From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id DE5D4B8E for ; Fri, 18 Oct 2019 22:02:08 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-vs1-f52.google.com (mail-vs1-f52.google.com [209.85.217.52]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 436915D3 for ; Fri, 18 Oct 2019 22:02:08 +0000 (UTC) Received: by mail-vs1-f52.google.com with SMTP id y129so5039477vsc.6 for ; Fri, 18 Oct 2019 15:02:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=XFkCKKg2u2i0Ayaz758keECQjmztAy+cyFXSELWpwU4=; b=VeIz4L1f70YoIZvt1t5yJoeIluFzvQY9S/NvVrDb+XL09oUkR/ChIyt9Vw7Ehe21JB zBHnf/GjkOfuZpsHNyv01OUzV6twAiurvZnC/B7PUgfA+O7Nd6C4HGUIB7cgS8qMbuW0 y8BdlpnZiDL8oY7cMrcWJ6sEAS0AF4wTNXXh62Br6Pp6uynhFGuFBGgWOes+Q7ugPK9d zfnpVlZerMceFGLnVZFbdVc6IAIWukj/eZIZ+KPCK1rAi6uEcXCsKSpjY7/+Icj3rg6/ f5KsDUVcptuhpIb5SqLUxF2l73/zbyiu4LLF7CWowj4eKVa0IiqErci15fhVeUEkqeXG bAcA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=XFkCKKg2u2i0Ayaz758keECQjmztAy+cyFXSELWpwU4=; b=L5jStqbCIi+xnoH57jwuy/1h0Td+bua6cboULSaQFAK4cxU9x0Ff+9sdq/jFAiT8c/ zf//LjfVCCKlKCOYCueLm/bylC5v5qzHMmP64Ys9amQSBKZma/oJYHX5hBVlBQK4ICvw JqueuEcT4n6bySYTKYHJhng34TKpQMdFm//z3qT5lZrK6FtOEDTdT8wS+OWgToESJKsm vg6ULFenD04KS/q1SO4DgeGNZeuM7XeXZqTMRSc6ALB/bKAcuTuwwMmlA3El3S25uxtt tGEZ7ZJm/TVetGPnVLiI0MPY9ZPzLtZGwAPEKVDcFFpypVJRQdqSUSPrcjLp4ZcRCQpy bc8g== X-Gm-Message-State: APjAAAWSpltD24tTlFxVKwm4hdM2W2mplRumQwmD4pMVj2X0y6LwVoPQ 3QD85M+w4fgt7pSYp/luwZ7NzUnFSU4U9yPcwuY3M2yWPcM= X-Google-Smtp-Source: APXvYqz8Jy9Y29AJH2xx0UaobhfH2kuEOTytWmtueGnzr46dOvn3nYBE4gS7mEHaRj6cpQ7ZKFGcQvKms9NNWeZpAQU= X-Received: by 2002:a05:6102:246:: with SMTP id a6mr6733727vsq.19.1571436126931; Fri, 18 Oct 2019 15:02:06 -0700 (PDT) MIME-Version: 1.0 From: Lucas H Date: Fri, 18 Oct 2019 15:01:54 -0700 Message-ID: To: bitcoin-dev@lists.linuxfoundation.org Content-Type: multipart/alternative; boundary="000000000000220e8e0595367c94" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Sun, 20 Oct 2019 04:30:58 +0000 Subject: [bitcoin-dev] Trustless hash-price insurance contracts X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Oct 2019 22:02:09 -0000 --000000000000220e8e0595367c94 Content-Type: text/plain; charset="UTF-8" Hi, This is my first post to this list -- even though I did some tiny contributions to bitcoin core I feel quite a beginner -- so if my idea is stupid, already known, or too off-topic, just let me know. TL;DR: a trustless contract that guarantees minimum profitability of a mining operation -- in case Bitcoin/hash price goes too low. It can be trustless bc we can use the assumption that the price of hashing is low to unlock funds. The problem: A miner invests in new mining equipment, but if the hash-rate goes up too much (the price he is paid for a hash goes down by too much) he will have a loss. Solution: trustless hash-price insurance contract (or can we call it an option to sell hashes at a given price?) An insurer who believes that it's unlikely the price of a hash will go down a lot negotiates a contract with the miner implemented as a Bitcoin transaction: Inputs: a deposit from the insurer and a premium payment by the miner Output1: simply the premium payment to the insurer Output2 -- that's the actual insurance There are three OR'ed conditions for paying it: A. After expiry date (in blocks) insurer can spend B. Both miner and insurer can spend at any time by mutual agreement C. Before expiry, miner can spend by providing **a pre-image that produces a hash within certain difficulty constraints** The thing that makes it a hash-price insurance (or option, pardon my lack of precise financial jargon), is that if hashing becomes cheap enough, it becomes profitable to spend resources finding a suitable pre-image, rather than mining Bitcoin. Of course, both parties can reach an agreement that doesn't require actually spending these resources -- so the miner can still mine Bitcoin and compensate for the lower-than-expected reward with part of the insurance deposit. If the price doesn't go down enough, the miner just mines Bitcoin and the insurer gets his deposit back. It's basically an instrument for guaranteeing a minimum profitability of the mining operation. Implementation issues: unfortunately we can't do arithmetic comparison with long integers >32bit in the script, so implementation of the difficulty requirement needs to be hacky. I think we can use the hashes of one or more pre-images with a given short length, and the miner has to provide the exact pre-images. The pre-images are chosen by the insurer, and we would need a "honesty" deposit or other mechanism to punish the insurer if he chooses a hash that doesn't correspond to any short-length pre-image. I'm not sure about this implementation though, maybe we actually need new opcodes. What do you guys think? Thanks for reading it all! Hope it was worth your time! --000000000000220e8e0595367c94 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

