Pages:
Author

Topic: Blockchain = Powerful Tool for Keynesian Monetary Policy (Read 11489 times)

legendary
Activity: 1050
Merit: 1003
I think the answer is that there is no known rule besides full centralization. If there was one, we would be working on it already.
I already presented one possible rule: follow the market equilibrium and reject blocks that deviate too much. And what makes you think noone is working on it?
Link to evidence that work is being done on this topic. It is not trivial to estimate market equilibrium.

Otherwise, explain how secrecy helps to improve the quality of this work. Or, if secrecy doesn't help with quality, explain how secrecy helps the author to achieve some other aim.

If not, then I think it's reasonable to assume that said work doesn't exist as of now. I also doubt that such highly doubt that such work will exist in the future.
donator
Activity: 544
Merit: 500
If there is a good rule like this, why wait until the attack occurs to introduce it?
You're absolutely right. This should be implemented sooner rather than later.

I think the answer is that there is no known rule besides full centralization. If there was one, we would be working on it already.
I already presented one possible rule: follow the market equilibrium and reject blocks that deviate too much. And what makes you think noone is working on it?
newbie
Activity: 56
Merit: 0
You referred to me having some vague but wicked Keynesian plan. This is baseless speculation. My plans are explicit and public (see wiki). They are not Keynesian plans. Read them. Your speculations are completely unjustifiable. If you don't want to hear 'random remarks' about what my plans are, then do not spread false rumors.
First of all, look at the title of this thread, which you wrote yourself. Second of all, you made several comments in the past where you said that this or that person need to be forced to behave this or that way. You bitch all the time about "libertarians". This type of thinking permeates through your anti-libertarian pro-statist ramblings.

Even though I consider myself an anti-statist, I typically go at great lengths to not formulate my arguments in a way that their validity depends on the hatred of the state.

Many of your arguments, however, fail on this neutrality. Their validity pre-supposes that the activities of the state are economically beneficial or at least ethically permissible. Your very first sentence in this thread is

Recall that the purpose of money printing is to encourage or discourage spending.

This is keynesian pseudoscience, akin to the argument that the purpose of blood letting is to cure disease.

Similarly, your last paragraph in the original post

I am kind of confused why we still operate with dollars. Central bankers should start issuing dollars and euros this way. Or they could just adopt bitcoin. It would make their lives so much simpler.

indicates that you approve of this.

You (Peter) completely destroyed cunicula and his FUD here.  Well done.
legendary
Activity: 1050
Merit: 1003

I meant best in a way that included the network effect, not in a moral or technical sense. Substitute 'most effective' there. On a side note, I think you're not realizing that a 51% attack like you describe would be a simple denial of service from all of the current software clients perspective. The user experience WOULD be disrupted and users would have to choose what to do if anything. The no-op choice would be have unspendable coins.

Not necessarily. Ultimately, the users just have to attach larger fees to their txns. This won't be unusual at all. Remember the plan is to jack up fees progressively as the block reward falls. It is not a disruptive change if the fee increases somewhat more rapidly than the initial plan.  A wise monopolist would introduce his fees gradually. He might even allow no-fee txns at first and just increase their delay in entering blocks over time. There is no need for any discontinuity from the end users' perspective.

Anyways, if there was still block reward you can just start by not screwing with fees at all and simply expropriating other miners. This does not affect users in any way, but could be highly profitable.

Compare these changes to finding a new client to download and starting to use coins that are not accepted anywhere.

Finally, you are still ignoring that attacks are not harmful to users under PoS. This perhaps even more important than the fact that PoS makes attacks more expensive to pull off. (Of course the two facts are related)
sr. member
Activity: 283
Merit: 250
Whoever did the best job of this would win, and that COULD be the monopolist.

This is not true. You are pretending that the best man wins. That is not how network effects work.
Whether you win depends on two things: 1) How large your network is to start with. 2) How good of a job you do.

