public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: raymo@riseup.net
To: ZmnSCPxj <ZmnSCPxj@protonmail.com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Boost Bitcoin circulation, Million Transactions Per Second with stronger privacy
Date: Sat, 26 Jun 2021 14:54:26 -0700	[thread overview]
Message-ID: <9c2cec326adee1f4d4152e2195da0e7b@riseup.net> (raw)
In-Reply-To: <6leV9mViysrSOipJqrCM3wbqBOMO2gWI3BuEn0VKmaDf7GpawWyUIWLu-ddypMri7YeVmw94HNSaQYYp8fIkjZ0S3OtFTPQa6h9pkLprKDI=@protonmail.com>

Good morning ZmnSCPxj
Sorry for late reply.
> Guarantee Transactions (GT) being higher-fee is ***not*** assured.
The question is “assuring what?”. 
The whole point of my proposal is the fact that issuers and creditors
act rationally and won't harm their selves. The numbers (input and
output amounts), the relation between inputs and outputs amounts, the
minimum and maximum of inputs and outputs amounts, and conditions of a
valid trans-action in Sabu protocol are all designed precisely to
leading the rational users toward the making profit from the system. And
irrationals (either issuer or creditor) can harm the others and
inevitably in con-sequence will hurt themselves too. So, there is a fair
and just transaction (MT). 
The creditor can send the GT to Bitcoin network and lose 70% of his
money and damage 15% of is-suer money!
Vice versa the issuer can send GT to Bitcoin network and harm itself 15%
in cost of hurt creditors 70% which is none sense. Or issuer can pay
even more money directly to miner and hurt itself even more which is
even more irrational! Or the miner will ignore the transaction fees of a
GT and put the fraudulent transaction in next block, which I cannot
imagine a miner that pass up his legal and legiti-mate income in favor
of a greedy issuer!
Please write me a scenario (preferably with clear amount of inputs and
outputs) by which the cheater (either issuer or creditor) gains more
profit than playing honestly. 
Only in this case we can accept your claim about weakness of protocol.

> Every offchain protocol needs *the receiver* as a signatory to any unconfirmed transaction. the receiver **must** be a signatory --- the receiver cannot trust an unconfirmed transaction where the spent UTXO has an alternate branch that does *not* have the receiver as a signatory.

I intentionally decided to not using 2 of 2 signature, because I didn't
want to fall in same trap as Light-ening. I wanted to avoid this long
drilling 2 of 2 signings and routing. Instead, I just proposed to
cre-ate and sign a valid Bitcoin transaction between only 2 people in a
pure-peer-to-peer communication. The only signer is the issuer (the UTXO
owner).
Again, same logic. Please write me a scenario by which the cheater
(issuer or creditor) can cheat this only-issuer-signed transactions and
gains more profit than playing honest. Due to numbers and trans-action
restrictions and the insignificance of the amount of each transaction
this scenario of fraud will fail too. 

