Topic: [ANNOUNCE] The Proposal for EnCoin - page 7. (Read 9439 times)

I always meant anonymity in IP->wallet terms. In Bitcoin, it is very difficult to tell if a transaction originated from the peer that just sent it to you or somewhere else, because all peers spread all data. A huge waste of network resources and terribly unscalable. Since, in the design proposal for EnCoin, peers (as opposed to freenet peers) do not need all data, peers only need to send transactions or request data that matter to themselves. It later occurred to me that "the cloud" in concept (sec. 9-2) could be used so that it is much less trivial to associate a wallet with an IP address without putting an additional, unnecessary load on freenet peers. Still working on whether or not that association is impossible or is at least at the same level as bitcoin's.


The scenario I talked about was if a freenet peer tries doing it by subverting reputation. What if a regular peer tries doing it? At this point, encoin basically silently prevents it as well. However, the potential fraud victim will never even know, which is a benefit over bitcoin. I'm not sure how the bitcoin client handles receiving a second transaction using the same coins after it has already put up a "0/confirmations". Does it just ignore it? Probably. With Encoin, no fraud could ever be committed because the receiver will never get any knowledge (unless they are in a freenet) until the transaction is irreversible. This "fraud" could happen accidentally if the peer tried sending money from another computer (or phone or whatever) before requesting a balance update.


I don't know if you want me to respond to any of this or if you're just rehashing what bitcoin does for my/everyone's benefit. What EnCoin does, in essence, is "block locks" once per day.


Ok, that's fine, but if you want to discuss one of those specific issues, why not bring up those specific issues instead of calling me out on encompassing them all into one terrible term? What productive use does it serve? It is not an important issue at this point. This proposal is not written for the masses, it is written for the people that understand how bitcoin works. It says so in the first page.


Bring up an issue, argue why or why it isn't good and how it benefits or may harm the network. It's that simple. Arguing that minting coins doesn't "secure" the network, it "keeps the network running" is starting to get incredibly pedantic.


No, the honest peers who run the network do. (at least in encoin) And there is no better way to provide a reputation system that is implemented by computer and consensus that is EASY TO PROVE and DIFFICULT and TIME-CONSUMING and COSTS REAL MONEY. Why not use the system that already exists and charge the users of the network a tiny fee to ensure that these peers have incentive to keep doing it?


Ok, what? Are the exchanges going to agree or not? What in god's green earth are you trying to say, because it sure as hell isn't making sense to me. Someone makes a fork, therefore it forks the chain? Are you saying that there is a danger of someone forking and making the currency useless? Because I can make arguments against that point. I can't make arguments against paragraphs of words bandied about that may or may not mean anything--but it assures me it does if I analyze it completely.


.......................................

The bitcoin checkpoints only lock history for history that is many thousands of blocks in the past. Preventing "double spending" is impossible in bitcoin, at least with its current design. Exchanges will take it just like everyone else because that is the way bitcoin is designed. Exchanges won't agree to a history modification because they should have the newest "block lock."

It sounds like what you're saying is that the only way to have a cohesive network is to have a central authority (whether that's trusted programmers or exchanges depends on which paragraph I read). I don't know if you're saying this from the point of view of bitcoin or encoin or both because I can't apparently analyze too well. But since encoin actually has no "block chain" per se, and it "block locks" once per day without requiring programmer intervention nor a central authority to agree on that block lock, there is no parallel to draw here between the two networks.

If you would like to bring up a SPECIFIC SCENARIO, I will be happy to tell you why it won't work, or I will be happy to agree that it's possible and I will think of a way to fix it and will thank you for pointing out a flaw in my design.

Otherwise, I am getting tired of this runaround with a whole lot of words but very little actual discussion.

I am really striving to understand your concept. I understand your goals. First a little background so you can reinterpret my previous posts as well as interpret the ones which will follow.

I have great respect for all of the detailed thought that went into bitcoin. I analyzed the bitcoin white paper, read the code tried to poke holes in everything. When I saw potential exploits I pointed them out to satoshi. We worked through his existing defenses, generally he proved correct. But hashing out the logic increased our trust in both the algorithms and implementation.

Note, I was probably the first to clarify bitcoin's lack of anonymity. Not because of IP addresses recording, in bitcoin's case. But because every transaction since the beginning of time is stored in a directed acyclic graph. That makes it almost trivially easy to coordinate "accounts" owned by the same human. Someone published a paper investigating the recent bitcoin thefts using exactly the mechanisms I posted about a year ago.

Notice I say accounts in quotes above. That is because bitcoin's block chain doesn't contain an entity called "account". It only has transaction in-points and out-points. Each out-point is associated either with either a public key, or the hash of a public key. This public key hash is what is commonly called a bitcoin account. Bitcoin's block list does not sum or track account balances in any way.

You propose to change that. You, in each primary block, propose to record account balances rather than transactions. That decision has many consequences that need to be analyzed. However, the "balance sheets" concept was proposed over a year ago on this site. That thread should be reviewed. In a very important sense balance sheets improves anonymity. I really like that. You however claimed EnCoin cares little about anonymity. I'm still searching for the necessity of this.

There are interesting advantages to the way bitcoin's DAG works. One of the most important being, it makes it trivial to identify maliciously attempted double spends. Out-points don't keep a running balance. They are single use. All coins must be used in one and only one subsequent in-point. No other party can attempt to forge a transaction. The "account" owner must deliberately create two transactions which cannot simultaneously be valid under ANY circumstances. It cannot be done accidentally. This is called "fraud". This is different from banking where you might be acceptably or unacceptably "overdrawn".

This fraud was what I proposed detecting when I shouted STUPID and IRRESPONSIBLE. I was referencing the fact that bitcoin detects fraud attempts, but it *silently* prevents them. It doesn't notify anyone of the instance of a fraud attempted, nor of its perpetrator. This is a stupid and irresponsible policy decision. That mistake should not be repeated.

On security:

In bitcoin, theft through forgery, is prevented by cryptography, not any form of plurality.
In bitcoin, fraud via double spending of out-points, is prevented by DAG validation rules and procedures, not any form of plurality.
In bitcoin, there is one, and only one, transaction DAG. For a transaction to be "confirmed" there must be an absolutely immutable 100% consensus our shared history. If the transaction doesn't validate in the DAG it never happened. In bitcoin, the DAG is encapsulated inside the block chain.
In bitcoin, this 100% consensus is not created by any form of plurality. It is created, and mandated, by random chance. This random selection is implemented by the proof-of-work procedure. (Who solves the proof is stochastic. But existence of a valid proof makes acceptance mandatory.) Many, much more efficient, procedures for mandating consensus could have been implemented.
In bitcoin, theft via history modification, is prevented by protecting the block chain using a "hash chain". This is a common technique used to protect shared histories like digital notarization records. This protection does not require a proof-of-work.

In bitcoin, theft via history substitution, is prevented by careful monitoring of  the working end of the hash chain. Originally, this task was trusted to a mathematical function. In cases where two equally valid block chains exist, either by accident or by deliberate subversion, this function mandated which chain must be accepted as our shared 100% consensus on history. No form of plurality agreement was involved.

This function takes the combined proof-of-work effort and chain length as parameters. It then decides which chain required the most effort to construct. This function is well known, but its dynamics are often misunderstood. It is also important to know that,

THIS FUNCTION PROVED INSUFFICIENT FOR PERMANENT PROTECTION.

Bitcoin programmers, by programmer consensus, began adding "block locks" into each client's block chain validation procedures. This programmer consensus overrides the above function in any case where the function might attempt to switch to a non-programmer-blessed history. This has been commonly accepted as "a good thing". I concur.

Notice that none of the proof-of-work effort prior to the most recent programmer block lock, provides any protection from a history modification attack. The hash chain alone provides perfect protection. That means all of historical POW effort and electrical consumption was made moot, by a single line of code, created by a plurality of *trusted* programmers.

That should serve as our definition of "Trust". Someone is trusted if they get to participate in locking down our shared history. Trusted peers guarantee that confirmed transactions stay confirmed.

In a sense, all of the words I used above—theft, forgery, fraud, history modification, history substitution—are all "security". But using the same name for all of them conflates multiple distinct topics and makes specific targeted discussion baffling.

---

I have tried to discuss each of these specific areas in previous posts. In variably, every reply became miners/peers/trustnets/freenets have to keep actively mining in order to provide security.

I understand the conflated sense of why you keep saying this. But I think you are wrong for very specific reasons. I can't convey these reasons unless we accept a more specific vocabulary.

In bitcoin's case, the proof-of-work-summation-function provides most of its actual utility for about an hour. If history more than a hour old changes, something catastrophic most likely happened. Humans SHOULD be alerted prior to accepting the results.

---

That means all of bitcoin's electrical consumption does two things:

1) It makes about six history substitution decisions each hour to resolve minor network splits.
2) It serves as a weighted random number generator, for periodic bitcoin awards.

The periodic bitcoin awards serve to provide incentive for non-transacting people to keep clients running. Thus your argument that mining provides incentivizes network continuity. I agree with that. But mining clearly does not provide any additional protection from theft, forgery, fraud, or history modification.

It also begs the question of whether other have enough incentive to provide network continuity absent mining rewards. I would argue they do. The primary examples of this are the bitcoin exchanges. Their whole business depends on bitcoin continuity and security. If there were no more mining awards, they would continue to provide bitcoin network continuity.

In effect the exchanges represent the dreaded "center" of the bitcoin network. It makes zero sense for them to transact on two branches of a single chain. it also makes zero sense for different exchanges to trade on different branches of a single chain. They must cooperate to stay on the same fork. Everyone else will follow them out of necessity.

