Topic: Decentralized Timestamp - page 2. (Read 5251 times)

Correct.  Double spends are possible when trading blockchain assets for something external to the blockchain, whether the blockchain assets are bitcoins or colored coins.  The advantage of colored coins on the bitcoin network is they can be traded risk-free for bitcoins (since they are registered on the same blockchain and can be exchanged with a single coinjoin TX). 

In other words, there is an advantage to trading assets registered on a particular blockchain with the native currency of that blockchain because these trades can be made risk free (the trade either happens or it doesn't--one party can't get stiffed).   

Some people don't use these special transactions and instead exchange coloured coins/ mastercoins directly for fiat or products or services, this enables successful double spends.

You still aren't understanding me. You have to get lucky and be allocated a block randomly as per normal. Now you get the chance to create a block signature. Once you get this opportunity you can iterate through many different possibilities for the block signature such that the next block is guaranteed to be signed by you.

The crucial bit of the code is hash(generation signature of previous block concatenated with the forger's public key). If you are able to manipulate the signature of the previous block because you were randomly allocated the ability to sign the previous block then you can make sure this hash is very small.

you clearly dont understand the nature of these risks and I suggest you do more reading here and less posting.

THANKS!   

-bm

you're greatly misconstruing my points.

This is one VIEWPOINT on economics and it centers around the notion of scarcity.

-bm

I think I see now the cause for this confusion. Let me put it simply:

generation signature is not block signature

generation signature = hash(generation signature of previous block concatenated with the forger's public key)
block signature = signature of block; forger's private key required


purpose of generation signature => providing the hit
purpose of block signature => providing block integrity

I've been bashing my head against the wall with Bluemeanie over here too: https://bitcointalksearch.org/topic/m.6841920

1.  He does not believe that the cost to produce a commodity tends to the market price of that commodity.  For example, the cost to produce 25 BTC (in USD) tends to the market value of those 25 BTC, so as the market value of bitcoin increases so to does the cost of attempting a 3-confirm double-spend.  He apparently disagree and calls this "pulp fiction economics."  

2.  He does not understand that "attacking the network" to attempt to reverse a colored-coin trade for bitcoin is sort of pointless.  If Bluemeanie buys my colored coin for 100 BTC and then double-spends to reverse the transaction (after spending a lot of money to do so), sure he'll end up with his 100 BTC back in the unlikely case that he is successful, but I'll end up with my colored coin back.  With coinjoin, the trade was a single transaction.  

Point 2 is why digital IOUs like colored coins are most likely to trade on the dominant network (which is presently bitcoin).  You can't trade digital assets for real bitcoins in a trustless way on the Nxt network like you can using colored coins.  Ironically, I was discussing this point with Nxt advocates and they told me that I was wrong here too--that you can trade Nxt assets for real bitcoins in a trustless way.    

Yes but that "eventually" is a ways off.  
There's many more years of mining for block rewards.  
I don't think anyone is seriously worried about this
right now.  

Talk to me in 5 years about it.  

it reminds me of the cold war US-Soviet Nuclear Détente.

-bm

Show me the code.

This is what I mean:
 1) https://bitbucket.org/JeanLucPicard/nxt/src/046e59e4df43309a37c2789efd39dba4a873bbe2/src/java/nxt/Generator.java?at=master#cl-118
 2) https://bitbucket.org/JeanLucPicard/nxt/src/046e59e4df43309a37c2789efd39dba4a873bbe2/src/java/nxt/BlockchainProcessorImpl.java?at=master#cl-731

No ECDSA involved.

Let me correct this nonsense.

As no ECDSA is involved and the only thing that can be used in

generation_signature_hash = sha256(generation_signature_of_current_block + my_public_key) <<<<< + means concat

to manipulate are:

generation_signature_of_current_block  << fixed by the previous block
my_public_key                                  << fixed by the number of accounts an attacker has


So, the only thing he can do, is to create billions of accounts holding at least >0 NXT to try out each of them.

because block rewards will decrease.

from the Bitcoin wiki : "The number of Bitcoins generated per block is set to decrease geometrically"

eventually the reward will be so small compared to the cost to generate them that TX fees will be required.  At that point we're not completely sure what will happen.  Tulips anyone? 

-bm

Yes there is, when you sign a block with NXT you sign it using ECDSA. It is this signature that is used to calculate who gets to sign the next block and therefore you need to iterate through different ECDSA possibilities to produce the lowest value when you combine it with your public key and take the SHA256 hash of the two combined.

There is no ECDSA involved. Just sha256.

interesting.

I think what we might see in the future is some kind of normalization. 

The network hashrate growth will slow down, stop, or possibly decline at some point...
Mining will be seen less as opportunistic, and more in line with other businesses
that require years to reach breakeven.

So, profits may shrink, but things may become more stable and predictable.

one problem with the ASIC race is that the force we're trying to secure the blockchain against is the same force that we're using to secure it.

It's hashing power on the attack and hashing power on the defense.  If the legit market calls hashing power into existence, then some future reversal or shift in circumstance can move that hashing power from defense to attack.  And with marginal profits from defense approaching zero, the miners are always balanced on this knife edge where the smallest change could make an atack more profitable than continuing defense.

I'm reminded of what Pratchett's character Vetinari said about hiring mercenaries:  You have to pay them to start fighting, and unless you are very lucky you also have to pay them to stop.

why is that a given?

that's perhaps the asymptotic value of a block reward in a PoW system- we will always have secondary costs although they will theoretically get lower as time goes by.  But really can we predict much of anything in that time frame?


the problem of transaction fees is even more serious and I've pointed this out before.

1) it's a given that TX fees will need to increase over time

2) if they increase past a certain threshold and the use of bitcoin becomes more expensive than alternatives like Paypal, not only will Bitcoin become unattractive for users, it will become unattractive for investors, and thus there will be a collapse in price.  I can't see how we can avoid this future as the computation requirements to run the bitcoin network get larger and larger.  Again, NXT does not have these issues.

-bm

Colored Coins etc. make it much harder to know how much value we need the blockchain to protect.  The fact that these values are essentially "hidden" from the protocol means we can't tell what we need to do to maintain any kind of parity with them.

One popular (and possibly correct) view of things is that in the long run the cheapest available price of electricity times the amount of electricity spent per block, will approach the value of the block reward in a PoW system. 

Right now we have a Bitcoin block reward worth approx. $12000.  If this view is correct, we should expect, worldwide, to see about $12000 worth of electricity (increasingly concentrated where electricity is cheapest) expended per block by hashing rigs. 

Right now transaction fees are providing a very small percentage (one third of one percent?  I think?) of the block rewards. 

At  some point in the future, moving to transaction fees as a primary source of mining revenue, implies that each kilowatt-hour of electricity invested in securing the blockchain will have to secure three hundred times as much value (relative to its own value) from attack as it does now. 

I'm convinced that's not really enough.  If we stick with Proof-of-work, we're going to have to start charging transaction fees based on how much value is changing hands, because we want to buy security proportional to the value we're trying to secure, not proportional to the amount of space it takes to store the transaction.  And that means the amount of value changing hands has to be visible, and that therefore Colored Coins etc will have to be more 'transparent' in terms of the protocol knowing how much they're worth (and therefore how much security we need to buy to keep them secure).

that's because it was overpriced.

-bm