Gold collapsing. Bitcoin UP.

[Wekkel]

Bitfinex continuing to jam forward

It's creeping upward. Honey Badger...

[1713584313]

1713584313

[1713584313]

1713584313

[1713584313]

1713584313

[NewLiberty]

The fundamental issue is that the centralization, which is inherent in Bitcoin, is incredibly minuscule when compared to EVERY OTHER FORM OF MONEY with its almost nonexistent barrier to entry.  It is the reason many of us like it.  Governments are busy trying to set up barriers for people to be their own banks with Bitcoin and force people to use the current banking cartels, but ultimately it is a bit difficult to prevent so long as it is easy to download and run a node..

I fully agree that the banking sector is an oligopoly.  And the same is true of the economy in general.  And centraliaztion of the economy invariably results in centralization of political power and collapse of the democracy.

But I do not agree that bitcoin is somehow different from banks. Because:

* The same economic process that created the banking oligopoly has already created a mining oligopoly; namely, the big fish grows faster than the smal fish, and may even eat it.

See ¹

* The mechanisms that are supposed to protect the bitcoin users and the protocol from abuse by the dominating cartel do not work:

See ²

** Acting in its self-interest, the cartel will be careful not to destroy its market, but will try to maximize its gain in the long term;

** The cartel will charge monopoly-level prices and provide monopoly-quality service;

See ¹

** Users who object to the cartel have no alternative except to do without the service, or to use a much inferior one;

See ²

** For that reason, most users just accept the cartel as a fact of nature, and even try to be friends with it;

** For that reason, the cartel can define and change its terms of service, and not even a supermajority of the users can stop them;

** New providers (banks or miners) who want to enter the market and survive must submit to the cartel;

See ²

** Therefore, unhappy users may take their money to another bank or miner, but cannot break free of the cartel's power;

And so on.

By the way, a majority cartel could, by following the same script outlined in my reddit post, also undo the Bitstamp heist.  All it needs to do is block withdrawals from that address (which it can do immediately and unilaterally, by its veto power), and then force the users to upgrade to a version of the software that includes a built-in table of exceptions: transactions that violate the normal rules, but should be considered valid anyway.  For the time being, that table would have only one transaction, moving those 18'000 coins from the thief's address to the new Bitstamp's address.  The input would have 'FuckAllThieves' as the signature; which of course is not valid for that address, but the exception table will override that. 

This change to the protocol will surely cause more revolt among the fundamentalist users than the mere extension of the reward schedule.  On the other hand, it would be much easier to justify to the general users, since it would undo what is universally viewed as a crime, redress the loss of the victims, and create a powerful deterrent of future bitcoin thefts.  In fact, this hack will probably make bitcoins more valuable, increase adoption, appease hostile governments, etc. etc..  And the non-ideological users are already used to the banks doing that sort of thing.

And you can see how this will end.

The fact is, you do not really own your bitcoins, even if you are the only person who knows their private keys. Since bitcoins cannot exist outside the blockchain, they are actually owned by the miners.  Your bitcoins will stay or move only if and where the miners are willing to keep or move them.  At present, the miners will only move coins  if they get a transaction request with the proper signature.  However, if a majoritary subset of the miners agrees to do something else, they will have the power to force the users to accept it -- as long as it is less harmful to the general user than being cut off from the service.

Just like them banks.

It seems your opinion is that there is no need for bitcoin and that banks and arbitrary enforcements based on claims of thefts conducted by centralized controls of wealth ledgers are the way to go.
This is fine for you.  Others may want alternatives to this to exist in the world and use each type of wealth unit for its purpose.

Generally, we disagree on most everything in this post, with especially your assumptions about what future behaviors will occur.  These things haven't happened yet.  With vigilance and individual action, these things may never happen because it is done in the open, and not in secret banking ledgers, as pointed out previously in my last post to you (which you apparently ignored).


¹Certain of the matters discussed in this post are about future performance and constitute “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995.
Such forward-looking statements are subject to risks and uncertainties, which could cause actual results to differ materially from those anticipated. Such statements are based on the poster's beliefs as well as assumptions made. When used herein, the words “anticipate,” “intend,” “estimate,” "may," “believe,” “expect,” “plan,” “should,” “hypothetical,” “potential,” “forecast,” “project,” variations of such words and similar expressions are intended to identify forward-looking statements. Factors that may cause actual results to differ are often presented with the forward-looking statements themselves.