Looking forward to hearing from you
Raymo


On 2021-06-20 00:53, ZmnSCPxj wrote:
> Good morning Raymo,
> 
>> Hi,
>> I have a proposal for improve Bitcoin TPS and privacy, here is the post.
>> https://raymo-49157.medium.com/time-to-boost-bitcoin-circulation-million-transactions-per-second-and-privacy-1eef8568d180
>> https://bitcointalk.org/index.php?topic=5344020.0
>> Can you please read it and share your idea about it.
> 
> 
> Guarantee Transactions (GT) being higher-fee is ***not*** assured.
> 
> Feerates are always bumpable --- the sender of a transaction only
> needs to directly contact a miner and offer a fee to take a specific
> transaction on the next block proposal, conditional on the transaction
> *actually* getting into a block.
> Such "side fees" are always possible.
> Indeed, the in-transaction fees are "just" a way to anonymously and
> atomically make that fee offer to miners --- but miners and issuers
> can always communicate directly without using Bitcoin transaction to
> arrange a higher fee for a fraudulent Main Transaction (MT).
> 
> because of this, you should really treat all unconfirmed transactions
> --- including MTs and GTs --- as potentially replaceable, i.e.
> RBFable.
> There is no such thing as "RBF disabled", all transactions are
> inherently RBF-able due to side fees --- it is simply a matter of
> anonymity, atomicity, and ease-of-use.
> 
> ---
> 
> Every offchain protocol needs *the receiver* as a signatory to any
> unconfirmed transaction.
> 
> Or more strongly, the receiver **must** be a signatory --- the
> receiver cannot trust an unconfirmed transaction where the spent UTXO
> has an alternate branch that does *not* have the receiver as a
> signatory.
> 
> See: https://zmnscpxj.github.io/offchain/safety.html
> 
> Thus, all safe offchain schemes need to use an n-of-n signing set.
> 
> The smallest n-of-n that is still useful is 2-of-2, where one
> participant is a sender and the other is a receiver.
> (1-of-1 is not useful since there is no possible receiver who can sign).
> 
> This requires Bitcoin to splinter into lots of 2-of-2 funds, each one
> a sovereign sub-money (that is *eventually* convertible to Bitcoin),
> each one a cryptocurrency system in its own right.
> However, it so happens that we have a mechanism for transferring value
> across multiple cryptocurrency systems: the HTLC.
> 
> 2-of-2 is also the most stable.
> This is because *all* signatories of an n-of-n cryptocurrency system
> need to be online at the same time in order for *any* of them to use
> the funds in the system.
> If any one of them is offline, then the system is unusable.
> With 2 participants, there is some probability that one of them is
> offline and the individual 2-of-2 system is unusable.
> With 3 participants, the probability is higher (there are more
> participants that can be offline).
> With 4 participants, higher still.
> 
> Thus, the most stable is to split Bitcoin into lots of little 2-of-2
> systems, and use HTLCs to transfer funds across the little 2-of-2
> systems.
> 
> Thus, Lightning Network, which splits Bitcoin into lots of little
> 2-of-2 cryptocurrency systems (channels), and uses HTLCs to atomically
> transfer value across them (routing).
> 
> 
> Of course, having larger n is better as we need to splinter Bitcoin
> into fewer funds with larger participant sets.
> And we can mitigate the offline-problem by using a two-layer system:
> we have a n-of-n system (n > 2) that itself splits into multiple
> smaller 2-of-2 systems.
> That way, the Bitcoin layer is split into fewer UTXOs, reducing
> blockchain resource consumption further.
> 
> Thus, Channel Factories hosting Lightning Channels.
> 
> Regards,
> ZmnSCPxj


  reply	other threads:[~2021-06-26 21:54 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-16 13:44 [bitcoin-dev] Boost Bitcoin circulation, Million Transactions Per Second with stronger privacy raymo
2021-06-18  1:42 ` Erik Aronesty
2021-06-18 13:44   ` Alex Schoof
2021-06-18 20:00     ` raymo
2021-06-19 21:14       ` Erik Aronesty
2021-06-18 13:37 ` Erik Aronesty
2021-06-18 20:22   ` raymo
2021-06-20  0:53 ` ZmnSCPxj
2021-06-26 21:54   ` raymo [this message]
2021-06-27  4:53     ` ZmnSCPxj
2021-06-27 11:05       ` raymo
2021-06-28  5:20         ` ZmnSCPxj
2021-06-28  6:29           ` raymo
2021-06-28  8:23             ` James Hilliard
2021-06-28  9:52               ` raymo
2021-06-28 11:28                 ` James Hilliard
2021-06-28 16:33                   ` raymo
2021-06-28 15:28             ` ZmnSCPxj
2021-06-28 16:58               ` raymo
2021-06-28 17:58                 ` Alex Schoof
2021-06-28 19:07                   ` raymo
2021-06-29 21:42                     ` ZmnSCPxj
2021-06-30 12:21                       ` raymo
2021-06-28 17:29               ` Tao Effect
2021-06-28 17:38                 ` raymo
2021-06-28 18:05                   ` Ricardo Filipe
2021-06-20  1:59 ` James Hilliard
2021-06-22 18:20   ` Billy Tetrud
2021-07-01 20:11     ` raymo
2021-07-01 20:49       ` Erik Aronesty
2021-07-01 22:15         ` raymo
2021-07-02 17:57           ` Billy Tetrud
2021-07-03  8:02             ` raymo
2021-07-07  3:20               ` Billy Tetrud
2021-07-17 15:50                 ` raymo
2021-07-17 18:54                   ` Tao Effect
2021-08-08  9:11                   ` raymo
2021-08-09  0:03                     ` s7r
2021-08-09 16:22                       ` raymo
     [not found]                         ` <CAL5BAw2f=xJBO743sTb-Cms80ZLsNNbGPAsWsR_Z3JDF51ssoQ@mail.gmail.com>
2021-08-09 20:22                           ` raymo
2022-11-02 17:30                       ` Erik Aronesty

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9c2cec326adee1f4d4152e2195da0e7b@riseup.net \
    --to=raymo@riseup.net \
    --cc=ZmnSCPxj@protonmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox