Topic: Counterfeiting and Loss Prevention (Read 2611 times)

Hmm, it could actually be an interesting experiment to run with that chap's fork of bitcoin as a distinct separate currency.

It might have an advantage over a started from scratch fork (forked code but started from scratch blockchain) simply because everyone who had any bitcoins when that chap did his fork of the blockchain now not only still has their original bitcoins but also has that many of his newfangled badcoins or batcoins or whatever one might like to call them.

My "Martian BotCoins" I have implemented for the Freeciv Galactic Milieu game don't offer everyone who had bitcoins way back when an equal number of Martian BotCoins. So people who did have bitcoins back then might find his badcoins or batcoins or whatever more interesting than my Martian BotCoins simply because *they already have some* ...

If he doesn't want people to *already have some* of his newfangled coins, maybe he would be better of starting from scratch like Martian BotCoins have, but maybe to save some lead time in (re)creating his billionaire status he might like to code his massive windfall into the genesis block of his new currency.

Which would *you* (the generic 'the reader') prefer, a new currency you already have some of or a new currency you don't have any of?

-MarkM- (I think Satoshi probably  owns the genesis 50 Martian BotCoins)

Right! (I changed the one word above and bolded the first one because I'm pretty sure that's what you meant: "not valid")  Talking in terms of currencies you could say that billionaire person is in Bitcoin 2.0 already while we are all in Bitcoin Original.  They can't sell their Bitcoins on our exchanges or exchange them with our software--if they wanted to use them they would have to find some poor fool to join their side of things and leave ours.  Or if you want you could flip those terms--the point is that each person gets to decide which currency they're using, and nobody can force them to change if they don't want to, not with the biggest supercomputer in the world.  This is actually a much stronger position than real world cash!


Excellent!  You are very welcome.

I think I got it now thanks to both theymos and emansipater, thanks guys.  Just to close out the thread, here is the short and sweet answer I was looking for:


But I only really understood that after reading this:


I put the "lightbulb" statement in bold.  Looking at it that way completely alleviates my concern about being subject to the "will of the majority" as a "forking" of this kind would almost certainly increase the value of original Bitcoins, which I would still hold, up to a point.  It is on me to watch for the "break point" in this case and sell before that.  In ot6her words I am still the one in control so long as I don't get lazy I'll do alright.


Just to make sure I understand this last bit, that person could still have all 184 billion Bitcoins, but they would not be considered invalid by any Bitcoin user who has updated to the new version, correct?

Thank you guys so much for the wonderful and timely explanations, this thread has made me a "believer".

Result: bitcoinUserCount++; 

theymos is right on the money.  But since I don't know your level of technical familiarity, feel free to let me know if this still confuses you.  Basically, your bitcoin client won't accept any deviation from the "hardwired" rules even if every other person out there switches--you will be the only person still using Bitcoin Original but it will still work perfectly.  And importantly, if Bitcoin 2.0 ended up in the toilet because of the injudicious expansion, people would still be able to rejoin Bitcoin Original and spend their coins from before the switch as if nothing happened.  This is the biggest reason that a network-wide change would be pretty much all or nothing:  the situation of competing protocols is pretty unstable.

More broadly, since currencies are a medium of exchange between parties the concept of being subject to the will of everyone else is unavoidable:  if everybody else on the planet starts treating the USD like toilet paper, your millions under your mattress won't mean what they used to.  The main difference between bitcoin and USD is that the federal reserve can print official USD whenever they want to, and banks can 'create' USD through fractional reserve systems.  Bitcoin Original, by contrast, will never change even if there is only one person left in the world using it.

It's also informative to look at this from the perspective of the person starting up Bitcoin 2.0 because they are basically starting a new currency and giving people starting credit based on how many Bitcoins they (continue to) hold.  Why would they do that?  Unless there is reasonable assurance that everyone will switch to the new software (like in the case of adding decimal places) it is going to be one huge debacle.  Most businesses/investors are never going to switch to Bitcoin 2.0 just because it hands out free money.  And anyone who accepts Bitcoin 2.0 would be a fool.  If you don't believe this, you could start a Bitcoin 2.0 version and see what happens (I'm sure you're too smart for that, but it's a helpful thought experiment).  A much more realistic idea for a Bitcoin 2.0 would be that the person would make you hand over your Bitcoins to get the new Bitcoins, and base them on their own blockchain instead of just trying to update Bitcoin itself.  Then, like theymos pointed out, the two will exist side by side and could be traded between.

