The presumption of the mining aspect of the Bitcoin security model is that the mining majority is a broadly distributed set of independent people, not one person who controls a majority of the hash power. 

You seem to have overlooked a qualifier in your Satoshi quote: "...by nodes that are not cooperating to attack the network". A single miner with majority hash power is of course cooperating with himself. At that point the question of whether he is attacking the network is moot, it's his network.

I believe that Pieter's point is that a system optimized for orphan rate may in effect be optimized for a single entity providing all double spend protection. That works directly against the central principle of Bitcoin security. The security of the money is a function of the number of independent miners and sellers.

e

On Dec 10, 2016, at 7:17 PM, Daniele Pinna via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

How is the adverse scenario you describe different from a plain old 51% attack? Each proposed protocol change  where 51% or more  of the network can potentially game the rules and break the system should be considered just as acceptable/unacceptable as another. 

There comes a point where some form of basic honesty must be assumed on behalf of participants benefiting from the system working properly and reliably. 

Afterall, what magic line of code prohibits all miners from simultaneously turning all their equipment off...  just because? 

Maybe this 'one':

"As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they'll generate the longest chain and outpace attackers. The network itself requires minimal structure."

Is there such a thing as an unrecognizable 51% attack?  One where the remaining 49% get dragged in against their will? 

Daniele 

On Dec 10, 2016 6:39 PM, "Pieter Wuille" <pieter.wuille@gmail.com> wrote:
On Sat, Dec 10, 2016 at 4:23 AM, Daniele Pinna via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
We have models for estimating the probability that a block is orphaned given average network bandwidth and block size. 

The question is, do we have objective measures of these two quantities? Couldn't we target an orphan_rate < max_rate? 

Models can predict orphan rate given block size and network/hashrate topology, but you can't control the topology (and things like FIBRE hide the effect of block size on this as well). The result is that if you're purely optimizing for minimal orphan rate, you can end up with a single (conglomerate of) pools producing all the blocks. Such a setup has no propagation delay at all, and as a result can always achieve 0 orphans.

Cheers,

--
Pieter

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev