@Corey
> Currently there is zero feedback in the Bitcoin system between what we might think is the optimum amount of security and what actually exists.
I basically agree with this. The pedantic part of my mind does want to point out that the link between block subsidy and bitcoin's price does actually give somewhat of a feedback loop, in that the higher the price, the more valuable bitcoin is as a whole (at least as viewed by the active market), and therefore the more investment in security is appropriate. However, in the long run when the subsidy reduces to insignificance, we basically lose this link. And even with this link, it's not very direct. Fees retain only a little bit of this behavior, because presumably a more valuable bitcoin is more valuable to spend, but the link to security is very tenuous there.
> There is also zero agreement on how much security would constitute such an optimum.
This is really step 1. We need to generate consensus on this long before the block subsidy becomes too small. Probably in the next 10-15 years. I wrote
a paper that uses a framework for thinking about how much security bitcoin might need. The concept is that we should figure out what bitcoin's bottlenecks are, and figure out the minimum requirements we want to place on running a node based on how many (public) nodes we think we need and what percentage of machines out there are likely to run a node. The goals I chose to explore in that paper are totally up for debate, and I think its an important debate to have. But they are basically a first stab at setting up what we would need to determine optimum security. I would very much appreciate your review of that part of the paper, Corey.
> Figuring out how much security is needed, or even better, figuring out a way to have a market mechanism to answer that question, will be an important project.
My thoughts on this are that we will need to periodically make some software change to adjust a *target amount of investment in security*, because the components of bitcoin's blockchain security are not all predictable. Many unpredictable things factor into bitcoin's security (eg miner behavior, pools, how many people generally run public nodes on their own, what features require running public nodes, value of bitcoin, etc.
The primary mechanism we have to change how much security we have is to change the block size, which changes how much fees miners can collect each block. This isn't a linear thing. Its probably a parabola with a peak, where at that peak, making the block either smaller and larger would both reduce total fees paid. This is because when blocksize is higher, more transactions (and thus more fees) can be collected, but at the same time average fees will be lower. The pull of those two forces should define that parabola.
So my suggestion here would be that we should target a certain amount of security and have programmatic adjustments to the block size in order to stay near enough to the parabolic maximum so that we pay miners enough to give us sufficient blockchain security. Conversely, it should also attempt to minimize how much "extra" security we pay for. It would be wasteful to pay 3 times as much for 3 times the security we actually need. Such a thing is a very real form of devaluation that basically represents a tax on bitcoin and users of bitcoin. And its very possible for the position of this parabola to change over time. We could never say with certainty whether we're on one side of the parabola's maximum or the other. This would make it rather complex to track well.
Additionally, there's no clear trustless way to determine the market value of bitcoin at any given time, which makes it difficult to maintain this target over time. As the market value of bitcoin changes, that target could become quite inaccurate. This implies that we would need to do periodic adjustments to the target, either through periodic forks or through some other mechanism for changing the target.
If there were a good trustless way to determine the market value of bitcoin, we would have to "manually" change this target potentially much less often. Transaction fees kind of have an association with market value. Perhaps some kind of analysis can be done on that to make a reasonable prediction of what market value is based on fees. Or maybe blocks can commit to a market price similarly to how they commit to a timestamp (which is also only verifiable to an approximation and can only be verified close to when it was mined but not eg years later).