A strange idea of labeling bitcoins - page 2.

HeRetiK

legendary

Activity: 3122

Merit: 2178

Playgram - The Telegram Casino

Quote from: HereticalSmile on July 29, 2021, 08:33:46 AM

Quote from: Carlton Banks on July 29, 2021, 07:39:23 AM

cryptography cannot secure real physical objects in the real world

no amount of extra cryptography can solve this problem

What makes us limit ourselves to trustless and only cryptography in order to obtain the required functionality? Just an understanding that it is ugly to spoil a clean implementation with dirty inclusions?

What else would you do though? Hire mining inspectors that regularily check mining operations around the globe whether they run hardware according to regulation? Cheesy

Seriously tho, at the end of the day the most straightforward solution would be to simply get in touch with major mining pool operators. Given an attractive enough sponsorship deal you'd surely find operators willing to add your tagline to whatever blocks they mine. Whether this advertising money wouldn't be better spent elsewhere is a different question. Depending on ones intent this would digress from the original idea of incentivising people to use specific mining hardware though, leaving only the advertising aspect.

HereticalSmile

jr. member

Activity: 131

Merit: 4

Quote from: Carlton Banks on July 29, 2021, 07:39:23 AM

cryptography cannot secure real physical objects in the real world

no amount of extra cryptography can solve this problem

What makes us limit ourselves to trustless and only cryptography in order to obtain the required functionality? Just an understanding that it is ugly to spoil a clean implementation with dirty inclusions?

Carlton Banks

legendary

Activity: 3430

Merit: 3080

Quote from: ?? on ??

OP_RETURN limit is 80 bytes (83 bytes if you include the overhead). But the limitation only applies during relaying transaction. Pool/miner could create coinbase transaction or include their own transaction with OP_RETURN with far bigger size, which means it can be used for more complex advertising/labeling.

was it not reduced to 40 bytes, or was that in a dream? Cheesy

surely it wasn't reduced to 40, then subsequently bumped back up to 80 again?

Quote from: HereticalSmile on July 29, 2021, 05:01:25 AM

The first is that the manufacturer will not mind that his label is put even untruthfully. It is for advertising purposes.

Quote from: vjudeu on July 29, 2021, 06:25:12 AM

It is the same kind of proof like with Casascius coins: the private key is protected from viewing by anyone and if you want to sell that mining device to someone else, that person will be able to tell if that private key is still inside or was it revealed by scraping something, detaching some factory labels that has "warranty void if removed" or similar signs, etc.

Also, mining device don't have to lock coins on manufacturer's key, all that is needed is signing blocks with that key

no, and no

you're conceding already that the manufacturer or the miner can falsify the information (or sell the public key in a block signing scheme): trust required

cryptography can secure data

cryptography cannot secure real physical objects in the real world

no amount of extra cryptography can solve this problem

vjudeu

copper member

Activity: 903

Merit: 2248

Quote

Proving it is not, and I'm not sure how you could achieve it.

Why not? You bought some equipment, so you received some private key from the manufacturer and as long as that manufacturer sells miners with unique private keys, it is possible to identify which customer mined which blocks. It is the same kind of proof like with Casascius coins: the private key is protected from viewing by anyone and if you want to sell that mining device to someone else, that person will be able to tell if that private key is still inside or was it revealed by scraping something, detaching some factory labels that has "warranty void if removed" or similar signs, etc.

Also, mining device don't have to lock coins on manufacturer's key, all that is needed is signing blocks with that key, for example in the same way as you can see in signet.

Edit: I can also imagine a system where the customer first send some public key to the manufacturer, then it is turned into physical connections on that board to make it read-only, and then that device is mining ECDSA vanity addresses with manufacturer's name. In this way, the final key used for signing messages is a combination of the manufacturer's key and the customer's key, to fake it they have to cooperate.

HereticalSmile

jr. member

Activity: 131

Merit: 4

Quote from: Carlton Banks on July 29, 2021, 04:28:52 AM

Quote from: vjudeu on July 29, 2021, 02:38:07 AM

When solo mining, proving that particular equipment was used to mine a block is trivial, all that is needed is checking the coinbase transaction.

well, I think this is actually a problem (an insoluble one)

attesting what your equipment was when mining a block is trivial. Proving it is not, and I'm not sure how you could achieve it.

Any scheme used whereby the miner or the manufacturer of the mining unit certifies what spec of machine was used could be manipulated (and real-world miners may end up using a mix of unit types in practice, that's another hot mess to contend with). Same goes for the location; using all kinds of IP proxy rules out determining origin using IP addresses. And the algorithm used to mine the blocks is entirely generic, the concept would not work if that were not true.

so, yes, it's a strange idea.

There are two possible ways.

The first is that the manufacturer will not mind that his label is put even untruthfully. It is for advertising purposes.

And the second way is that the manufacturer deploys its own small private chain (or non-private) in which the correspondence between the equipment id and the public key is fixed. It could look like a side chain in which only bitcoins with their labels go, there could be a division of values. A miner would send bitcoins to that network, receive a token of that chain, and return bitcoins back to the main chain.

Carlton Banks

legendary

Activity: 3430

Merit: 3080

Quote from: vjudeu on July 29, 2021, 02:38:07 AM

When solo mining, proving that particular equipment was used to mine a block is trivial, all that is needed is checking the coinbase transaction.

well, I think this is actually a problem (an insoluble one)

attesting what your equipment was when mining a block is trivial. Proving it is not, and I'm not sure how you could achieve it.

Any scheme used whereby the miner or the manufacturer of the mining unit certifies what spec of machine was used could be manipulated (and real-world miners may end up using a mix of unit types in practice, that's another hot mess to contend with). Same goes for the location; using all kinds of IP proxy rules out determining origin using IP addresses. And the algorithm used to mine the blocks is entirely generic, the concept would not work if that were not true.

so, yes, it's a strange idea.

HeRetiK

legendary

Activity: 3122

Merit: 2178

Playgram - The Telegram Casino

Quote from: vjudeu on July 29, 2021, 02:38:07 AM

It is possible. Such manufacturer could create HD wallet and publish its public key. Then, each device could have one of the child private keys. In this way, any miner using such equipment could use it to sign any message and prove that it has such equipment. For me, it seems pointless, but technically it is possible.

When solo mining, proving that particular equipment was used to mine a block is trivial, all that is needed is checking the coinbase transaction. When mining in pools, proving that is harder, because it is possible if miners will switch to Stratum v2 or similar protocols where they can control their blocks.

True! Ignoring some of the other practical issues (e.g. pool mining vs solo mining) this brings up another interesting problem though:

1) Assuming non-hardened child private keys, once the private key of a single miner is compromised, the private keys of all miners are compromised [1]. Keeping private keys secure from someone who has full physical access is somewhat possible, but quite a challenge. Especially if the pot is not the contents a single hardware wallet but a whole network of mining hardware.

2) Assuming hardened child private keys, you get rid of the security concern above, but the manufacturer would not be able to verify the signatures [2]. Unless they derive and store each hardened private key in advance which comes with a different host of issues.

[1] https://bitcoin.stackexchange.com/questions/90627/what-are-the-consequences-from-the-leak-of-xpub-and-child-private-key

[2] https://learnmeabitcoin.com/technical/extended-keys

HereticalSmile

jr. member

Activity: 131

Merit: 4

Quote from: vjudeu on July 29, 2021, 02:38:07 AM

For me, it seems pointless, but technically it is possible.

Point, for example, is to get some kind of tokens on the bitcoin chain that carry additional value in addition to the value of bitcoin itself

vjudeu

copper member

Activity: 903

Merit: 2248

It is possible. Such manufacturer could create HD wallet and publish its public key. Then, each device could have one of the child private keys. In this way, any miner using such equipment could use it to sign any message and prove that it has such equipment. For me, it seems pointless, but technically it is possible.