Bringing it back to basics, just think of it like currencies.  You could get everyone to stop using the currency they use and start using a new one, like Brazil did with the Real, but you would have to have a very good reason and the endorsement of some major authority figures for the whole economy to switch over.

We do have a historical precedent of how the community tends to respond:  in block 74638, or alternatively on August 15, 2010, someone exploited a loophole in the then-current client to give themselves 184 billion bitcoins.  An update to the Bitcoin software was immediately created that deleted that block and corrected the blockchain while including all other legitimate transactions (the cryptographic security of bitcoin makes it easy to keep valid transactions in these scenarios), and that new version of software was released to the public.  The majority of the nodes switched immediately for obvious reasons, and the fixed blockchain overtook the compromised one at block 74691 (very quickly).  This is also an excellent demonstration of why simply trusting the most computationally intensive blockchain is a safe move--once a clear majority of computing power has switched that blockchain will always win out to become the most secure record.  And even in the midst of this commotion an attacker with more computational power than the whole network couldn't have spent other people's coins or altered their transactions.  It also demonstrates how Bitcoin's nature allows anyone connected to the network to hold it accountable.  Go jgarzik!

Sincerely,
eMansipater

The transactions that generate coins illegally will always be considered invalid by you, even if you are the only node in the network that believes this. If a change to generation rules becomes overwhelmingly popular, then it might reduce the value of your coins to nothing. The system will still work for you, but your coins won't have any conversion value.

This isn't going to happen overnight. If a new Bitcoin-like system continues to generate 50 BTC for every block after 210,000, then half or more of the market will be "old BTC", and half will be "new BTC". There will be an exchange rate between them. Probably "old BTC" will not die easily.

There is no technical way for a full network node to be tricked into accepting an illegal generation. It's clearly invalid.

Wow, thanks for the great explanation!  Your post has alleviated my second fear (Loss Prevention) with this sentence:


As for my first fear (Counterfeiting) I will go through your points and ask a few questions.  I probably should have stated that most of my concerns in this regard really only come into play after we are no longer generating Bitcoins legitimately or if someone (or group of someones) is simply being malicious.


Based on what you said here, it sounds like what I will call "mob rule" although that might not be the most apt term.  Basically it means that a majority can foist things onto a minority.  Since Bitcoin is open source, anyone can write and distribute his own version of the software.  If someone, even simply being malicious, decides he wants to devalue Bitcoins all he has to do it write a client that allows all of those using it to gain Bitcoins when they use his implementation.  He can even use this as a selling point for those considering his application.  While many people (most of us here included) would see the negative effect of inflating the money supply, those who are doing it probably wouldn't and in any case they may not care, as the people who initially receive "newly minted" receive the full benefit of it.

I guess I am just really trying to understand how an "attacker" who controls more than 50% of the network's computing power is prevented from creating new coins.


The only real hardwired security I can see is the fact that honest nodes control the network, everything else is specific to the implementation being used by each Bitcoin user.  Am I wrong here?


You are very right, I initially was very skeptical and have narrowed my fears down to this (now one thanks to you!) problem/concern.

Just like in the real world, where if everyone else on the planet starts treating your banknotes differently you are up a creek without a paddle, there is no protection against *everyone else* changing the way they use bitcoin.

Speaking more technically, to fork the blockchain effectively the majority of the network's processing power must agree to the change.  And for a change as drastic as increasing the total number of bitcoins, everyone who wanted the change would have to start using a new Bitcoin program.  If you chose not to upgrade your program you could still keep going as always with those who also did not upgrade.  The value of your bitcoins, and the services available to you such as buying and selling for other currencies, etc. would depend on the people using that original software, and whether they would provide those services.

Speaking practically, no serious user of bitcoin, including the exchanges, major bitcoin businesses, etc. are going to accept a version of the program that changes the rules without a very good reason such as closing a security loophole.  There is no practical scenario where your value in bitcoin is going to be swept away unexpectedly by the network, because everyone else on the network has that same concern.

The method of coin creation is "hardwired" into Bitcoin, so even with all the world's supercomputers put together an attacker can't just put pretend coins into the mix--any blocks that do that won't be accepted by anyone else.  Blocks are only accepted if they follow the rules.  The only thing an 'attacker' could do is compete fairly for that set amount of coins that is being generated--and this costs that person just as much in hardware, electricity, etc. as anyone else.