²They have worked so far.  Check the block chain to see if it is still incrementing.  Since your assertion is contrary to established fact, please show evidence.

[tvbcof]

http://gavintech.blogspot.ch/2012/05/neutralizing-51-attack.html

SCs will help too, it will be backup network :-)

I'm not sure I go along with that fully.  I wouldn't imagine sidechains having a very easy time of it with native Bitcoin in a state of turmoil in my conception of things.

Where I really see sidechains helping would be before troubles started.

For one, sidechains have a powerful incentive to keep Bitcoin working at least well enough for themselves to operate, but probably also well enough for everyone in order that Bitcoin remains credible as a backing store.  Indeed, as I've already (kinda) proven, straight forward simplistic mining does not have the long term potential to be profitable due to supply/demand issues with mining gear.  Sidechains would be almost forced to provide support for Bitcoin no matter what the profitability of doing so might be.  So this might provide a credible support foundation (as opposed to miners tapping other revenue streams like milking the userbase for intelligence data.)

For two, I could see sidechains acting as a force to split up mining unions as they might prefer merge mining different sets of sidechains and what-not.  I honestly don't know enough about it to know if that's a realistic hope though.

[smooth]

So this might provide a credible support foundation (as opposed to miners tapping other revenue streams like milking the userbase for intelligence data.)

If there is revenue stream, it will be tapped, regardless of what other sources of revenue there might be. Those who don't tap it will be uncompetitive. It doesn't really matter if the baseline is zero or nonzero.

[tvbcof]

So this might provide a credible support foundation (as opposed to miners tapping other revenue streams like milking the userbase for intelligence data.)

If there is revenue stream, it will be tapped, regardless of what other sources of revenue there might be. Those who don't tap it will be uncompetitive. It doesn't really matter if the baseline is zero or nonzero.

That is not true in a lot of cases, and this case in particular.  This because the intelligence only has value if the antagonist (in my opinion of things) has a certain quite large global footprint.  As an example, it probably does not have much value to Theymos what IP I come in on, and it may well be a negative to him so he may actually seek to avoid keeping that data at all.  (On the other hand, he may be selling it for all I know.)

I would anticipate certain sidechains emphasizing privacy and taking great pains to avoid data leaks in their operations.  This may limit the nature of the mining efforts from whom they will accept support.

[solex]

I just skimmed the info about IBLT yesterday to figure out what the fuck that was.  Seems kinda cool.
....

And I'm pleased that you see the potential in IBLT.
I know that your concern is that Bitcoin remains viable in a global SHTF, Katie-bar-the-door event. This is important, and I think that Bitcoin having IBLT capability beforehand will only strengthen it in the face of such times.

edit: Inverted Bloom Lookup Tables.  I hate it when people use acronyms to much and to early for the average reader...  Basically they are a condensed way to notate a list of transactions (aka, a block.)  Thus, if one already has the transactions (because they've been listening on the same network and the network is working) they can assemble the same block as someone else and be sure it is right rather than download the block containing the same data they already have.  (As i understand things.)

Just a general clarification about how transactions are condensed in an IBLT. They are present in their entirety, but XOR'd together. Some might be familiar with XOR:



Basically, in an IBLT, as per the example above, the encrypt data, Plaintext and Secret Key, are instead Unconfirmed-tx1, and Unconfirmed-tx2. This gets broadcast and nodes decrypt it by subtracting out transactions they already know, in a pre-agreed order. If a node knows both tx1 and tx2 the resulting plaintext is binary zeros. If a node knows only one of the two tx then the plaintext is the whole other tx they didn't know before. If both tx1 and tx2 are unknown by the receiver then decrypt fails and the IBLT is rejected. The risk of the latter case is the new enforcement incentive on miners to be good citizens and include consensus unconfirmed tx in their blocks.

[smooth]

So this might provide a credible support foundation (as opposed to miners tapping other revenue streams like milking the userbase for intelligence data.)

If there is revenue stream, it will be tapped, regardless of what other sources of revenue there might be. Those who don't tap it will be uncompetitive. It doesn't really matter if the baseline is zero or nonzero.

That is not true in a lot of cases, and this case in particular.  This because the intelligence only has value if the antagonist (in my opinion of things) has a certain quite large global footprint.

Markets are good at dealing with that problem. Look at google adwords. Millions of tiny web sites insert spyware ads for a bit of extra revenue and google gets a huge datastream.

[tvbcof]

So this might provide a credible support foundation (as opposed to miners tapping other revenue streams like milking the userbase for intelligence data.)

If there is revenue stream, it will be tapped, regardless of what other sources of revenue there might be. Those who don't tap it will be uncompetitive. It doesn't really matter if the baseline is zero or nonzero.

That is not true in a lot of cases, and this case in particular.  This because the intelligence only has value if the antagonist (in my opinion of things) has a certain quite large global footprint.

Markets are good at dealing with that problem. Look at google adwords. Millions of tiny web sites insert spyware ads for a bit of extra revenue and google gets a huge datastream.

I actually had to try fairly hard not to say that   It's distinctly not what I'd like to see the future of Bitcoin end up being...in spite of being aware that in the case of Google and other large players a lot of us end up with a lot of nice things 'for free' (so to speak.)

[tvbcof]

I just skimmed the info about IBLT yesterday to figure out what the fuck that was.  Seems kinda cool.
....

And I'm pleased that you see the potential in IBLT.
I know that your concern is that Bitcoin remains viable in a global SHTF, Katie-bar-the-door event. This is important, and I think that Bitcoin having IBLT capability beforehand will only strengthen it in the face of such times.

 - snip - technical details of neat trickery

That I will grant you.  If we end up in my nightmare scenario, we'll need all of the elegance and efficiency we can get, and even that might not be enough.  As a general solution to some conceivable 'mad max world' problems where data distribution is much less reliable IBLT could be quite powerful I would think.

I hope we don't end up in the scenario I'm envisioning and I'm not necessarily expecting it.  But as I've said before, I already have access to Visa, PayPal, etc, and Bitcoin becoming one more such thing with no significant or theoretical advantages doesn't really seem to me to be worth working towards.  Further, while Bitcoin does and probably always will have some advantages (chiefly related to counterparty risk) it also has some architectural 'features' which will make it hard to compete with solutions which didn't start out shooting for some of Bitcoin's goals.  At least some of the initial goals.

[HeliKopterBen]

Bitfinex continuing to jam forward

Shorts at an all-time high and continuing to rise with price.  Over 23,000 coins on loan.  I feel a squeeze coming on.

[BlindMayorBitcorn]

Bitfinex continuing to jam forward

Shorts at an all-time high and continuing to rise with price.  Over 23,000 coins on loan.  I feel a squeeze coming on.

I feel a dump coming on. Gentlemen's wager..

[majamalu]

What is your number threshold for a amount of combined pools over 51% in which you would feel safe? 10, 20, 100?  I don't think it would be hard to get 100 mining pools to conspire together.

There is no fixed number, of course. Rather, as the number of independent entities in a majority set of miners increases, their interest will be more aligned with the interest of the users.  (This is true of democracy too, by the way.)

In the case of bitcoin, one additional problem is that bitcoin ownership is highly concentrated too, and the largest holders are not miners.  So, even if the protocol were somehow fixed to require consensus of all miners (instead of just a set with 51% power), the miners would still be largely disjoint from the users, whether one counts people or bitcoins held.  So the miners might still change the protocol to increase their revenue at the expense of the users.  (Would PoS be a partial solution to this problem?)

The likelyhood of getting N mining entities to cooperate with a protocol change attempt depends also on the benefit that the miners will get from it.  For example, I would guess that nearly all of them would approve a postponement of the next reward halving.

That would destroy the confidence in Bitcoin, therefore the value of the bitcoins they want to earn.

For the same reason, they wouldn't be in favor of increasing the reward per block (although that may seem tempting to some naive souls without skin in the game).

[marcus_of_augustus]

What is your number threshold for a amount of combined pools over 51% in which you would feel safe? 10, 20, 100?  I don't think it would be hard to get 100 mining pools to conspire together.

