From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WPKjd-00057Z-1s for bitcoin-development@lists.sourceforge.net; Sun, 16 Mar 2014 23:44:53 +0000 Received: from mail-la0-f51.google.com ([209.85.215.51]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WPKjZ-0006qO-LP for bitcoin-development@lists.sourceforge.net; Sun, 16 Mar 2014 23:44:53 +0000 Received: by mail-la0-f51.google.com with SMTP id c6so2932721lan.10 for ; Sun, 16 Mar 2014 16:44:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=y4i38Yhxdlqg+pRz9JJ3KZP+CPq4uf+s8H2aDuVBhPk=; b=SSqii3JilgG6/hwo90AJlAHqlPzebEuYMzE8M8oG1vnRtT8TP5SZ2uAdMm8M8hPKg5 q0DOaA9FU3TwmpvGrKDmQU/nOpQeqeVkNs4tQhynE3NraH4/z0k645AdRAbUBRhGIE9o J09MaHshTeRCn7pOjeTvyUz/MvNFCMTjuRz0SXQIFfr8vjMYXnE6g588HDscKvyHUvmm DDqFoTXD6LiiOEquYmqOz6kab0qRPwulZy93OvZtD1biVC5ZLCqHVtndtd/u4RbJMCjU O0T6xJ/n/XtRM+YkmJ7CIT2iQ+Oe4oqeyGjLm8h6mdGuZSgDDdn4krCaT5/fUMeZq7yM EC2g== X-Gm-Message-State: ALoCoQncHnfvtlx5CFv0Q3k6ik6vgLvlssAIHEkOVxJ9UsHLOjbeJdMXPctEGvCxNDhEc1ZlAnUG MIME-Version: 1.0 X-Received: by 10.153.4.134 with SMTP id ce6mr14420956lad.21.1395012152107; Sun, 16 Mar 2014 16:22:32 -0700 (PDT) Received: by 10.112.62.136 with HTTP; Sun, 16 Mar 2014 16:22:32 -0700 (PDT) X-Originating-IP: [108.193.6.130] In-Reply-To: <20140316225819.GA19846@netbook.cypherspace.org> References: <20130519132359.GA12366@netbook.cypherspace.org> <5199C3DE.901@gmail.com> <20131014180807.GA32082@netbook.cypherspace.org> <20140316225819.GA19846@netbook.cypherspace.org> Date: Sun, 16 Mar 2014 16:22:32 -0700 Message-ID: From: =?ISO-8859-1?Q?Jorge_Tim=F3n?= To: Adam Back Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. X-Headers-End: 1WPKjZ-0006qO-LP Cc: Bitcoin-Dev Subject: Re: [Bitcoin-development] 2-way pegging (Re: is there a way to do bitcoin-staging?) X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Mar 2014 23:44:53 -0000 Some comments. On 3/16/14, Adam Back wrote: > 6. a fraud proof is an SPV proof with a longer chain showing that the pro= of > of burn was orphaned. As discussed, "reorg proof" it's a more appropriate term since the reorg can happen without any fraud. It also prevents the term from being confused with the fraud proof that auditors (full nodes that can't create blocks) produce for private chains. > Apart from pegging from bitcoin to a side-chain, if a private chain is ma= de > with same rules to the side-chain it becomes possible with some > modifications to the above algorithm to peg the side-chain to a private > chain. Private chain meaning a chain with the same format but signature = of > single server in place of hashing, and timestamping of the block signatur= es > in the mined side chain. And then reactive security on top of that by fu= ll > nodes/auditors trying to find fraud proofs (rewrites of history relative = to > side-chain mined time-stamp or approved double-spends). The reaction is = to > publish a fraud proof and move coins back to the side chain, and then > regroup on a new server. (Open transactions has this audit + reactive > model > but as far as I know does it via escrow, eg the voting pools for k of n > escrow of the assets on the private server.) I also proposed the same > reactive audit model but for auditable namespaces [4]. > > Private chains add some possiblity for higher scaling, while retaining > bitcoin security properties. (You need to add the ability for a user to > unilaterally move his coins to the side-chain they came from in event the > chain server refuses to process transactions involving them. This appear= s > to be possible if you have compatible formats on the private chain and > side-chain). In this case you can't require a side chain proof of burn to move back to the side chain or the funds could be locked by the dishonest private chain operator (accountant in freimarkets[1] terminology). By allowing unilateral withdrawals, you impose on the private chain the task of observing the side chain looking for double-spends, censoring those transactions or maybe updating its committed utxo when it has proofs that the coins have been withdrawn. [1] http://freico.in/docs/freimarkets.pdf https://github.com/jtimon/freimarkets/blob/master/doc/freimarkets_specs.org= #private-ledgers --=20 Jorge Tim=F3n http://freico.in/