It can be difficult to imagine just how small 8 decimal places go.  Let me give you an idea:  the U.S. economy is around 14.7 Trillion dollars, or:

14,700,000,000,000

In servicing this size of an economy people have put to use about 1 Trillion dollars of hard cash in some form (approximately 3000 per person in that country).  If we wanted to use Bitcoin to replace all U.S. dollars then one Bitcoin would be worth about $50,000.  So a $1 loaf of bread would cost

0.00002 BTC

which only uses 5 of those 8 decimal places.  That means bitcoin in its current form can handle 1000 times as much economic activity as the entire U.S. economy before you would have trouble buying a loaf of bread.  You can imagine that this won't happen for a while.

Even if it were to happen, however, and/or some fluke circumstances took place such as a rich early adopter losing their 2 million bitcoins (ouch!), there still wouldn't be a problem because Bitcoin can easily be updated to use more decimal places.  Unlike above, everyone would happily accept this small change in the bitcoin software since it doesn't hurt anyone and has a very good reason.  So we can keep dividing bitcoins till kingdom come without issue.


No worries--it can take a while to actually fit in to your head just how beautifully bitcoin solves all the potential problems with digital currency.  I just discovered it a couple months ago and I'm still in awe of it.  I'm also very happy that my investment has roughly tripled in that time.  Both theoretical and actual substance working together--a rare event for our planet indeed!

sincerely,
eMansipater

If an attack has over half the computing power over the entire network, and their goal is to profit and not shut down Bitcoin, they are better served by generating coin legitimately than attacking. This is because mining is less risky and increases the security (and value) of Bitcoin.


Purposely destroying Bitcoin only makes the rest worth more. Additionally, Bitcoins are divisible to eight decimal places, so as long as nothing costs less than .00000001 BTC, there is no problem. Bitcoin clients can always move the decimal point over, so .00000001 BTC becomes 1 xBTC (or whatever unit) to make things more user friendly.

According to the linked wiki article, that is not the case, at least not for my counterfeiting example, it specifically says that even if the "attacker" has control of more than 50% of the network he cannot "Create coins out of thin air".

The attacker would need to control roughly half of the computing power. 
http://article.gmane.org/gmane.comp.encryption.general/12588/

Let me start off by saying that I am completely new to Bitcoin and really want to understand it well before I invest anything in it.  That being said I can see the potential this currency has to change the world and really want to be a part of that.

I have been reading up on the technology side of Bitcoin and have a few questions.


My first question is about how Bitcoin prevents a very specific type of counterfeiting.  If I understand correctly, when a new block is created the person creating it calculates what the current reward is and includes a transaction to himself for that amount.  If this block creator tries to give himself more coins then the rest of the network will reject his block and he will receive nothing.  A limit of approximately 21 million Bitcoins is enforced by agreement across the network on the reward for completing a block, which is based on the total number of blocks.

How am I, the individual, protected if even the entire rest of the network decides on a different reward scheme, specifically one that increases the total number of possible Bitcoins?  Put another way, how much of the network would need to agree in order to increase the total number of possible Bitcoins?  As a reference, there is a note in one of the sections on the Weaknesses wiki article, specifically:


I would ask the question why not to the statement made in that article.


And this bring me to my second concern, Bitcoin loss.  If I understand correctly no Bitcoins can ever be destroyed, the only thing that can be lost is the access to them, meaning the private key needed to sign the transaction transferring them.  I also understand that Bitcoins are divisible up to eight decimal places, allowing for many more than 21 million transferable units.  The problem I have here is the longevity of this currency even if people lose small amounts at a time.  In my mind the eventual goal is to replace other currencies, such as USD, and if this happens lets assume we have 300 million Americans using Bitcoin.  After enough loses the value of even the smallest transferable unit would be enough to buy a house or boat or other equivalently high value item, leaving lesser items, such as bread, milk, etc..., basically un-purchasable.  Basically how are Bitcoin holders protected against the carelessness of others, or even someone maliciously (although admittedly to his financial detriment) "destroying" Bitcoins?

I did look around the forums and the Wiki before posting here, so if I missed the answers to these questions elsewhere then links would be appreciated.  Also, sorry for the text wall, couldn't really think of a way to shorten it and still get my point across.

(EDIT: remembered how to link things using BBCode.  )