When solo mining, proving that particular equipment was used to mine a block is trivial, all that is needed is checking the coinbase transaction. When mining in pools, proving that is harder, because it is possible if miners will switch to Stratum v2 or similar protocols where they can control their blocks.

HereticalSmile

jr. member

Activity: 131

Merit: 4

Quote from: BrewMaster on July 28, 2021, 11:13:58 AM

also bitcoin network should not be a place for advertisement!

Advertising is the engine of trade.
Where there is value, there is advertising, and vice versa.

HereticalSmile

jr. member

Activity: 131

Merit: 4

Quote from: HeRetiK on July 28, 2021, 11:53:18 AM

Those "labels" could be easily faked and it would be impossible to reliably verify whether the coins have been mined on hardware by a specific manufacturer.

How difficult is the implementation of the scheme, when such a fake would be impossible or as difficult as possible?

odolvlobo

legendary

Activity: 4466

Merit: 3391

Quote from: HereticalSmile on July 28, 2021, 10:48:26 AM

Has anyone suggested the idea of labeling bitcoins mined on the equipment of a particular manufacturer so that the manufacturer can offer separate incentives, bonuses for the owners of bitcoins mined on their equipment?

A bitcoin is not an object, virtual or otherwise. There is nothing to label. Labeling bitcoins would be like labeling each drop of water in swimming pool.

Regardless, what is the incentive for ASIC manufacturers pay people who own bitcoins originally mined on their hardware, even if it were possible?

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

I like the way you named it. “Labelled Bitcoins”; as if the miners glue a sticker on top of the coins.

..6.25 BTC..—..Mined in China.. <— Pretty nice, isn't it? Tongue

Seriously, there are ways to add hidden messages in the block chain. The simplest is by using OP_RETURN. But, since you referred to miners, then just enter it to your coinbase message. What you described applies since the genesis block. Chancellor on brink of second bailout for banks, remember? That's a coinbase parameter.

OgNasty

donator

Activity: 4760

Merit: 4323

Leading Crypto Sports Betting & Casino Platform

They could start their own pools and reward miners with a unique altcoin or NFTs or something. The question is what demand would there be for such a token/coin? That’s what makes exchanges somewhat special, they bring demand for their own coin by accepting it for exchange fees. I guess a mining pool could rent hashrate using their own coin, but that would be quite a gamble and I’m not sure it would be as utilized or profitable.

Carlton Banks

legendary

Activity: 3430

Merit: 3080

Quote from: BrewMaster on July 28, 2021, 11:13:58 AM

also bitcoin network should not be a place for advertisement!

well, OP_RETURN exists to allow people to insert arbitrary data into confirmed transactions, and that's mainly because it would be possible to do so anyway, so making a feature out of it (albeit not at all accommodating due to the 40 byte limit) was a compromise

if people want to pay for their blockchain stored grafitti, then who are we to argue?

HeRetiK

legendary

Activity: 3122

Merit: 2178

Playgram - The Telegram Casino

Those "labels" could be easily faked and it would be impossible to reliably verify whether the coins have been mined on hardware by a specific manufacturer.

The only way to "advertise" your hardware brand on the blockchain is by running a pool yourself and some manufacturers actually already do that. (AntPool for example. Bitfury used to run a pool as well, not sure what happened to them. Maybe they just stopped advertising their hashrate)

BrewMaster

legendary

Activity: 2128

Merit: 1293

There is trouble abrewing

miners who own these ASICs are usually connecting to a mining pool which will be setting the coinbase transaction (and any "label" on the newly mined coins) so it is not possible for the miner with the particular ASIC to do anything.

also bitcoin network should not be a place for advertisement!

HereticalSmile

jr. member

Activity: 131

Merit: 4

There are a certain number of ASIC manufacturers.

Has anyone suggested the idea of labeling bitcoins mined on the equipment of a particular manufacturer so that the manufacturer can offer separate incentives, bonuses for the owners of bitcoins mined on their equipment?

Topic: A strange idea of labeling bitcoins - page 2. (Read 470 times)