Fundamentals of a decentralized Bitcoin network

[andikarl]

Dear Bitcoin-Developer-Forum,

I am new here and I want to participate in trying to improve Bitcoin.
As I experienced during reading here and at Hackingdistributed.com there is a big difference between people
who want major changes and people who want to defend the Bitcoin architecture we have today. I understand
both positions very well but to either case it is important to set up fundamentals for a new Bitcoin era.
That would be an era when Bitcoin is able to emerge more and more to a big crypto currency who plays a major role on the currency market. For such a case it is inevitable to be able to guarantee decentralization on the long term or it will cease to exist.
So I thought about ways how it would be possible to make such a guarantee stamp work:

http://techreports2014.wordpress.com/2014/09/07/fundamentals-of-a-possible-new-bitcoin-fork-bitcoin-2-0/


In this article at my Blog I launched just a couple of days ago I describe a few ideas of a way to guarantee decentralization. Certainly there are lot of points not yet fully worked out. But it was important for me to share this here, before going too much into detail. Maybe some of you would like to join in for a discussion or even to help work it out more deeply.
I hope I can give you at least some hints to help to improve Bitcoin.

Cheers,
Andrew

[1714746039]

1714746039

[1714746039]

1714746039

[1714746039]

1714746039

[1714746039]

1714746039

[railzand]

Might I suggest you read a lot more and write a lot later on in life.

[andytoshi]

I would send out “ping” requests from each client and miner to each other. So basicly all clients and miners are measuring the round trip delay. By the mass of information of the roundtrip delay they can calculate the “position” stamp. Through this response time pattern we could map them on a virtual location map.

There is no way to prove past geographic location in a publically verifiable way. You definitely cannot prove geographic location of mining, which has variance on the order of minutes, since the earth is something like 100 milliseconds in circumference.

[andikarl]

@andytoshi

I think I have to explain it it an other way:

If I have a miner at location x, and 4 different clients or miners send the miner at location x, request response requests, and then we have 4 different round trip delay time domains. From this time domains the miner x gets a timedomain pattern. If the miner switches position he gets different timedomains.
I hope it is now more clear.

[andikarl]

Might I suggest you read a lot more and write a lot later on in life.

Thanks a lot for the advice - I already read a lot and want also to write a lot But at one point you have to start writing But I am still reading and also want to read a lot.

[jl2012]

Might I suggest you read a lot more and write a lot later on in life.

Thanks a lot for the advice - I already read a lot and want also to write a lot But at one point you have to start writing But I am still reading and also want to read a lot.

It is very easy to cheat with your system: just deliberately delay the ping response.

Also, VPS are dirt cheap and a monopoly miner could easily pretend to be many small ones scattering all over the world: the ASIC hasher could be geographically unrelated to the network node

If you really have read a lot you should learn that your idea is not new and is a bad one, and you could save the time for re-writing this bad idea.

[andytoshi]

If I have a miner at location x, and 4 different clients or miners send the miner at location x, request response requests, and then we have 4 different round trip delay time domains. From this time domains the miner x gets a timedomain pattern. If the miner switches position he gets different timedomains.

That's not publically verifiable. As jl2012 observes it is not even privately verifiable because it is trivially forgeable (and definitely attacker controllable even if the actual miner is honest).

[andikarl]

@jl2012;  @andytoshi

If I have a miner at location x, and 4 different clients or miners send the miner at location x, request response requests, and then we have 4 different round trip delay time domains. From this time domains the miner x gets a timedomain pattern. If the miner switches position he gets different timedomains.

That's not publically verifiable. As jl2012 observes it is not even privately verifiable because it is trivially forgeable (and definitely attacker controllable even if the actual miner is honest).

You both are right if there are not many miners and clients. But if you have enough independent clients and miners which send out response requests through the same ports you also use for mining then we have a complete different situation. Yes a miner could slow down the ping response. But it would also effect mining. And I would implement the pattern of the pingresponses into the Blockchain. So it is difficult for an attacker to be able to fake a response pattern. He has to recreate the response pattern which was generated by a lot of clients/miners byte response of him. I hope I made it clear.
But if you feel this is not new please quote a site/forum where it was already suggested? Thank you.

[andytoshi]

Yes a miner could slow down the ping response. But it would also effect mining.

How could this be done?

And I would implement the pattern of the pingresponses into the Blockchain. So it is difficult for an attacker to be able to fake a response pattern.

Blockchains only do one thing: produce an ordering. They do not enable unforgeability.

