Topic: BIP Draft - Instant Partial Confirmation (Read 4476 times)

The partial confirmations concept seems useful to me.

The biggest issue is how to compensate miners for participating. Although I'm not sure this is absolutely necessary if we can make the solution sufficiently light weight (ie. light on bandwidth, CPU power and RAM).

I realize that this discussion ended in disaster, but the Pay-To-Instant-Confirmation idea is something I'm pretty interested in, and I just wanted to necro the topic to see if anyone has any new ideas.

The concept is that people pay an extra fee, and their funds arrive instantly in a way that they can trust that there will eventually be 6 confirmations. This was ostensibly done with ZipConf but all of those people vanished.

Bitcoin is an attempt to more closely approach the platonic ideal of money.

Part of that is payment processing, but there are other parts, such as store-of-value and unit-of-account.  If you only see one part in isolation, you might think that it is a "product to help people make payments" and start thinking that you need to wring every last bit of efficiency out of that one part.

I had assumed you were designing a product to help people make payments. Thus, the argument should be about how one can do this most effectively (low fees, secure, etc.)

As you say, you are pursuing personal objectives instead. Sorry for misunderstanding.

Thanks for reminding me why I have you on ignore.  Not really sure why I clicked show on that post.  Probably curiosity.

Apparently, in your mind, it is "faith" when someone wants something other than what you want.  Bitcoin mining is decentralized in the sense that you don't need permission from anyone to become a miner yourself.  It may not make sense for you to do so, but no one can stop you.  Even if we end up in a world where there are only 10 miners, that system is still less centralized, in principle, than a system with 1000 miners in a cabal, or a million.

No one gives a shit what your "satire, logic and empiricism" confronts about something that we don't want.

http://en.wikipedia.org/wiki/Premise
Maybe that will help you expand your vocabulary? Or perhaps you are only capable of analyzing one premise at a time, as you did in the previous post.

Yes, your motivation is faith-based: "We are not looking for an n-entity system, no matter the value of n." I pointed that out in the previous post.

Apparently, quite a long time. Confronting faith with satire, logic, and empiricism is something I enjoy. I understand that it is usually ineffective.

You failed to understand the assumption in his hypothetical.  I've bolded it for you.

We are not looking for an n-entity system, no matter the value of n.  Even when Satoshi started out, and n was 1, we did not have and did not want a n-entity system.

What we want, and what we have, is a system where anyone can join.  It may not make economical sense for them to do so, so the system may, from time to time, have a small n value, but anyone can still join.

You've been straining to avoid understanding this simple point for about as long as you've been posting here.  How long can you keep it up?

Mike's premise: Mining is going to get centralized anyways. There will be small numbers of miners. The economics and technology of mining all point that way.


Gmaxwell's premise: With small numbers of voters, majority voting via signatures is much cheaper, faster, and more secure ("reliable") than mining.

Combining these two premises yields a conclusion. -> Ditch Mining, Adopt Majority Voting via Signatures.

Now, instead of coming to a conclusion, they turn to a faith-based approach.

Axiom: Majority voting via Signatures is wrong.

Jointly, Gmaxwell's premise and Mike's premise imply that Majority voting via Signatures is right. This contradicts the axiom that majority voting is wrong. Therefore, either Mike's premise or Gmaxewll's premise is incorrect.


Not really. For example: https://bitcointalksearch.org/topic/m.1360115

Escrow, essentially, serves the same purpose as chargeback, so it's already implemented.

That's the nature of credit. Credit cards are credit. With credit, there's always a risk that the debtor won't pay the debt. It's not really a double spend because if you chargeback, you haven't spent in the first place. A purchase with a credit card is functionally more like a promise to pay than an actual payment.

If you chargeback a merchant wrongly, the merchant will sue you. They may decide to eat the cost if they thing you're not worth going after. It is important to understand that a chargeback doesn't in any way change how much money you owe and to whom. If the purchase wasn't legitimate, you never owed anyone for it, before or after the chargeback. If the purchase was legitimate, you owed for the transaction both before and after the chargeback. The credit card company is just an intermediary for your payment to the merchant. When a credit card company accepts a chargeback, they're simply removing themselves as an intermediary in the transaction between the cardholder and the merchant.

That's right. The 2.5% or so that merchants pay is only part of the cost of credit cards. The fraud they have to eat is part of that risk too. One of the big advantages of systems like Bitcoin over credit cards is that you don't have to expose the credentials needed to authorize additional spending just to do some spending now. Eventually, that could mean that crypto-currencies become significantly cheaper than credit cards, even more than just avoiding the transaction costs would suggest. (Even if features like chargebacks are added to them!)