The monopolist starts with the whole network. That is a tremendous advantage. His implementation can suck ass and he will still win. Just like paypal is winning right now.
Suppose that most bitcoin users were like the guys who use paypal now? Do you think they would lift a finger to thwart the monopolist? No they would just be like: "Bitcoin fees went up by 1%. That sucks. Oh well."

There is another, unrelated point that you are ignoring. Under PoW, an attack makes the userbase worse off. It is essentially expropriation.

Under PoS, an attack makes the average user better off. What does an attack look like under PoS? It looks like a fucking tsunami of a bid wall on Mt.Gox.
The attacker can only succeed if the majority of coin owners find it profitable to sell to him. The attacker can't possibly profit here. He has to have some special motivation (e.g. he is a government, or he thinks that coin is grossly undervalued at its current price). Under PoS, users profit from an attack. Under PoW, attack is a complete disaster.

What the hell is the point of the consensus system anyway? Isn't it just to help protect the user base from financial loss. PoS does that extremely effectively, regardless of whether it succeeds or fails.




I meant best in a way that included the network effect, not in a moral or technical sense. Substitute 'most effective' there. On a side note, I think you're not realizing that a 51% attack like you describe would be a simple denial of service from all of the current software clients perspective. The user experience WOULD be disrupted and users would have to choose what to do if anything. The no-op choice would be have unspendable coins.
legendary
Activity: 1050
Merit: 1003
Whoever did the best job of this would win, and that COULD be the monopolist.

This is not true. You are pretending that the best man wins. That is not how network effects work.
Whether you win depends on two things: 1) How large your network is to start with. 2) How good of a job you do.

The monopolist starts with the whole network. That is a tremendous advantage. His implementation can suck ass and he will still win. Just like paypal is winning right now.
Suppose that most bitcoin users were like the guys who use paypal now? Do you think they would lift a finger to thwart the monopolist? No they would just be like: "Bitcoin fees went up by 1%. That sucks. Oh well."

There is another, unrelated point that you are ignoring. Under PoW, an attack makes the userbase worse off. It is essentially expropriation.

Under PoS, an attack makes the average user better off. What does an attack look like under PoS? It looks like a fucking tsunami of a bid wall on Mt.Gox.
The attacker can only succeed if the majority of coin owners find it profitable to sell to him. The attacker can't possibly profit here. He has to have some special motivation (e.g. he is a government, or he thinks that coin is grossly undervalued at its current price). Under PoS, users profit from an attack. Under PoW, attack is a complete disaster.

What the hell is the point of the consensus system anyway? Isn't it just to help protect the user base from financial loss. PoS does that extremely effectively, regardless of whether it succeeds or fails.


sr. member
Activity: 283
Merit: 250
If the PoW monopolist can comply with the new rule, and either achieve his objective or effectively sabotage the network, then the new rule can't work. If you don't make the 'new concrete' rule explicit, there is no way of knowing whether such a rule is possible or not.

If there is a good rule like this, why wait until the attack occurs to introduce it? I think the answer is that there is no such good rule.  

Your own PoS system is an example of one such rule. The reason to wait is that you have to have a migration of trust to enact such a rule in a distributed, non-auto-updating system. Things like PPCoin/Litecoin/whatever may indeed have good ideas that are marginally or even significantly better than bitcoin, but the network effect is what matters most in any discussion of shared value, and bitcoin is what wins there for cryptocurrencies currently.

Additionally, I doubt that there is 'THE' rule. I view this as more of an arms-race kind of thing, where there's arms-racing within a ruleset (e.g. building of PoW, or PoS), and there's the meta-arms race of building and breaking rulesets.

-bgc

Okay, suppose there was an attack. It was suddenly announced that bitcoin was shifting to a rule, suppose that is my own PoS system. How many people do you think would side with the attacker who was legitimately using PoW? How many people do you think would adopt my PoS system? How many people would adopt some third alternative consensus system? How many people would adopt full centralization using Gavin Andresen's client as a Solidcoin-style "trust node"?