He has to recreate the response pattern which was generated by a lot of clients/miners byte response of him.

I'm not sure what this means.

But if you feel this is not new please quote a site/forum where it was already suggested?

Proof of location shows up on #bitcoin and ##crypto every so often. There was a paper recently related to privately verifiable proof-of-location, but I can't seem to track it down. It's not clear to me that publically verifiable proof-of-location even makes sense --- "location" is not defined consistently and simultaneously for more than one observer!

[jl2012]

@jl2012;  @andytoshi

If I have a miner at location x, and 4 different clients or miners send the miner at location x, request response requests, and then we have 4 different round trip delay time domains. From this time domains the miner x gets a timedomain pattern. If the miner switches position he gets different timedomains.

That's not publically verifiable. As jl2012 observes it is not even privately verifiable because it is trivially forgeable (and definitely attacker controllable even if the actual miner is honest).

You both are right if there are not many miners and clients. But if you have enough independent clients and miners which send out response requests through the same ports you also use for mining then we have a complete different situation. Yes a miner could slow down the ping response. But it would also effect mining. And I would implement the pattern of the pingresponses into the Blockchain. So it is difficult for an attacker to be able to fake a response pattern. He has to recreate the response pattern which was generated by a lot of clients/miners byte response of him. I hope I made it clear.
But if you feel this is not new please quote a site/forum where it was already suggested? Thank you.

Assuming your strategy works (which I seriously doubt), a monopoly miner can buy VPS all over the world and pretend to be many smaller independent miners.

[andikarl]

Dear Andytoshi and jl2012,


Why slowing the ping down would affect mining:
First, the communication between miners in a pool for example and even of a big miner, who mines on his own has to communicate with each other and the network. So it is possible to "hide" the request routines for latency time measurements in packages which are exchanged anyway.
Slowing down the receiving of packages would slow down the mining process. This is not in the interest of anyone.
If done, the swarm intelligence of the rest of the network could countermeasure. About the swarm intelligence which will in my scenario calculate the "position" patterns in cyberspace and would react to attacks which would cause wrong/faked "position" patterns, I will write a more in-detail article as soon as possible.

Implemantaion into the blockchain:

Yes the blockchain produces order. I mean here an implementation into the calculation of a block. It it is necessary to implement the "position" pattern into the blocks so that it is sure where someone has already mined and from where mining is not allowed at the moment or anymore.

This idea or suggestion was already there:

If it shows up so often, please give sources.I have not read about anything which works similar to this kind of proof of location. And in a sense it is not proof of
a real location. It is a proof of response patterns. Please provide me the paper or other sources you´re talking about. Thanks.

@jl2012
"Assuming your strategy works (which I seriously doubt), a monopoly miner can buy VPS all over the world and pretend to be many smaller independent miners."

That is a good point.
I don´t think that this could work if the whole network would detect that someone is just relaying data and still mines at the same "place". The network would detect, that
from each VPS the same Blocks are transfered. But either way the monopoly miner has to change its VPS all the time to really outsmart the swarm intelligence.
I am sure there is also a algorithmic solution to counteract this.
But you are right this could be a vulnerable point.

Cheers,
Andrew

[jl2012]

This is my last reply on this topic.: If you still insist this is a workable solution, just implement yourself. I'm sure no developer here would do this.

[andikarl]

This is my last reply on this topic.: If you still insist this is a workable solution, just implement yourself. I'm sure no developer here would do this.

I am sorry that you are not interested. Look I do not want to force anyone here to help me with a fork.
I will try to do more homework to make my point, but noone here as is able to quote articles or papers which already dealt with a proof of location topic. But you are telling me there has been plenty of such suggestions. Sorry but I can not find them. Maybe I searched in a wrong way but it would have been nice if you at least gave me a hyperlink.
A respectfull discussion means for me that the other discussion partners are providing what they are talking about.
You and andytoshi had a few points of criticism why this is not a workable solution. They are good points.
I gave you an answer to that, why I think it is still a workable solution and your answer is you don´t want to reply anymore?
If it is does not work then it should be easy to answer to my points in my last post and explain it to me why it still should not work.
I dont say that this works perfectly how I say it should work. Certaily it is an improvable suggestion. But that is why I wanted to talk about that here. I could have gone to an Altcoin-Forum to present this.
But I think Bitcoin is a good thing and I would love to help. If you have some problems which you think are more suited to think about just tell me.
Thank you.

[andytoshi]

Slowing down the receiving of packages would slow down the mining process.

