Re: [Bitcoin-development] merged mining hashcash & bitcoin (Re: Coinbase TxOut Hashcash)

[Jeff Garzik <jgarzik@exmulti.com>]

On Mon, May 13, 2013 at 6:54 AM, Adam Back <adam@cypherspace.org> wrote:
> On Mon, May 13, 2013 at 07:31:21AM +0000, John Dillon wrote:
>>[with] merge-mining [you get] more value from just one unit of work.
>
> correct.
>
>>But Peter's coinbase hashcash protocol carefully ensures [...] the amount
>>of value the miner would have then given away in a "anyone-can-spend"
>>output.
>
> I think there are 3 choices:
>
> 1. merged-mine (almost zero incremental cost as the bitcoin mining return is
>     still earned)
>
> 2. destroy bitcoin (hash of public key is all 00s so no computible private
>     key)
>
> 3. anyone-can-spend (= first to spend gets coin?)

Don't forget:  4. destroy-via-miner-fee, which is useful because it
provides funding for a public service (bitcoin transaction
verification).

(a tangent, but related)

I've been thinking about a decentralized way to create an anonymous
identity, something I think it key to any number of decentralized, P2P
and anonymous markets.  My main focus, for this identity project, is
to develop a decentralized protocol for generating a UUID-like unique
identifier (bitstring), in a way that has some amount of creation cost
attached (to prevent creating a billion of such tokens etc.).  I call
it a system identifier, or SIN.

Once you have a SIN, you may associate the SIN with a GPG fingerprint,
email address, real name, login credentials, etc.  eBay-like
marketplaces publish SIN ratings (though it displays on screen as
"jgarzik" not "1234-abcd-5678-def0").  Standard-and-Poors style
ratings agencies would similarly rate a business's SIN.  SIN's build a
reputation and trust over time, while controlling their own anonymity
(or lack thereof).  Anybody may abandon a SIN at any time. Ownership
of a SIN is cryptographically proven via digital signature.

Getting back on topic, somewhat, one idea I had for creation cost of a
SIN was associating the creation cost of a SIN with a bitcoin
transaction's miner fee.  Anybody in the world could, therefore,
create a SIN in a decentralized fashion, simply by following a
published protocol for burning a specified amount of bitcoins via
miner fee.  It can be cryptographically proven with 100% certainty who
made such a transaction, and the miner fee attaches a creation cost to
ensure that SINs are not -too- cheap.

Burn-via-miner-fee is a useful tool outside of this example.  It funds
a public service, providing a positive feedback loop for miners who
receive fees via such services.

-- 
Jeff Garzik
exMULTI, Inc.
jgarzik@exmulti.com