Each of these different systems would create winners and losers. For example, PoW miners lose almost everything from a system like mine. Their claims on rewards would be completely expropriated.  

Suppose the monopolist just rules with a light touch and buys off some of his opponents. For example, he can share proceeds with any miners that comply with his rules. The miners will actually benefit from the monopolist's cartel enforcement. Just like the monopolist they will prefer the new monopoly regime to the old competitive regime. Why should they voluntarily shift to a chain that doesn't enforce a cartel arrangement? (It would be equivalent to leaving OPEC just because Saudi Arabia controls OPEC. )

Clearly the new chain can't work based on PoW. It has to do something else. What is that? How could you get people to agree on it?

I do not share your optimism. A successful response to a crisis situation seems implausible. I see something more like civil war. There will be the legitimate monopolist chain and a bunch of small rebel chains that aren't worth much.

Such a crisis is an obvious time for someone to make a decent amount of money. In such a case, the monopolist and other competing derivative chains are making bids based on their implementation (even the 51% based 1% tax is implementation based, as the miner implementation would be what is forcing it). These bids are for the network to operate outside the parameters it used to, in exchange for some kind of continuity of value. Whoever did the best job of this would win, and that COULD be the monopolist. I see nothing confusing about that or even particularly optimistic. I'm just saying that a 51% monopolist would motivate me to make and/or find a competing implementation, and that perhaps others who appreciate the lack of unconstrained central control would be motivated in a similar way.
legendary
Activity: 1050
Merit: 1003
If the PoW monopolist can comply with the new rule, and either achieve his objective or effectively sabotage the network, then the new rule can't work. If you don't make the 'new concrete' rule explicit, there is no way of knowing whether such a rule is possible or not.

If there is a good rule like this, why wait until the attack occurs to introduce it? I think the answer is that there is no such good rule.  

Your own PoS system is an example of one such rule. The reason to wait is that you have to have a migration of trust to enact such a rule in a distributed, non-auto-updating system. Things like PPCoin/Litecoin/whatever may indeed have good ideas that are marginally or even significantly better than bitcoin, but the network effect is what matters most in any discussion of shared value, and bitcoin is what wins there for cryptocurrencies currently.

Additionally, I doubt that there is 'THE' rule. I view this as more of an arms-race kind of thing, where there's arms-racing within a ruleset (e.g. building of PoW, or PoS), and there's the meta-arms race of building and breaking rulesets.

-bgc

Okay, suppose there was an attack. It was suddenly announced that bitcoin was shifting to a rule, suppose that is my own PoS system. How many people do you think would side with the attacker who was legitimately using PoW? How many people do you think would adopt my PoS system? How many people would adopt some third alternative consensus system? How many people would adopt full centralization using Gavin Andresen's client as a Solidcoin-style "trust node"?

Each of these different systems would create winners and losers. For example, PoW miners lose almost everything from a system like mine. Their claims on rewards would be completely expropriated.  

Suppose the monopolist just rules with a light touch and buys off some of his opponents. For example, he can share proceeds with any miners that comply with his rules. The miners will actually benefit from the monopolist's cartel enforcement. Just like the monopolist they will prefer the new monopoly regime to the old competitive regime. Why should they voluntarily shift to a chain that doesn't enforce a cartel arrangement? (It would be equivalent to leaving OPEC just because Saudi Arabia controls OPEC. )

Clearly the new chain can't work based on PoW. It has to do something else. What is that? How could you get people to agree on it?

I do not share your optimism. A successful response to a crisis situation seems implausible. I see something more like civil war. There will be the legitimate monopolist chain and a bunch of small rebel chains that aren't worth much.






sr. member
Activity: 283
Merit: 250
If the PoW monopolist can comply with the new rule, and either achieve his objective or effectively sabotage the network, then the new rule can't work. If you don't make the 'new concrete' rule explicit, there is no way of knowing whether such a rule is possible or not.

If there is a good rule like this, why wait until the attack occurs to introduce it? I think the answer is that there is no such good rule. 