Why? I don't believe this is true period, and I definitely don't believe it is true when the delays needed to forge location are on the order of milliseconds.

For that matter, how does this timing translate into any sort of location data? How do you determine network weather conditions? How do you compensate for slowed links?

And you haven't touched the issue of public verification at all. Here is an easy first question: how do you define location for multiple observers? You cannot use relative distances, those are not well-defined. A less easy question is, how can you define location in a way that can be feasibly measured by participants long after the fact?

If done, the swarm intelligence of the rest of the network could countermeasure.

This is not a solution. This is magical thinking.

Yes the blockchain produces order. I mean here an implementation into the calculation of a block. It it is necessary to implement the "position" pattern into the blocks so that it is sure where someone has already mined and from where mining is not allowed at the moment or anymore.

Again, a restatement of your earlier thoughts. It is not at all clear how to do this or whether it can be done.

If it shows up so often, please give sources.I have not read about anything which works similar to this kind of proof of location. And in a sense it is not proof of
a real location. It is a proof of response patterns. Please provide me the paper or other sources you´re talking about.

Perhaps jl2012 has something specific in mind. But it is common sense that it is impossible to prove location in a decentralized way because the laws of physics do not admit a way to even measure it. (This is Mach's principle.) You would therefore have to localize to earth and attempt to prove location relative to earth. Well, the earth is an extremely noisy place and is occupied by attackers, so you would likely need to use some sort of proof of early knowledge of astronomical data...but now you require extremely specialized equipment to verify proofs, and all independent verifiers need to be collecting historical data for as long as they want to verify these proofs. So this is a no-go.

I gave you an answer to that, why I think it is still a workable solution and your answer is you don´t want to reply anymore?

The problem is that you didn't give any answer as to why you think it's a workable solution, and it seems that you have a fundamental misunderstanding of what the problem is. It is not clear where this misunderstanding is, so the result is that communication becomes very difficult. I encourage you to develop a layman's understanding of relativity, and to spend some time studying cryptography to get a feel for what an argument for security needs to look like. The first such argument I read was Hash function requirements for Schnorr signatures, which operates in the absurdly-unrealistic "generic group model" but as I recall, is self-contained and the core argument is easy to follow. I'm not asking you to produce an academic cryptographic proof of your ideas (as I've indicated, I believe you can't because this problem is impossible), but to at least outline what your attack model is and how your system is secure under this model.

[andikarl]

Why? I don't believe this is true period, and I definitely don't believe it is true when the delays needed to forge location are on the order of milliseconds.

For that matter, how does this timing translate into any sort of location data? How do you determine network weather conditions? How do you compensate for slowed links?

And you haven't touched the issue of public verification at all. Here is an easy first question: how do you define location for multiple observers? You cannot use relative distances,
those are not well-defined. A less easy question is, how can you define location in a way that can be feasibly measured by participants long after the fact?

Thanks for your answer. It shows me that I have to rework my article, so that it goes more in detail.
You have here a misunderstanding. I am not neccessarly talking about real location proof. I am also not a layman, so dont insult me please. I studied physics.
You are thinking into the wrong way. We are not talking about the exact measuremnet of a person´s/clients/miners position in earth coordinates.
We are talking about a pattern of response times. Certainly this pattern changes if someone changes positon with his client. Nobody can now
calculate the exact position of this client only by the pattern data. But virtually this pattern represents a "position".
Certainly this pattern is not measured exactly. It has to be given a tolerance window.
If we have 100 clients, who are distributed on the whole earth or even in space, as you like to bring in some astronomy, we would get now different response patterns for all
100 clients. Do you concur with that?
Due to different network conditions and different connections to the internet you get different patterns for people who are really on the same positions. Or if someone forges
the request we get also different patterns. So far I think we both concure, dont we?

My suggestion only works if we have a lot of knots. Then this Round trip delay methode does work. Because with the mass of knots the pattern accuracy is increasing. Then I can
determine network problems, poor connections. Delays if they are short enough are indeed difficult to detect. But you forget a second important part of my idea.
Mining is only possible with specific patterns. The patterns are not known publicly. Only after a block was solved the new one is published.
so the attacker who wants to mine on the same location with a different pattern, has to calculate the delays very good. The delays have to be matched to all incoming requests
to generate the right pattern. I think you see, that with the increasing number of clients, miners, this is difficult.
I hope I could explain well enough. But if I have time I will try to explain it more in detail in an article.
At the moment I have lots of things to do.
Thanks for the link to the hash function requirements.
Cheers,
Andrew

[jgarzik]

Byzantine threat modeling.

When creating a high level design, you must follow each data source to its provider, and consider how these data sources may be manipulated, to fool victims into seeing what the attacker wishes the victim to see.

[andytoshi]

The patterns are not known publicly. Only after a block was solved the new one is published.
so the attacker who wants to mine on the same location with a different pattern, has to calculate the delays very good. The delays have to be matched to all incoming requests
to generate the right pattern.

Imagine you are a new user presented with two blockchains. The user cannot make any sense of the "response time patterns" encoded in them because the user is not in contact with any miners, she just sees a static blockchain. So she will select the one with the most work, just like today.

Now consider from the attacker's point of view. If the "honest miners" are using some mining method that requires communication for PoW (note that Bitcoin's proof of work does not require any such communication, it can be done totally offline, and is done offline --- mining hardware does not have network connections, they are devices where you give them a blockheader and they give you a nonce), while the attacker is simply making up response times to satisfy whatever rules you have added, then the attacker has a huge advantage and will be able to create a chain with much more work.

Can you explain why this is wrong? Can you also explain the incentive to honestly mine when you can get much more work per time from "dishonest" mining?

[2112]

I think your methodology is very similar to the "network coordinates" technology from Harvard.

They piggybacked it on Azureus (a bittorrent client) and it was used for a while under the name Vivaldi.

Here's the link I was able to find quickly:

https://www.usenix.org/legacy/events/nsdi07/tech/full_papers/ledlie/ledlie_html/index.html

but there are much better papers about the subject, I just can't recall the specifics anymore.

Personally I think this is an internet age reinvention of the geocentric astronomy and the mathematical model that allowed the geocentric astronomers achieve a tolerable accuracy.

Edit: Also, a Wikipedia link:

http://en.wikipedia.org/wiki/Vivaldi_coordinates

[andikarl]

Dear all,

thank you for your posts. I am now back and have some time to reply  
I know for my solution we require are really big hard fork with big changes. I know that this is difficult. But this thread wants to show the fundamental properties of a fully decentralized cryptocurreny network.
I am working on a Beta version. It will take time. It will show my ideas more in an real environment. I hope after that a few developers may join in to develop it further.

You are also welcome to post here your ideas on fundamental properties of a fully decentralized cryptocurrency.

Cheers,
Andrew

I think your methodology is very similar to the "network coordinates" technology from Harvard.

They piggybacked it on Azureus (a bittorrent client) and it was used for a while under the name Vivaldi.

Here's the link I was able to find quickly:

https://www.usenix.org/legacy/events/nsdi07/tech/full_papers/ledlie/ledlie_html/index.html

but there are much better papers about the subject, I just can't recall the specifics anymore.

Personally I think this is an internet age reinvention of the geocentric astronomy and the mathematical model that allowed the geocentric astronomers achieve a tolerable accuracy.

Edit: Also, a Wikipedia link:

Good to hear that "somebody" already implemented similar technologies. That shows that it could be a working solution.

Imagine you are a new user presented with two blockchains. The user cannot make any sense of the "response time patterns" encoded in them because the user is not in contact with any miners, she just sees a static blockchain. So she will select the one with the most work, just like today.

Now consider from the attacker's point of view. If the "honest miners" are using some mining method that requires communication for PoW (note that Bitcoin's proof of work does not require any such communication, it can be done totally offline, and is done offline --- mining hardware does not have network connections, they are devices where you give them a blockheader and they give you a nonce), while the attacker is simply making up response times to satisfy whatever rules you have added, then the attacker has a huge advantage and will be able to create a chain with much more work.

Can you explain why this is wrong? Can you also explain the incentive to honestly mine when you can get much more work per time from "dishonest" mining?

Good points.
In my solution mining should be only possbile if there is a regular communication with the internet. It is very difficult for the attacker to make up the right response patterns. He has to calculate in advance all the time frames he has to add or subtract(from all the other client requests) to be able to make a response pattern, which would equal the pattern with which mining is possible.
Don´t forget, that everything would stay the same - it is only about mining "locations"!! All clients and miners can send out response requests. So you have to control a lot of this clients to falsify it.

Byzantine threat modeling.

When creating a high level design, you must follow each data source to its provider, and consider how these data sources may be manipulated, to fool victims into seeing what the attacker wishes the victim to see.

Thanks for the advice  
What is your opinion on mining onyl at specific "cyber locations"?