There is no fixed number, of course. Rather, as the number of independent entities in a majority set of miners increases, their interest will be more aligned with the interest of the users.  (This is true of democracy too, by the way.)

In the case of bitcoin, one additional problem is that bitcoin ownership is highly concentrated too, and the largest holders are not miners.  So, even if the protocol were somehow fixed to require consensus of all miners (instead of just a set with 51% power), the miners would still be largely disjoint from the users, whether one counts people or bitcoins held.  So the miners might still change the protocol to increase their revenue at the expense of the users.  (Would PoS be a partial solution to this problem?)

The likelyhood of getting N mining entities to cooperate with a protocol change attempt depends also on the benefit that the miners will get from it.  For example, I would guess that nearly all of them would approve a postponement of the next reward halving.

That would destroy the confidence in Bitcoin, therefore the value of the bitcoins they want to earn.

For the same reason, they wouldn't be in favor of increasing the reward per block (although that may seem tempting to some naive souls without skin in the game).

... it's pointless arguing finer points of the technology with Stolfi, his admitted politics are diametrically opposed to what Bitcoin will achieve in terms of removing the State from monetary power levers. He is utterly convinced of the righteousness of bureaucrats to be in charge of the people's money, it is almost a religious belief if you drill down and get to the core of his objections. All his technical arguments are ultimately driven by a fundamental belief (faith-based) logic that has no reasoned counter.

[JorgeStolfi]

Obviously, and so we are back to what I already stated, which apparently you didn't bother to read.

1) There are two competing chains where one chain has only the attacker's blocks and the other chain has the honest miner's blocks. The goal of the attacker is to make their chain with their inclusion rules the longest. The network here can optionally choose the honest chain (which is what Gavin's proposal does). It also require 51% to pull off, which I don't think is possible anyway.

Which is the only possible path. This path both requires at least 51% of total hashing power, and it requires that the honest network (users, P2P nodes & miners) to ignore the 2nd chain with all transactions included. Neither of these are likely IMHO, and why the attack fails.

You still have not read my reddit posts, did you?

Summarizing them:  Say the cartel has hashpower 0.54 * Z where Z is the total.  The cartel first warns users that starting from block N, there will be a change in the protocol.   The only substantive change will be the block reward, that will continue to be 25 BTC, for another 2 years, instead of dropping to 12.5 as originally planed. This change is actually necessary and good for bitcoin because the network is in grave danger bla bla bla.  The cartel warns that users and miners who upgrade to the new version of the software, anytime before block N, will see no change at all.  Users who do not upgrade will see no change until block N, but after that their transactions will not go through, or will be confirmed an then unconfirmed -- until they upgrade too.  Starting from block N, miners who have not upgraded will not earn any rewards, until they upgrade too.

Starting with block N, the cartel redirects 0.52*Z hashpower to mine the original chain, and 0.02*Z to mine the new reformed chain, that forks from it after block N-1.

The miners working on the reformed chain (those 0.02*Z from the cartel, plus any other miners who have upgraded) use the new protocol, earn 25 BTC rewards, and accept all transactions from all clients that have upgraded.  The difficulty is lowered temporarily in that fork so that those miners can sustain a reasonable block rate.

The other cartel miners, with power 0.52*Z, keeps mining according to the original protocol; except that, starting with block N, they ignore any blocks generated by miners with the old protocol, and mine only empty blocks, always using their last (empty) block as parent. 

Thus, during that transition phase, there will be usually three chains: (1) the new main chain, gnerated according to the modified protocol; (2) the empty orthodox chain generated by the cartel; and, occasionally, (3) a short orthodox chain hanging from chain (2), generated by the orthodox miners.  Note that the original protocol says that the orthodox clients and the orthodox miners must view (2) and (3) as equally valid, and always select the longest of the two.  Since chain (2) has more hashpower working on it,  chain (3) will eventually be discarded by those clients and miners, and even orhodox miners will use the last block of chain (2) as the parent of the new chain (3).

As the non-cartel miners upgrade to the cartel version, the cartel would repartition dynamically its power so that it always retains majority power in fork (1) (to foil any counter-attacks by rebels)  and in the two forks (2)+(3), i.e. more power on (2) than the rebels have on (3).  Eventually, most of the users and miners will be happily using fork (1).  Then forks (2) and (3) can be abandoned by the cartel, since the rest of the ecosystem will not accept their bitcoins or recognize their transitions.  The cartel will forfeit all the 12.5 BTC rewards that it collected in chain (2), but it would still have half of the 25 BTC rewards from chain (1) generated in that interval.  Anyway, from then on the network and ecosystem would be just as before; but every miner would still be collecting the same revenue as before, instead having his revenue cut in half.

Since clients and miners will know this plan in advance, most of them should want to upgrade, out of self interest.  There is a bit of prisoner's dilemma there; but for greedy users and miners, who will assume that most of the other players are greedy too, the decision to upgrade is almost a no-brainer.   Only users and miners with an overpowering ideological motivation may try to stick to the original protocol, but they will only succeed if the cartel plus the defecting miners loses its majority position during the battle. 

Example during the March 2013 fork the autonomous machine decided to take the 0.8 branch, but a majority of human participants decided the 0.7 branch was a better path and shifted the machine back to that (causing a 30+ block re-org btw).

Yes, and that shows that the protocol can be changed -- even retroactively! -- if the miners agree to do that.  Note that if only the users or only the miners had agreed to the rollback, the transactions would no longer go through; but while that would be disastrous for the users, it would make almost no difference for the miners, since they would still collect rewards from their empty blocks.  And, in either case, the blockchain would use the version of the protocol that was chosen by the miners, not by the users.

If a 51% attack ever happened it would be very visible and resisted by the majority of human participants, who all want bitcoin to succeed, and who would manually choose the shorter chain made by honest miners as the valid path. Gavin's proposal would automate this selection. A 51% attack, which is what you are relying all your arguments on, is both extremely unlikely, but also ineffective. Bitcoin would easily survive a +51% attack, but it will never have to because it is not going to happen.

You (and most "51% deniers") are still fixated on one particular type of attack, and are arguing that it would not work because users and miners would disapprove of it and would even violate completely the protocol (by manually bypassing the longest-chain rule) in order to "save" bitcoin.  Again, please read my scenario above.  An "attack" that changes the protocol so as to benefit miners and is not too harmful to users will probably succeed because it will be in the self-interest all parties.  Who knows, by then Gavin may be working for the cartel and urging everybody to upgrade.

But thank you for reminding my why I bailed on the academic path years ago and decided to live in the real world. You, like most academics I've encountered, seem to believe that writing long-winded obtuse arguments in a vacuum consisting of your own reality, somehow makes you intelligent or valuable.

Well, we obvioulsy disagree about who is detached from reality here.

[smooth]

What is your number threshold for a amount of combined pools over 51% in which you would feel safe? 10, 20, 100?  I don't think it would be hard to get 100 mining pools to conspire together.

There is no fixed number, of course. Rather, as the number of independent entities in a majority set of miners increases, their interest will be more aligned with the interest of the users.  (This is true of democracy too, by the way.)

In the case of bitcoin, one additional problem is that bitcoin ownership is highly concentrated too, and the largest holders are not miners.  So, even if the protocol were somehow fixed to require consensus of all miners (instead of just a set with 51% power), the miners would still be largely disjoint from the users, whether one counts people or bitcoins held.  So the miners might still change the protocol to increase their revenue at the expense of the users.  (Would PoS be a partial solution to this problem?)

The likelyhood of getting N mining entities to cooperate with a protocol change attempt depends also on the benefit that the miners will get from it.  For example, I would guess that nearly all of them would approve a postponement of the next reward halving.

That would destroy the confidence in Bitcoin, therefore the value of the bitcoins they want to earn.

For the same reason, they wouldn't be in favor of increasing the reward per block (although that may seem tempting to some naive souls without skin in the game).

... it's pointless arguing finer points of the technology with Stolfi, his admitted politics are diametrically opposed to what Bitcoin will achieve in terms of removing the State from monetary power levers. He is utterly convicted of the righteous of bureaucrats in charge of the people's money, it is almost a religious belief if you drill down and get to the core of his objections. All his technical arguments are ultimately driven by a fundamental belief (faith-based) logic that has no reasoned counter.

+1

Also, as far as I can tell he basically has one technical argument which is the alleged riskless strategy that miners can use to increase the block rewards. He apparently thinks that users are dumb enough not only to allow their own bitcoins to be diluted, but to not understand the repeated game implications of allowing the miners to succeed in diluting them once.

It is actually very similar to the other academic attacks on bitcoin (selfish mining, programmed self destruction, etc.), which construct a model of the world, reach a conclusion, and then argue there the conclusion applies to the actual world. In fact either the conclusion applies, or the model is incomplete, or both. If these academics were actually sincere, they would recognize that the latter is as interesting a result as the former, and indeed a more valuable one, since it helps in understanding the world. But in reality they want to grab headlines, press mentions, interview and panel opportunities and generally self promote, not pursue intellectual inquiry.

I'm still waiting for an answer on my bet.

[majamalu]

What is your number threshold for a amount of combined pools over 51% in which you would feel safe? 10, 20, 100?  I don't think it would be hard to get 100 mining pools to conspire together.

There is no fixed number, of course. Rather, as the number of independent entities in a majority set of miners increases, their interest will be more aligned with the interest of the users.  (This is true of democracy too, by the way.)

In the case of bitcoin, one additional problem is that bitcoin ownership is highly concentrated too, and the largest holders are not miners.  So, even if the protocol were somehow fixed to require consensus of all miners (instead of just a set with 51% power), the miners would still be largely disjoint from the users, whether one counts people or bitcoins held.  So the miners might still change the protocol to increase their revenue at the expense of the users.  (Would PoS be a partial solution to this problem?)

The likelyhood of getting N mining entities to cooperate with a protocol change attempt depends also on the benefit that the miners will get from it.  For example, I would guess that nearly all of them would approve a postponement of the next reward halving.

That would destroy the confidence in Bitcoin, therefore the value of the bitcoins they want to earn.

For the same reason, they wouldn't be in favor of increasing the reward per block (although that may seem tempting to some naive souls without skin in the game).

... it's pointless arguing finer points of the technology with Stolfi, his admitted politics are diametrically opposed to what Bitcoin will achieve in terms of removing the State from monetary power levers. He is utterly convicted of the righteous of bureaucrats in charge of the people's money, it is almost a religious belief if you drill down and get to the core of his objections. All his technical arguments are ultimately driven by a fundamental belief (faith-based) logic that has no reasoned counter.

Agree. That's why I point out the incentives that usually statists don't see.

Statists tend to (or want to) see people as robots that will react in a predictable way to the mandates of the bureaucrats.

[JorgeStolfi]

The size of the user base and the price are not important for the experiment. But the distribution of mining power is.

Only if:  1. The mining power is abused. That hasn't happened yet in any significant way, so Peter R's argument applies equally. Every month that passes without abuse increases the chances for continued success, albeit slightly.

I understand "success" as "the bitcoin protocol provides a P2P payment system that does not require trust in a third-party authority".

We now know that the bitcon protocol does not provide that.  The protocol requires users to trust the miners; which is OK, as long as mining power is sufficiently well distributed over thousands of independent entities, benign or short-term greedy.   However, the protocol cannot prevent concentration of mining, and in fact forsters it.  Once mining is concentrated in a small number of companies, having to trust them is no longer OK.

It does not matter whether those companies ever did something bad, the problem is that users must trust that they will not do it.  That is supposed to be the bad feature of banks and credit cards that bitcoin was designed to avoid.  (Personally, I would more easily trust my money to a a bank cartel than to those 4 top mining companies.)

You seem to be saying that FooBank's saferoom is secure because in the past 2 years no one has tried to force it open; and gets more secure at each month that passes without anyone trying to force it.  Sorry...

You seem to define "success" as "the current bitcoin network will keep working and people will keep using it".

Bitcoin may still be successful in that sense; but what would be the point, if it is no longer "trustless"?

2. The distribution of mining power is stable. The real world evidence suggests the contrary. Yet you ignore it.

those 4 companies (which may actually be only 3, or 1, or may become 1 next year)

Or may become 10. Funny how you didn't include that possibility in your rhetoric. I wonder why.

The distribution of power does not have to be stable for Satoshi's goal to be frustrated.