This is my first post to= this list -- even though I did some tiny contributions to bitcoin core I f= eel quite a beginner -- so if my idea is stupid, already known, or too off-= topic, just let me know.

TL;DR: a trustless contra= ct that guarantees minimum profitability of a mining operation -- in case B= itcoin/hash price goes too low. It can be trustless bc we can use the assum= ption that the price of hashing is low to unlock funds.

<= /div>
The problem:

A miner invests in new mini= ng equipment, but if the hash-rate goes up too much (the price he is paid f= or a hash goes down by too much) he will have a loss.

<= div>Solution: trustless hash-price insurance contract (or can we call it an= option to sell hashes at a given price?)

An i= nsurer who believes that it's unlikely the price of a hash will go down= a lot negotiates a contract with the miner implemented as a Bitcoin transa= ction:

Inputs: a deposit from the insurer and a pr= emium payment by the miner
Output1: simply the premium payment to= the insurer
Output2 -- that's the actual insurance
=C2=A0 There are three OR'ed conditions for paying it:
=C2= =A0 A. After expiry date (in blocks) insurer can spend
=C2=A0 B. = Both miner and insurer can spend at any time by mutual agreement
= =C2=A0 C. Before expiry, miner can spend by providing **a pre-image that pr= oduces a hash within certain difficulty constraints**

<= div>The thing that makes it a hash-price insurance (or option, pardon my la= ck of precise financial jargon), is that if hashing becomes cheap enough, i= t becomes profitable to spend resources finding a suitable pre-image, rathe= r than mining Bitcoin.
Of course, both parties can reach an agree= ment that doesn't require actually spending these resources -- so the m= iner can still mine Bitcoin and compensate for the lower-than-expected rewa= rd with part of the insurance deposit.
If the price doesn't g= o down enough, the miner just mines Bitcoin and the insurer gets his deposi= t back.
It's basically an instrument for guaranteeing a m= inimum profitability of the mining operation.

Impl= ementation issues: unfortunately we can't do arithmetic comparison with= long integers >32bit in the script, so implementation of the difficulty= requirement needs to be hacky. I think we can use the hashes of one or mor= e pre-images with a given short length, and the miner has to provide the ex= act pre-images. The pre-images are chosen by the insurer, and we would need= a "honesty" deposit or other mechanism to punish the insurer if = he chooses a hash that doesn't correspond to any short-length pre-image= . I'm not sure about this implementation though, maybe we actually need= new opcodes.

What do you guys think?
Thanks for reading it all! Hope it was worth your time! --000000000000220e8e0595367c94--