Your own PoS system is an example of one such rule. The reason to wait is that you have to have a migration of trust to enact such a rule in a distributed, non-auto-updating system. Things like PPCoin/Litecoin/whatever may indeed have good ideas that are marginally or even significantly better than bitcoin, but the network effect is what matters most in any discussion of shared value, and bitcoin is what wins there for cryptocurrencies currently.

Additionally, I doubt that there is 'THE' rule. I view this as more of an arms-race kind of thing, where there's arms-racing within a ruleset (e.g. building of PoW, or PoS), and there's the meta-arms race of building and breaking rulesets.

-bgc
legendary
Activity: 1050
Merit: 1003
In the event of a 51% attack as you outline, there would probably be a blockchain forking, the 'old' or 'real' bitcoin chain would keep the same rules but have the meta-rule of transaction fee requirements to the PoW monopolist. The 'new' blockchain fork would have some new concrete rule that would work against the simple PoW monopoly attack. In this case, the exchange rate for the new blockchain would likely be 1/20th of whatever the rate at the time of the attack was, but it would retain the upside potential that the 'old' chain lost in the monopoly attack and after proving itself viable to attack for another 2-3 years, would most likely acquire similar or even greater exchange rate viability than the current bitcoin network.

If there is a good rule like this, why wait until the attack occurs to introduce it? I think the answer is that there is no known rule besides full centralization. If there was one, we would be working on it already.






sr. member
Activity: 283
Merit: 250


Yes, bitcoin users would have to be complicit. True. The problem is that if 50% are complicit and the other 50% just refuse to send coins out of protest, the attacker still makes money. It makes sense to be complicit if you care primarily about your own personal welfare. I think we have a different worldview. I was under the impression that most of the community is selfish.

Watch the protesters break ranks as the exchange rate tanks. (sounds like a fitting rhyme, for my signature line, what do you think?)
[/quote]

I believe everyone acts selfishly, so while I am sure we have different worldviews, thats not a point of difference for us. Here, I think we disagree on how to maximize our personal gain in the event of a 51% attack. For me, my money in bitcoins is half speculative investment and half aiming towards time-value-of-money benefit for recurring costs like cell phone bills, etc. In the event of a significant drop in exchange rates I would simply not spend bitcoins and use dollars instead. Bitcoins have 100% downside potential and probably 100,000% upside potential, and I treat them exactly like I would any other investment with those properties, with the added strange liquidity of being able to sell them for goods and trade fractional amounts.

In the event of a 51% attack as you outline, there would probably be a blockchain forking, the 'old' or 'real' bitcoin chain would keep the same rules but have the meta-rule of transaction fee requirements to the PoW monopolist. The 'new' blockchain fork would have some new concrete rule that would work against the simple PoW monopoly attack. In this case, the exchange rate for the new blockchain would likely be 1/20th of whatever the rate at the time of the attack was, but it would retain the upside potential that the 'old' chain lost in the monopoly attack and after proving itself viable to attack for another 2-3 years, would most likely acquire similar or even greater exchange rate viability than the current bitcoin network.

Bitcoin at the conceptual level is a transparent network of trust exchange. Past history doesn't lose its value because of present difficulty. The data in the blockchain can and most likely will support iterations of attack/defense wargaming when/if it ever becomes big enough for powerful people and institutions to feel truly threatened.

-bgc
legendary
Activity: 1050
Merit: 1003
cunicula: having 51% doesn't imply they can make a 1% tax on all sends. They could enforce it by not including transactions with a fee less than that, but that would have the net effect of blocking transactions that didn't conform rather than keeping activity as normal and adding a fee on top of it. In other words, they would have to be very explicit about what they were doing, and we users of bitcoin would have to be complicit in accepting this new tyranny. I think we wouldn't be, and this is one case where if it happened, blockchain activity would be interrupted and we would be forced to add on something like a proof of stake or checkpointing or web of trust block publishing approach. I don't think value of bitcoin would go to 0 in this case, and I think any serious analyst of bitcoin views this exact sequence of events as likely sometime in the next 5 years of bitcoin's evolution.

