Topic: Alternative protocols to Bitcoin (Read 1629 times)

Interesting ideas s, thx for sharing! A few comments below:


If I understand you correctly, you propose that in this system a coin would be represented by a rare mathematical artifact. This is an interesting idea, but - and you might be aware of that - it's not how Bitcoin works. The Bitcoins themselves are just numbers associated with a Bitcoin address. Only the blocks, that secure the block chain, have the rare mathematical property. This distinction is important, because it means that coins can easily be divided into smaller units. If a rare mathematical artifact itself would represent the coin, then you would most likely not be able to divide it and thus would need much more of them. Maybe not an insurmountable problem, but I think it makes the whole problem of the rate of money supply a little trickier.

Speaking of the rate of money supply, I'm not sure how you would keep that under control in your proposed system. You say the difficulty of the process doesn't need to be static, but how is a change in difficulty decided and how can you reliably know what the current accepted difficulty is?


I don't find this whole "spitting things into the public domain" quite that trivial. Let's say you build a p2p-broadcast kind of system that Bitcoin has. An attacker could bring up lots and lots of nodes (IP addresses aren't hard to come by) and you might end up connecting only to nodes controlled by the attacker. The attacker is then controlling your perception of the "public domain" and can - for example - filter out those incidents where he already spent a coin that he is planning on double-spending at your store. Or do you think more of a centralized system to be this "public domain"? That would simplify it, but I would also consider a centralized solution as a disadvantage.

There have been quite a few attempts at BitCoin style currencies over the years, most of them of course were not purely P2P and did not use proof of work based block chains.

One was Chaum style tokens. This used "blinding" to allow a central mint to prevent double spending without being able to track payments. It was in some sense the exact opposite of BitCoin - a central mint but nobody could see the transaction graph, whereas BitCoin has a public transaction graph with no central mint.

Another was Hal Finneys RPOW system. It's since largely fallen off the net and I don't know if Hal is still reading this forum in recent weeks. He was an early supporter of BitCoin. RPOW used proofs of work to create the coins and the central mint to track double spends ran inside a secure IBM processing unit that was able to perform remote attestation, ie, it could cryptographically prove what was running inside it.

BitCoin can do this with a scripted transaction that keeps the receiving key encrypted until the money is re-spent.  Check out the end of the BitCoin Script page.  And that way you don't have to watch continuously to see if a conflicting transaction has been published.

You can call it "orderstamping" if you'd like.

The only other thing you seem to be missing is the incredible efficiency of the bitcoin network.  In its current form the network can scale to the load of something like Visa, sends the first transaction across the globe in a split second, allows for "thin clients," and has plenty of room for optimisation and specialised over-protocols.  It's difficult for me to see how your system could be made particularly efficient without a high-performance trusted repository and order-stamper.  Otherwise the privacy becomes strictly equivalent to bitcoin (especially when you take into account bitcoin's ability for scripted transactions).

Bitcoin mining nodes have an incentive to be online all the time and to try and process transactions as fast as possible.  Any failure to do this creates a strong market incentive for someone new to set up shop.  To me the real genius of bitcoin is not just the idea but that the particular implementation, complete with asymptoting distribution curve, is economically ingenious in its incentive to participate.

Any network hoping to out-compete bitcoin will have to offer some truly innovative differences.  The only possibility I see on the horizon is a fiatcoin backed by a trusted government--and that's politically complicated.

You still need an authority to do the timestamping--it's true that having one trusted authority could replace the blockchain, and thus you could definitely have a state-issued bitcoin version that gained wide adoption and was comparatively cheap to run, provided the trust could be maintained the same way a state has to maintain trust in a physical currency.  The advantage of bitcoin is essentially just that no such trust is necessary given any significant degree of adoption.

But I don't see how transactions could remain private without a trusted repository.  It's true that a receiver would only have to publish their "proof of already spent" token in the event of seeing another spend of the same coins, but to transfer that right to the next owner they have to hand them the whole transaction history--keep in mind that since coins need to be split and combined this quickly means most users have most of the history.  And anyone in the history of a coin can force the publishing of the complete chain just by spending the coins to the general repository.  You also need some incentive for people to store this data, so I'm not sure how this would work economically.

[Some technical thoughts removed.]