From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 3864AB1E for ; Mon, 19 Jun 2017 16:04:35 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-qk0-f179.google.com (mail-qk0-f179.google.com [209.85.220.179]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 0998925A for ; Mon, 19 Jun 2017 16:04:31 +0000 (UTC) Received: by mail-qk0-f179.google.com with SMTP id r62so37143638qkf.0 for ; Mon, 19 Jun 2017 09:04:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=3QrAvfuYaehCZ/IbvCpwz1a4AKfNYCY6ckWX1PHtkbQ=; b=Zt03YpH/KkGsZ++e+J3B/XOuqdahWMvnOlETv3Xb1QFVEGPcmTI2UEgWeSDVpcwNCX RrGwdwoflSebvf8uBBCLZagQM9eE5lX+aCNY0Y/MiEPrG3IExs//Vn9qqzm5KYnRflA/ /QSz/K4X+N6Ud0jaLOkQPAsZg6JB2xi3snzncHD5jZncV6fjHvlckoGDLoEKARnlKPhK 6Yq8F3/ivAGmUlDzD86PnkODWvuao9HG84JZyySHMmbW35KnQs9VyJWp1NT5WsA7jwKk +Gy5igoRaAouVVf6XCkYjIAjVjGuBTxprjZnUaLaLqh9gBVUrDcXeBmoT409+dP6aLY0 k76w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=3QrAvfuYaehCZ/IbvCpwz1a4AKfNYCY6ckWX1PHtkbQ=; b=gYnWTjqhl+rya7sEGGzZvnQpba03Kibe7juAEbmfkyjYT9sqAzAOVvMxVa2gsLCmeK zEcPFjXDtO9OdBwamGAIKhtODh7klXVUxqhHHQ6C+MgBs4L4W7OFT5Uz5Bs9dkD4/+vj oElquw2ed5JLah5/GqrqbvzrttSmiGfTSGzalzJA+VguFL9OcksO7wyygfbM3m0ZlfDZ S75UELpWz6Xzf8wkJzlmcfsPPOmdFH38TFWGWTMFrNk8rHjXhaiPLRnZkoJ0AR7iywzI WZ4CHahkya99fdWGeWl5G3aNBPL07+DFxqHhmbNIgEUUzJ/UWweg39ieo+tB+mjNnjSA V9eA== X-Gm-Message-State: AKS2vOxlj5Ef2RcjlwO4ylhQu4oT2xU+gCtyDshDOJZ0Mtn0aKcbQkZs vZg2W+up2Lj9lNZB X-Received: by 10.55.182.135 with SMTP id g129mr29558669qkf.111.1497888270576; Mon, 19 Jun 2017 09:04:30 -0700 (PDT) Received: from [192.168.1.102] (ool-45726efb.dyn.optonline.net. [69.114.110.251]) by smtp.googlemail.com with ESMTPSA id i30sm7223369qtc.19.2017.06.19.09.04.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 19 Jun 2017 09:04:29 -0700 (PDT) To: Tao Effect References: <24f2b447-a237-45eb-ef9f-1a62533fad5c@gmail.com> <83671224-f6ff-16a9-81c0-20ab578aec9d@gmail.com> From: Paul Sztorc Message-ID: <6764b8af-bb4c-615d-5af5-462127bbbe36@gmail.com> Date: Mon, 19 Jun 2017 12:04:33 -0400 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: en-US X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] Drivechain RfD -- Follow Up X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2017 16:04:35 -0000 Hi Greg, Responses below: On 6/18/2017 5:30 PM, Tao Effect wrote: > In Drivechain, 51% of miners have total control and ownership over all > of the sidechain coins. It would not be accurate to say that miners have "total" control. Miners do control the destination of withdrawals, but they do not control the withdrawal-duration nor the withdrawal-frequency. So, if miners wish to 'steal' from a sidechain, they _can_ initiate a theft, but they can not change the fact that their malfeasance will be [a] obvious, and [b] on display for a long period of time. We might draw a comparison between: 1. Classic Theft -- A majority hashrate reorganizes the main Bitcoin chain to double-spend funds (or coordinate with someone who is double-spending). This is prevented/discouraged by waiting for many confirmations. 2. Channel Theft -- A majority hashrate assists a Lightning-Network thief, by censoring the punitive audit txn (possibly by exploiting some excuse regarding fullness of blocks, or possibly induced to do so by the thief provably splitting the proceeds with miners). This is prevented/discouraged by using lengthy custodial periods, paying high fees with your attacker's money, and using fungibility/non-communication to interact with miners as little as possible (so as to frame LN-theft as undermining the entire LN system, and not merely a single tragedy). 3. Drivechain Theft -- A majority hashrate initiates an unrepresentative withdrawal from some sidechain. This is prevented/discouraged by only using 'popular' sidechains (those that [a] increase the usefulness ("market price") of bitcoin, and [b] generate tx fees for miners). It is also discouraged by the fact that egregious theft would probably end the sidechain experiment, meaning that all present and future sidechains would be forever unavailable (and unable to buoy the price or the tx revenues). I do not think that any of the three stands out as being categorically worse than the others, especially when we consider the heterogeneity of use-cases and preferences. As Luke-Jr has been pointing out on social media recently, the very group which is more associated with miners (and explicitly more willing to trust them, ie Bitcoin Unlimited et al), happens to be the same group that would be expected to make use of a LargeBlock drivechain. Some can argue that one type of security is more "cryptographic" than others, but I think this is misguided (how many 'bits' of security does each have?) -- imho, all three security models are 'game theoretic' (neither computer scientific, nor cryptographic). More importantly, before a miner has any "control" over the sidechain coins, users must voluntarily agree to subject themselves to these new rules. This is similar to how an arbitrary piece of (open source) software can have "total" control over your computer...if you choose to install it. > Thus the effect of Drivechain appears to be the creation of a new kind > of digital border imposed onto the network ... I'm not sure it would "create a border", given that sidechains are currently not accessible at all. If anything drivechain cuts a door into an existing impassible border. > ... where everyone hands over ownership of their Bitcoins to a > /single/ mining cartel when they wish to interact with /any/ sidechain.