As far as the thread title go, great trolling. You're a confusing dude, I had thought you were mostly a troll until I read your PoS proposal.

-bgc

Yes, bitcoin users would have to be complicit. True. The problem is that if 50% are complicit and the other 50% just refuse to send coins out of protest, the attacker still makes money. It makes sense to be complicit if you care primarily about your own personal welfare. I think we have a different worldview. I was under the impression that most of the community is selfish.

Watch the protesters break ranks as the exchange rate tanks. (sounds like a fitting rhyme, for my signature line, what do you think?)
sr. member
Activity: 283
Merit: 250
cunicula: having 51% doesn't imply they can make a 1% tax on all sends. They could enforce it by not including transactions with a fee less than that, but that would have the net effect of blocking transactions that didn't conform rather than keeping activity as normal and adding a fee on top of it. In other words, they would have to be very explicit about what they were doing, and we users of bitcoin would have to be complicit in accepting this new tyranny. I think we wouldn't be, and this is one case where if it happened, blockchain activity would be interrupted and we would be forced to add on something like a proof of stake or checkpointing or web of trust block publishing approach. I don't think value of bitcoin would go to 0 in this case, and I think any serious analyst of bitcoin views this exact sequence of events as likely sometime in the next 5 years of bitcoin's evolution.

As far as the thread title go, great trolling. You're a confusing dude, I had thought you were mostly a troll until I read your PoS proposal.

-bgc
legendary
Activity: 1050
Merit: 1003
Perhaps in that case the issue is that you are too much of a defeatist. You think, "well, all this crap will happen anyway, so let's just let it and figure out what to do when it does," while others thing, "all this crap has a damn good chance of happening, so let's figure out what we can do to prevent it in the first place." Very subtle difference.

Ah, but I am telling you what should be done. You just don't want to listen because it is unpleasant to hear.
I'm not promising that it will work against any possible opponent because I am not a snake-oil salesmen.

Consider BFL for a moment.

They claim to be able to construct "mini-rig SC" that has a 1.5 Terahash output. They plan to sell these at retail for USD $30,000. I would guess that the marginal cost of each unit is at most USD $10,000. Most of the expenses are all the R&D and prototyping that needs to be done to manufacture the first unit. Once those steps are complete manufacturing costs will be very low.

What does this imply? It means that after they have a working prototype, BFL will have a lot of power over bitcoin and strong incentives to expropriate bitcoin owners.

They could decide to pump out 20 of their units at a cost of about USD$200,000. That $200k will be enough to 51% the bitcoin network. Say they do this and use their power to implement a 1% tax on all txn inputs.

Now, you will say that doesn't matter. If bitcoin gets 51%'d then bitcoin's value will drop to 0 instantly. Are you sure, what if there is a 2% chance that value only drops to $5 and a 98% chance that it drops to 0.

Okay so now consider the scenario where bitcoins are worth $5. Total output volume is over 1 million BTC. So BFL could earn 10000 BTC a day doing this. And that is on top of the 3600 BTC a day they would earned through mining. With our new value of $5 that is USD$68,000 a day in revenue.
Say then keep this up for 1 year. Will they want to 51% bitcoin? Yes.

Their expected profit will be 0.98*(-200,000)+0.02*(-200,000+68,000*365)=USD$296400. That is a 150% expected ROI. Not bad. And this is assuming a 98% chance of complete and total loss.

Now, you will say that doesn't matter. BFL can earn more from selling rigs. I agree completely. But they don't have to pick one or the other. They can have their cake and eat their 51% attack too. They can sell $2 million dollars in rigs. If they do this, then they will be able to produce rigs en masse. As they expand production, marginal costs will fall certainly fall below $10k per rig. Let's say they drop to $5k per rig. Now BFL made a bunch of money from selling rigs. However the market is saturated. Mining is not profitable. What should BFL do to turn a profit now? They certainly can't sell any more rigs. A 51% attack of course.

