviously, a bunch of users could modify the wallet of FooCoin to accept a different genesis block (released earlier), though then one can't really call that coin FooCoin.

Can someone clarify if this is doable, or why not?

[bitcoinreactor]

Being frustrated with launch delays recently, I was wondering about the effectiveness of keeping wallets secret via a password or waiting to release it, and how ineffective that's proven.

I was wondering if it is technically reasonable to provide a wallet immediately, with the hash (exact) of the genesis block (or an ECDSA pubkey that must sign the genesis block), so the actual mining operations cannot start until after that block is released. Obviously, a bunch of users could modify the wallet of FooCoin to accept a different genesis block (released earlier), though then one can't really call that coin FooCoin.

Can someone clarify if this is doable, or why not?

i think i understand what you mean : you want to be able to widely distribute a client sourcecode and/or binaries, without granting anyone the ability to mine on that blockchain until _you_ decide it's ready ?

I guess you could then make that client "wait" for some signed message from you, including the genesis data.
(the client would include your public key so it can verify your signature).

But then ... another "problem" appears : what would eventually prevent you from later messing around with the genesis block, eventually changing it, invalidating it or whatever ?

A solution to this could be another client release, hardcoding the previously broadcasted genesis data, but then .... you'll force your users to download your client again, making the whole thing useless

early BTC users joined the bitcoin utopia because they could trust the client for behaving exactly as stated in its sourcecode ; includign above magic into a new client would .. go against that

[rarkenin]

Thanks, that appears to clear up my understanding of this.

[bitcoinreactor]

there's probably a clever way to do that, so it does not rely on a network message from you to decrypt the genesis block data on a given time / event / whatever, but .. can't find one right now.

But again, hitting the users trust limit is not that far, i guess

[bitcoinreactor]

i guess you could rely on another established blockchain as a datasource :

we could imagine that:

1.  your wallet/client would regularly query some bitcoin nodes (randomly choosen in included hardcoded list of dozens/hundreds of existing btc nodes), waiting for a given block height to be mined by the BTC network (with X confirmations),

2. explicitely (original code from your wallet sourcecode, since it was first released) use some properties of that future btc block (let's say nNonce & nTime) as your own genesis block properties ; also explicitely for N btc confirmations for that block, to prevent accidental use of a temporary btc forked chain.

This way, everyone should use the exact same genesis data. One would have to mine it thought, this could imply some major modifications to the client, so it allows genesis block generation (meaning full startup with no block loaded, and so on)

This would require some basic extra connectivity (btc p2p) to query other btc nodes, but yeah .. that could be "fun" somehow
Again .. you'll soon have to release another version of your client, hardcoding choosen genesis block data.

This looks extremely dangerous thought .. if you really release your client long enough before genesis block gets choosen/created, malicious users would have enough time to fake the whole thing, mining their own chain at low diff, later making that blockchain the longest one .. with no hardcoded genesis block, many nasty things could be possible then

Again, this would negate your own user's confidence in your coin, right from the start i guess

[rarkenin]

That seems interesting, I'll play with the idea a bit more on paper to see if something trustworthy can be found.