= The qualifier "/any/ sidechain" would seem to imply that there is a way to do sidechains that does not involve handing over some control to 51% hashrate...I think this is false (even in the fabled case of ZK-SNARKS). The first thing I do in the drivechain spec ( truthcoin.info/blog/drivechain ) is explain why. > Drivechain would be a reasonable idea if that weren't the case, but > since it is, Drivechain now introduces a very real possible future > where Bitcoins can be confiscated by the Chinese government in exactly > the same manner that the Chinese government today confiscates > financial assets in other financial networks within China. Yes, but money could also be confiscated from _any_ Bitcoin users (Chinese or otherwise) using any of the three methods I mentioned above. And confiscation could strike Chinese Bitcoin users if they decided to sell their Bitcoin for Chinese Yuan, which they then deposited in a Chinese bank. Or if they sold their Bitcoin for an Altcoin controlled by the Chinese govt in some other way. It is not up to the members of this list to decide, USSR style, what other people are allowed to do with their own money. The exceptions to this rule would be (ie, "bitcoin-dev should care about what users are doing when..."): 1. [Unreasonable use of Reviewer Time] The user's use-case is either nonexistent (ie "no one wants that"), or totally unachievable ("we can't do that") thus rendering the conversation a complete waste of time / reviewer attention. 2. [Harmful Interference] The user's use-case would impose harm on some existing use-case(s). No reasonable person will claim the first, given today's scaling debate (not to mention today's 'bitcoin dominance index'). Therefore, critics must claim the second (as, for example, Peter Todd has been doing on this list). Which is why I narrowly focus on inter-chain harms [1], leading ultimately to a focus on the mining ecosystem [2,3] and the development of Blind Merged Mining [4]. [1] https://www.youtube.com/watch?v=3D0goYH2sDw0w&list=3DPLw8-6ARlyVciNjgS_NF= hAu-qt7HPf_dtg&index=3D1 [2] http://www.truthcoin.info/blog/mirage-miner-centralization/ [3] http://www.truthcoin.info/blog/mining-threat-equilibrium/ [4] http://www.truthcoin.info/blog/blind-merged-mining/ [5] http://www.truthcoin.info/blog/measuring-decentralization/ > 1. The Bitcoin network centralizes more, because more power (both > financial power and power in terms of capability/control) is granted > to miners. I think that one has some duty to very clearly define something (like "mining centralization" [2] or "centralization" [5]) before complaining about it. I feel that people will occasionally use selfless complaints to accomplish a selfish goal...especially when the artificial selfless part is hard to discuss by virtue of its being poorly defined (especially vague or abstract items like "the company", "our country", etc). For example, those who take it upon themselves to "defend" "the Bitcoin community" may have exactly that in mind as their primary goal...but they may also end up with more visibility (and with it: more influence, more job offers, more conference invites, more friends, etc) and they may also end up with a megaphone for which to broadcast their other views, or just a defend-able excuse for bragging loudly about how great cypherpunks are and/or how devoted they-in-particular are to the cypherpunk tribe, et cetera. To avoid this problem in my own technical discourse, I try to avoid abstractions like "centralization" until I have defined them [2,5]. You have defined centralization above, but the definition is itself vague to the point where I do not think even you actually endorse it. For example, you would need to say that Bitcoin centralizes whenever the exchange rate increases (as this grants additional financial power to miners) or when any new user joins Bitcoin, or when tx fee revenues increase for any reason. You might also be forced to say that LN centralizes Bitcoin (as LN grants new capability/control to miners), and probably even that Bitcoin becomes more centralized when developers release new software (as this grants new capability to miners, specifically the ability to deny upgrades). This probably isn't what you meant, but since you did not clearly explain what you meant we have no way of knowing for sure. It seems to me that you reject the premise that BMM [4] addresses these issues. This is probably because BMM only addresses miner's interactions with each other, and it does not address miner abilities as a group in relation to other groups (for example, vs. users, developers, investors). But, as I consistently emphasize, these groups of people are free to ignore any sidechains that they do not like. In law there is a saying 'volenti non fit injuria' which I would translate as "he who volunteers cannot claim later to have been injured". This is a legal theory, because otherwise everyone would be arbitrarily liable for choices beyond their control (ie, responsible for decisions of other unrelated people), which would be nonsense. > 3. Drivechain limits user's existing choice when it comes to who is > acting as custodian of their Bitcoins, from any trustworthy exchange, > down to a single mining cartel under the control of a single set of law= s. Currently no (P2P) sidechains exist, and therefore the set of choices today would seem to be more "limited" than in a post-sidechain future. (The set of options may decrease later, for ecological reasons, if and only if 'exchanges' are a strictly inferior option to 'sidechains' for some reason...I don't see why this would be the case. I also don't understand the emphasis on "exchanges" [SCs are much more like Altcoins, than exchanges] in the first place, nor the dubious qualifier "trustworthy".) --Paul