If they have sold $2 million worth of rigs at retail, then the aggregate hashing power will grow to at most 125 Terahash. To take over, BFL will need to make 83 rigs for themselves to operate. At the reduced marginal cost, this will require USD$415,000 of investment. Use the scenario from above. Should BFL 51% the network?

Their expected profit will be 0.98*(-415,000)+0.02*(-415,000+68,000*365)=USD$81,400. A 19.6% ROI, not eye-popping but still worthwhile. And this is assuming a 98% chance of complete and total loss.

What do we learn from this? If we think there is even a very small probability that bitcoin will retain positive value after it gets 51%'d, then greedy hardware manufacturers should 51% it. Is it reasonable to think that bitcoin will retain positive value? Sure. You yourself said that 51% PoW attacks are reversible. If so, bitcoin price dropping to 0 will be a superb opportunity to buy up cheap coins for you. Think of it, USD$0.10 bitcoins.  Wouldn't you be a fool not to buy them? Even if you don't won't someone else? A year later when the 51% issue is fixed, you could be a rich man. (Of course you will have helped BFL get rich in the process)

Well, if instead we use the scenario that a 51% attack causes bitcoin price to drop to USD$0.10 with certainty, all the numbers are exactly the same as before. Attacks are still profitable.

Maybe BFL are altruistic. Fine. Maybe they are. The convicted felon CEO who defrauded the elderly out of millions of dollars may have turned around. It is certainly possible. This isn't a one time thing though. Will the next hardware innovators be good guys to? What if they are a state-owned company in China? Do you know how amoral those guys are. They seize children from their poor families for sale on international adoption markets. No joke. Do you think they will bat an eye at expropriating bitcoin owners in the US? Do you think the US gov't will care if this happens. I sure don't. You should also keep in mind that as the block reward drops the profits from selling hardware on the open market will fall. The profits from 51% attack however will remain approximately fixed. That is not good. Not good at all.

That is why I suggest PoS. With PoS, the average coin holder makes a profit when a 51% attack occurs. That type of insurance is a very good thing. Also, attacks aren't possible without spending say USD$60 million and up. That's a good thing too. Yes, attacks can still happen. That's too bad. However, just because you can't fix everything does not mean you shouldn't try to fix as much as possible.

If someone has a better suggestion, I am all ears. However, I will not listen if someone says we can wait until the attack occurs to worry about the issue. That is ridiculous. You won't be able to fix something like this on the fly.
legendary
Activity: 1680
Merit: 1035
Perhaps in that case the issue is that you are too much of a defeatist. You think, "well, all this crap will happen anyway, so let's just let it and figure out what to do when it does," while others think, "all this crap has a damn good chance of happening, so let's figure out what we can do to prevent it in the first place." Very subtle difference.
legendary
Activity: 1050
Merit: 1003
Yes, the central bank has to be the richest person in the room in the case of PoS. More than this, they have to personally own the majority of all wealth. Yes, this (almost) guarantees honest behavior.


That's why people say you have a Keynesian plan. Your mistake is that you believe the monopolist will actually know what is good for himself and for everyone else, and won't fuck up. Also, I STILL don't see a difference between a monopolist using some convoluted blockchain mining scheme to control and distribute currency, and a central bank just running a single centralized ledger to do the same.
I think part of this is that economics is a positive and not a normative science. Economists are trained to talk and think like we are indifferent between outcomes and make predictions based on economic theory. This scares people who are not accustomed to it.

My plan is not for the central bank to own all the coins. I just predict that, if bitcoin et al. are too successful, it will end up that way no matter what we do.

I am a realist and a pessimist. These two characteristics go hand in hand. Blablablah for example understands what this means.

Also, I don't think the central bankers will know what is best. They are fuck-ups just like the rest of us. However, if they are going to make choices for us, I would much rather that they also lose something when they fuck up. Thus PoS as opposed to PoW. Same goes for companies that many take us over.