That's exactly what chargebacks let you do. If you obtain some goods then it is charged back, you get the money back but don't have to return the goods.

In theory this is not a problem because if you do it repeatedly you get kicked out of the system. In practice it's a huge problem because card fraud/theft is so common, so carders can obtain whatever they want and the people whose card details were stolen don't lose any money, effectively their money gets "double spent" (just the first spend was by somebody else).

You're right that VISA doesn't have a problem with double spends. The merchants who use VISA do though, which is why they invest so heavily into risk analysis and usually bump up the prices to cover card losses.

I think my point about not considering chargebacks as double spends is valid. I can't go out and spend the money on my VISA card twice. Chargebacks are an additional layer that VISA chooses to offer customers, because there's a demand for it. VISA doesn't have any problems with double spends. The fact that they offer chargebacks is a completely separate service from the actual transaction verification. We shouldn't conflate VISA-style chargebacks and a double spend vulnerability.

That being said I think the Bitcoin network works wonderfully considering its decentralized nature. I just think it would add a lot of value to have a decentralized 10-second payment system. Not that I think it's necessarily possible, but I like to play with the idea. Which is why I'm posting in this thread - to get a better understanding of what exactly is necessary for such a system to work.

I think we sometimes get stuck at designing a system that prevents unwanted activity, when it's only necessary to make unwanted activity unprofitable. Bitcoin is a great example of this. While all the hardcore cryptographers were trying to figure out a bullet-proof protocol for preventing double spends, Satoshi combined already available knowledge into a system that actually works.

Reminds me of this great Google Talk by Van Jacobson, where he describes how, back in the late 60's/early 70's, all researchers were spending their time trying to figure out how to quickly set up a physical connection between two points, for the use of electronic communication. While they were busy doing this, two guys developed the idea of a packet switched network. These ideas were ridiculed for not being "true to the cause" and a "hack".
The fact remains that a packet switched network is the basis of the Internet today. Researchers never figured out how to quickly set up a physical connection between two arbitrary points. I wouldn't be surprised if a "pure" cryptographic approach to solving the double spend problem suffers the same fate.

I think the technical issues with this proposal are minor hiccups that could easily be worked around, I don't see any point. The Finney attack is the biggest threat to accepting 0-confirmation transactions and this does nothing to reduce that threat. So reducing the threat of a conflicting transaction by miners seems kind of pointless. It's like adding another chain across the window when the door is held shut with masking tape. If we had a fix for the Finney attack, then this might be worth doing as it would address the biggest problem with accepting 0-confirmation transactions, thus making it significantly safer to do so.

I'm hardly opposed to decentralization, otherwise I'd just recommend everyone use blockchain.info as their mobile wallet instead of putting so much effort into an SPV client, right?

I think the disagreement here comes from two sources. One, prediction of the future is not casting an opinion on it. Right now there are only, what, 12 or 15 miners with most of the power? Hardly what Satoshi envisioned. Yet somehow Bitcoin functions and people are using it. When I say we may not need more than 1000 miners, I'm not saying that would be the best possible configuration, just that in practice we may not need more - Bitcoin would probably work OK.

Two, wildly differing perspectives on the cost of hardware. The cost of the equipment needed to run a node that keeps up with VISA (or beat it) has come down a lot with better calculations, optimizations to the software, etc. If in future you need a 24 core machine with 12 drives attached to it to run a full node, I don't see that as leading to centralization and therefore I don't see it as needing to be fixed, because in a world where Bitcoin was so widely used there'd be plenty of people and organizations willing to run such nodes and the cost of the hardware would have fallen a lot anyway.

BTW, one of the prime advantages of proof of work, as I see it, is there's no need for co-ordination. It may well be that 1000 nodes can achieve consensus much faster just by swapping signatures amongst themselves. However if you want to become the 1001st node (or stop being the first node) that's much harder in such a design. With PoW you just start calculating, you can join or leave the network at any time. That "robust simplicity" as Satoshi put it is a great thing.


I don't think you can say "notwithstanding chargebacks". If you don't care about chargebacks/double spends then Bitcoin settles in a few seconds, about the same speed as card payments today. And if you throw trusted hardware into the mix (like smart cards, or computers with TPM chips), you can trust you have the money instantly, as you have some confidence that the hardware holding the private keys won't allow the owner to make double spends.

Let's be clear, Bitcoin is a set of techniques to reduce the probability of people rolling back their spends and it does a very fine job of that. We can layer more techniques on top to try and push the envelope around value/speed, but those techniques don't have to be extensions of the core system. For instance you can do what the credit card system does and have deep risk analysis of customers. You can have double spend insurance. You can have double spend alerts. You can leverage secure hardware, like trusted computing does. You can experiment with networks of payment channels routers, like in Menis proposal.