The protocol asks us to trust that, at any time during the life of the network, no subset of miners that comprises 51% of the total power will agree to do something that violates the protocol, and will maintain that agreement long enough to make the damage permanent.

Again, one can take for granted that the members of that susbet will not agree to do that, if the subset has thousands of independent miners.  But if the subset has only a few members, one cannot make that assumption.  There is significant probability that they will agree and maintain their agreement for the time needed, especially if the violation of the protocol is profitable for that subset.  The smaller that subset, the more liikely it is that they will cooperate in such "attack".  But the, it is highly probable that such thing will happen at some point during the life of the network.

We had already a situation when GHash.io controlled by itself more than 51% of the network's total hashpower, IIRC for several days.  During that time, everybody had to trust that they would not use their power to violate the protocol; in particular, that they would not decide to change the protocol by threatening users with DoS.   

Right now, users have to trust that Discus, GHash, AntPool and BTCChina will not join forces to violate the protocol.  They have to trust that Discus, GHash, AntPool and KnCMiner will not do it either.  And that Slush, pool34, BTCMiner, KnCMiner, BTCChina, GHash, and Discus will not do it either.  And ...

You see, if power was distributed over many thousands of independent miners, all such lists would have thousads names, and users would not have to worry about the chance of all the members in one list agreing to play foul.  But right now there are two sets of 4 companies that would have the power to do that, and several sets of 8 companies or less.  The chances that all members of one of these list will form a cartel and violate the protocol is not longer negligible.   Users will have to trust that none of those potential cartels will exploit that opportunity.

The risk of protocol violation by a 51% cartel is even greater if two or more of those big companies are owned by the same people.  It is quite possible that GHash still controls more than 51%, but made an arrangement with other pools for them to nominally "host" part of GHash's power.

Even if the pie chart changes completely by next month, it is a safe bet that power will remain quite concentrated (as it has been for many months).  Again, the economics and nature of PoW mining fosters concentration, overt or disguised.

[tvbcof]

...
You still have not read my reddit posts, did you?

Summarizing them:  Say the cartel has hashpower ...

I skim your stuff sometimes.  Didn't run across the initial reddit.  I will say that I considered scoring a few retired FPGA's one time for a variety of reasons one of them being an attack of they type you suggest.  In the end I didn't bother since it didn't seem that likely.

One nicety of having everything go ASIC is that it would make the 'nuclear option' be that much more devastating.  That action would also be a golden opportunity to fix some things that Satoshi got wrong.  In the early days I did not pay much attention to mining and I believe I stated (incorrectly) that it was a boring side-show that didn't really matter much and wondered if Satoshi also saw things in the same way.  In hindsight I'm realizing how wrong I was about this.

I don't doubt that there are a variety of tactics considered to deal with Bitcoin if need be by those who are threatened, but the only ones which pose a true threat will be those sneaky ones where the seeds of destruction are planted long before anyone is aware of them and thus takes some sort of action.  It's still the case that most head-on attacks stand a decent chance of failure I think.

[Adrian-x]

2) The blocks from both the attacker and honest miners build on top of each other in a single chain. In this this situation the honest miners include all transactions skipped by the attacker, and the attack fails.

Obviously the attacker will not do that.  It will ignore all blocks that the orthodox miners put out, and continue mining empty blocks using his last mined  block as the parent.  Since the attacker has more power than the orthodox miners, his empty chain will eventually outpace every orthodox side branch, and all the orthodox blocks in the latter will then be orphaned and discarded by all the orthodox clients.

Thus, every transaction request that the orthodox clients issue will either stay unconfirmed forever, or become unconfirmed even after having been confirmed several times.  Whereas the clients who upgrade to the cartel's version will not notice any difference.

Provided SideChain are not introduced the cost to mine empty blocks becomes prohibitive, and can approach infinity, the incentive system as is rewards corporation.

At the moment you would need to spend around 150MWh to block transactions every 10 minutes.

[smooth]

You see, if power was distributed over many thousands of independent miners, all such lists would have thousads names

This statement is logically false.

Are you sure you are really a computer science professor, because most of the ones I've actually known are really quite good with logic? I guess it goes to show the range of caliber is quite wide. Sorry to be blunt but your posts are full of logical fallacy after logical fallacy.