It is very frustrating talking to idealists. If I don't think your ideals are practical, then you think I am plotting against you.

You should look and think strategically before you leap. You should also learn how to analyze situations from the perspective of your opponent. Otherwise how will you get good at chess?

Look over in this thread for example: https://bitcointalksearch.org/topic/m.1349225

Is promoting that a good idea or is it unwise?
legendary
Activity: 1680
Merit: 1035
Yes, the central bank has to be the richest person in the room in the case of PoS. More than this, they have to personally own the majority of all wealth. Yes, this (almost) guarantees honest behavior.


That's why people say you have a Keynesian plan. Your mistake is that you believe the monopolist will actually know what is good for himself and for everyone else, and won't fuck up. Also, I STILL don't see a difference between a monopolist using some convoluted blockchain mining scheme to control and distribute currency, and a central bank just running a single centralized ledger to do the same.
donator
Activity: 544
Merit: 500
You referred to me having some vague but wicked Keynesian plan. This is baseless speculation. My plans are explicit and public (see wiki). They are not Keynesian plans. Read them. Your speculations are completely unjustifiable. If you don't want to hear 'random remarks' about what my plans are, then do not spread false rumors.
First of all, look at the title of this thread, which you wrote yourself. Second of all, you made several comments in the past where you said that this or that person need to be forced to behave this or that way. You bitch all the time about "libertarians". This type of thinking permeates through your anti-libertarian pro-statist ramblings.

Even though I consider myself an anti-statist, I typically go at great lengths to not formulate my arguments in a way that their validity depends on the hatred of the state.

Many of your arguments, however, fail on this neutrality. Their validity pre-supposes that the activities of the state are economically beneficial or at least ethically permissible. Your very first sentence in this thread is

Recall that the purpose of money printing is to encourage or discourage spending.

This is keynesian pseudoscience, akin to the argument that the purpose of blood letting is to cure disease.

Similarly, your last paragraph in the original post

I am kind of confused why we still operate with dollars. Central bankers should start issuing dollars and euros this way. Or they could just adopt bitcoin. It would make their lives so much simpler.

indicates that you approve of this.
legendary
Activity: 1050
Merit: 1003
So the central bank would have to be the richest person in the room? This makes sense, as it (almost) guarantees the honesty of their currency-manipulation. A PoW central bank may have sold their stake and exchanged it for a new currency, and then they could proceed to devalue Bitcoin.

However, I'm not sure whether such theoretical reasoning ought to be enough to make the change.

Yes, the central bank has to be the richest person in the room in the case of PoS. More than this, they have to personally own the majority of all wealth. Yes, this (almost) guarantees honest behavior.

Don't just worry about the central bank. This is only a legitimate concern if bitcoin gets big. In the near future, worry about any person or group that wants to make some money and has the means to purchase some ASICs.

Under PoW, if you want to make things difficult for entrepreneurs, you have to bleed the user base with fees. i.e. you have to become paypal to stop paypal from buying you. If you are already operating a paypal like regime, then there will be no returns at all to corporate raiding. If you are not operating your regime like paypal, prepare for a corporate raider to introduce Paypal style management. PaypalStyle (someone should make a GagnamStyle parody)

BTW: A corollary here is that double-spending is not a realistic problem. If someone has 51% of hashing power and they use it double-spend, that person is a complete idiot. The revenue you can gain from milking accounts for demurrage is much greater. [This does not apply to alt chains. The time horizon is much shorter in this case.]

PoS means that the corporate raider loses the incentive to operate like paypal. He will care about market share and long-term growth, not about margins. With PoS you maximize your returns by growing the network and benefiting from appreciation. What is good for the proof-of-stake monopolist is also good for his user base.