Probably we'll end up with some combination of these ideas, which will mean that plenty of Bitcoin merchants accept payments instantly and in practice users don't need to wait for confirmation.

It'd be neat if somebody could find a way to converge on a global consensus much faster. The physics of message propagation throughout a large broadcast network suggest it won't be feasible for a while though.

My motivation isn't to change the Bitcoin algorithm. I started out thinking on ways to extend it, with another - optional - layer on top. Proof-of-work might not be the right way forward for fast double spend prevention though.

I'm thinking that it might be possible to leverage the fact that Bitcoin takes care of the long term double spend prevention. Ie., after an hour or so, the block chain prevents double spends. Perhaps there's some clever protocol that can utilize this feature of Bitcoin, so that it can concentrate on only preventing (with a certain probability) double spends for an hour, or so.

I'm also thinking that it doesn't need to prevent double spends with absolute certainty (not even the Bitcoin protocol can do this). We only need to know the probability of a certain transaction being double spent, and using the value of this transaction, we can charge a fee that makes it economically disadvantageous to attempt a double spend.

But this is just brainstorming for me.

I really do think that the ideas of Bitcoin replacing VISA are misguided. We should be comparing the Bitcoin network to SWIFT (with its 1-day+ settlement time) and not VISA, with its ~10-second settlement time (notwithstanding chargebacks). I don't think 10,000 transactions per second in the Bitcoin network will ever happen, when the settlement time is ~1 hour.

Currently P2pool is simpler to run than solo mining, though this is an artifact of ~no larger miners except Luke bothering to submit patches to  full node software for mining scalability.

Your opposition to long term real decentralization in Bitcoin is well established at this point.  I think as a community we need to start speaking up emphatically against these positions. I hope you will not take it personally when I do, because I have great respect for you no matter how much I disagree with you on this subject.

If Bitcoin were only to have 1000 distinct non-trivial mining entities then I believe Bitcoin would be worse than pointless.  With so few entities having a veto over the validity of transactions it would be substantially more centralized than any of the largely existing widely used currencies— as there are are far more bank like entities than that for any major currency, and unlike bitcoin other currencies have cash transactions which are more reversal resistant. The cost and complexity of bitcoin is not justified if it doesn't provide a solid advantage over highly trust centric (semi-)centralized systems like the USD.

From a technical perspective: If you were only to have 1000 entities the Bitcoin consensus algorithm is fundamentally wrong:  The stochastic POW chain consensus provides slow and unpredictable eventual consensus. A consensus of 1000 entities can be accomplished far more inexpensively, rapidly, and reliably by identify them and using a majority vote with digital signatures. There are places for systems with this kind of security property, and they are the sorts of things OpenTransactions seek to create (potentially ones with much better scalability than the broadcast based Bitcoin system).

It would certainly be nice if there existed a global, thoroughly distributed, cheaply validated, medium of exchange which could enable trade between distinct scalable and fast confirming federated systems... but it won't be so if Bitcoin tries to become everything to everyone with forcing users through services providers and limiting miners to those who can handle gigabits of bandwidth for multigigabyte blocks.

Fast provably strong confirmations are not something the Bitcoin consensus algorithm can do without sacrificing the things that make Bitcoin worth having and we shouldn't be afraid to admit this.

I also think that pools will become less prominent in future. If the ASIC transition really does happen then non-serious miners (the type who use live cds) will get kicked out and the only miners left will be those who treat it as an actual business. If you've invested heavily into specialized equipment then mining solo against your own bitcoind isn't such a big deal. If you represent 0.1% of the networks hash power then you'd get a block every 10 days or so - hardly eye-bleeding variance risk given the time and effort it took to set up your mining farm.

Also, as mining gets more and more competitive (today it isn't), fees levied by pool operators would become a bigger burden. In theory mining should be a close to marginal business given the relatively low barriers to entry. P2Pool does not charge fees, and it may well survive a lot longer, but again - there's a certain simplicity to just mining solo that may be appealing for large-ish miners, and I think eventually all miners will be somewhat large. I doubt we actually need more than 1000 distinct miners as long as they're distributed around the globe.

Well, yeah. None of this solves the underlying problem that zero-confirmation transactions shouldn't be used for anything valuable and/or irrevocable because of the Finney attack. The only problem this helps solve is the enforcement of ethics if you want to use a specific pool.

It doesn't really.

The expectation of solo mining is the same as pooled mining. If you'd like to split off and try to mine a conflicting transaction you can and you won't lose any coin on average— you'll even gain if the conflict has higher fees.

Not as far as I know. My post was in reference to the other idea in this thread where they would be forced to include transactions.