So in summation, if someone mounts a history substitution attack via 51% (or even 99%) of the CPU power, that attack only succeeds if the exchanges consent to the history substitution. Note that, only exchanges get a vote, and they must come to 100% consensus out of self-interest. Everyone else must follow. So, by my definition above, bitcoin exchanges are the only "trusted" peers in the bitcoin network.

If you analyze it completely you will see the same relationship will hold true for EnCoin. No matter what your total reputation count, if the exchanges dont agree, you lose. If you attempt to continue the other branch, you have created a NewCoin a currency already pre-distributed to prior EnCoin owners. If an exchange starts, the EnCoin humans will simply cash out their free NewCoins taking every dollar needed to incentivize NewCoin miners.

I didn't mean to needlessly repeat myself or use the exact definition you used--I seem to be doing like 16 things at once these days and my attention was divided. Sorry for that.

You have to take in a few factors:

1) I am coming from a Bitcoin mindset where the only word used is security. I am trying to separate myself from that, but it is not easy. Dependability and continuity are not aspects that are often discussed about Bitcoin.
2) I am not writing a white paper, I am writing ideas down on electric ink and this is only the 3rd revision. Comments are obviously expressly welcome, but I did not realize that there were like 8 different posts between us on this issue because of a clash of interpretation on the word security.
3) I wrote this 24 page proposal in a matter of two days. So please, cut me some slack.

I'll be reading through your comments in a few. I've uploaded a new version that seriously tones down the bitcoin hate as it was pretty unprofessional, though I thought it was funny. It also adds a new Q&A and fixes a few minor errors.

*Needlessly Ranting* Hoping you will change your ways

If you are Chinese and started learning English just yesterday maybe you would think so. But in reality, it just makes people think you are clueless about the subject matter. And it explains why you can't understand a fucking thing I'm saying.

It's like saying, "The federal reserve has been providing security since 1914."
When you mean "The federal reserve has been operating continuously since 1914."

Or like saying, "I have security guy that always goes when I head out to party."
When you mean,"I have a dependable friend who always goes when I head out to party."

Rationalize them all you want, but they don't have the same connotations. I would forgive you if your native language was Thai. (I can't even attempt to speak that.) But your native language seems to be English.

I won't forgive you being deliberately obtuse just to waste my time.

I've sent you comments on the first three pages. Before you ask me to read it again, ask someone who doesn't already understand your idea to read it. Then assume every question they ask you is one I'll have.

se·cu·ri·tyNoun/siˈkyo͝oritē/
1. The state of being free from danger or threat.

I think that covers all three. And yes, it means all three. Stealing coins is a threat and reliability is an even bigger threat because if the network stops your coins are worthless (same as stealing).


Not at all.

I haven't read the new version yet, but I plan to. I really want to continue our discussion, but if I don't clear one thing up my head will explode.

You seem to be using the word "security" in ambiguous ways that are driving me crazy. On many occasions it seems you are using the word "security" to mean "continuity". Occasionally, you seem to use it to mean "dependability".

Security: the state of being free from danger or threat.
Continuity: the unbroken and consistent existence or operation of something over a period of time.
Dependability: trustworthiness and reliability.

I tend to interpret EnCoin security to mean, nobody can steal my coins.
EnCoin dependability means, it's always there and works when I need it.
EnCoin continuity means, the network as a whole goes on forever. It will never disappear taking all my coins with it.

Before I start reading, please tell me we are using the same language.

---

OK, I'm reading now. I'd like to make inline suggestion about the parts I find confusing, but think I now understand. I don't really want to clutter up this thread with those. Would that horribly offend you?

PLEASE SEE REV4: https://bitcointalksearch.org/topic/encoin-proposal-v40-scads-of-technical-details-now-with-a-wiki-49683

Since this version is completely revised and much more professional (except for section 12) and it has incorporated much of the discussion from the previous thread, I have created a new thread so that the discussion focuses on the new proposal and does not get lost in the mix.

The primary goals of EnCoin are as follows:

•   To maintain a relatively stable cost point where 1 ENC requires about 10kWh of electricity to produce.
•   To maintain a relatively stable exchange point where the effects of price inflation or deflation are smoothed out by economic and monetary policy.
•   To provide a stable currency that merchants can rely on in both value and security.
•   To use smaller, decentralized hubs that support themselves rather than relying on large pools of computational resources.
•   To make use of a reputation system so that the EnCoin Network is not vulnerable to a 51% computational attack or network subversion attack.

Document: http://www.mediafire.com/file/ghmb81e79msy63a/EnCoin%20Proposal%203.0.1.rtf
Pastebin: http://pastebin.ca/2085821   (lol the real pastebin took down my submission, they must work for bitcoin)
google docs: https://docs.google.com/document/pub?id=1voi9j2kNgwdh0Y56r-9zSC5Bv6tOWwJ4X1OiBvFUAw4

I highly recommend downloading the document so that the formatting is preserved.

IRC: irc.freenode.net #encoin

The previous thread can be found here: https://bitcointalksearch.org/topic/announce-encoin-an-alternative-with-a-completely-different-paradigm-44682