As a thought experiment, suppose there are two competing cryptocurrencies, one based on proof-of-work and one based on proof-of-stake. Both currencies are controlled by monopolies. They would like to attack each other to gain market share. Assume they have equal market cap. The proof-of-stake monopoly can simply sell some coins to finance mining investment, 51% attack, and then tax the proof-of-work currency to destruction. The proof-of-work currency holders will lose their entire investment. The proof-of-stake monopoly will gain market share. The proof-of-stake monpolist's coins will approximately double in value. By contrast, the proof-of-work monopoly is impotent. They could buy out the proof-of-stake monopoly and shut it down. In either case, the proof-of-stake monopoly profits.

Now ask yourself, in this setting do I want to be holding the proof-of-stake coins or the proof-of-work coins?
legendary
Activity: 1050
Merit: 1003
Cunicula, I don't entirely understand your proposal. Correct me if I'm wrong - you're suggesting that people that run a full node *AND* engage in heavy mining get to preserve their stake. In your scenario mining contributes to the network security, as does running a full node with full blockchain history. So then, what about people that only maintain a full node without running a mining op? I'm sure I misunderstood.

Yes, you misunderstood. PoW miners need to run nodes. This part is right. But these guys are unimportant. The most important part is that coin owners run nodes. The coin owners don't need to mine at all. Here is a greatly simplified rundown that may clear things up. There are extra details in the wiki, but this captures the core idea.

1) Guy with his mining rig finds a hash that meets the difficulty target. The hash provides a hard to manipulate random number seed. Creating this seed is the PoW miner's only real contribution.
2) The random number seed is used to draw five lottery winners from the universe of coin owners. Your chance of winning the lottery is proportional to your coin ownership.
There is no practical way for the miner to control who wins the lottery. He could maybe pick one winner, but not five simultaneously.
3) The miner says, "Hey, I've got this block, but it isn't valid until I get the go ahead from these lottery winners. Without their permission my block is just useless garbage. It can't go in the blockchain."
4) The miner sends a message through the network announcing that he needs to make contact with the five lottery winners.
5) The lottery winners hear the message if they are running nodes. If all five respond with their sigs, then the miner can proceed to put a block in the chain. If not the block is invalid, go back to step 1.
6) The miner puts the block in the chain together with sigs from the five lottery winners.
7) We have extended the blockchain by one block. The lottery winners get some meaningful rewards. The PoW miner receives some table scraps. Back to step 1.

Why do this? How does this arrangement help?

This procedure makes double-spending impossible even with an ungodly hashrate (say 100000 Terahash). This means that a tiny hash rate suffices for the entire network. To double spend you have to mine a sequence of blocks in secret. With this system you can only mine if you announce your block in public first. You can't double-spend if you announce your double-spending publicly. It does not work. The random lottery winners are not going to sign your funky old attack blocks, so you cannot construct them.

How could you double-spend? Well, first you have to find a hash that meets the difficulty target. Then you check if this hash won the lottery five times in a row. If yes, you can use this hash to construct one secret block. If no, then keep looking. How many valid hashes do you have to find to identify attack blocks? It depends on how many coins you own. If you own 1% of all coins, then you can make one attack block for every 10 billion blocks you find. Good luck with that. If you own 10% of all coins, you can make one attack block for every 10,000 blocks you find. Of course one attack block is not enough. You need to find 6 attack blocks before the main network does. This is hopeless unless you own a near majority of all the coins AND have more hashing power than the rest of the network.

One more "key" issue: Where do the rewards come from? How is this safe from theft?

1) There is a system for tracking keys that are not associated with active nodes. [People who fail to report as lottery winners when they are supposed to]
2) These guys get taxed at a rate of 5% of their balance per annum. The tax continues until they associate their key with an active node.
3) The rewards from taxing these people generate the fees that are distributed to people who keep their nodes up.
4) You can avoid the fees and keeping a node up by keeping your coins in an online wallet.
5) If your key gets stolen from an online wallet (or your home computer) you lose up to 20 BTC max or 10% of your btc balance, whichever is smaller. The rest can be reclaimed as soon as you learn of the theft.



Pages:
Jump to: