Economically Unspendable Outputs: A Problem On The Radar - page 6.

solex

legendary

Activity: 1078

Merit: 1002

100 satoshis -> ISO code

Quote from: ShadowOfHarbringer on March 09, 2013, 08:17:32 PM

Quote from: Luke-Jr on March 09, 2013, 03:26:54 PM

SD has clearly established, through their refusal to stop attacking Bitcoin, that their intentions are bad - or at the very least indistinguishable from what someone with bad intentions would do.

No, there is no software bug. The bug is in the human component of the protocol.

This is such a terrible bullshit. Can you all please stop creating this bullshit and spreading FUD ?

You simply don't get the point: If the HUMAN behavior is a problem which the network cannot solve itself using its own algorithms, then the network is useless and doomed to failure.
There can be no such thing as human component-based bug in the protocol, because the protocol is designed to cope exactly with that.

Bitcoin is still on very early stages. If BTC at this stage cannot cope with such a minor disturbance as SatoshiDICE currently is, then it cannot cope with reality at all and should be either fixed or redesigned from scratch.

The point in short:
The whole Bitcoin network exists exactly for the reason of coping with human imperfections (like forgery, double spending, thievery and other cons), so if it cannot do that, that means it is *completely useless*.

Did i make myself clear this time ?

+1

ShadowOfHarbringer

legendary

Activity: 1470

Merit: 1005

Bringing Legendary Har® to you since 1952

Quote from: Luke-Jr on March 09, 2013, 03:26:54 PM

SD has clearly established, through their refusal to stop attacking Bitcoin, that their intentions are bad - or at the very least indistinguishable from what someone with bad intentions would do.

No, there is no software bug. The bug is in the human component of the protocol.

This is such a terrible bullshit. Can you all please stop creating this bullshit and spreading FUD ?

You simply don't get the point: If the HUMAN behavior is a problem which the network cannot solve itself using its own algorithms, then the network is useless and doomed to failure.
There can be no such thing as human component-based bug in the protocol, because the protocol is designed to cope exactly with that.

Bitcoin is still on very early stages. If BTC at this stage cannot cope with such a minor disturbance as SatoshiDICE currently is, then it cannot cope with reality at all and should be either fixed or redesigned from scratch.

The point in short:
The whole Bitcoin network exists exactly for the reason of coping with human imperfections (like forgery, double spending, thievery and other cons), so if it cannot do that, that means it is *completely useless*.

Did i make myself clear this time ?

Jutarul

donator

Activity: 994

Merit: 1000

Quote from: misterbigg on March 09, 2013, 05:51:39 PM

Quote from: Jutarul on March 09, 2013, 04:05:01 PM

Ultimately what should be the deciding factor is the intent of spending any output at a later stage.

Wow...good luck writing that function! I don't think it's possible to encode this in computer code.

Yes - there is no way to measure intent. But we could resort to game theory to investigate the necessary rules for an environment in which people are encouraged to remove unspent outputs timely.

misterbigg

legendary

Activity: 1064

Merit: 1001

Quote from: Jutarul on March 09, 2013, 04:05:01 PM

Ultimately what should be the deciding factor is the intent of spending any output at a later stage.

Wow...good luck writing that function! I don't think it's possible to encode this in computer code.

solex

legendary

Activity: 1078

Merit: 1002

100 satoshis -> ISO code

Quote from: Jutarul on March 09, 2013, 04:05:01 PM

Quote from: misterbigg on March 09, 2013, 03:49:49 PM

... Of course the other part is to implement technical measures to make the creation of economically unviable transactions expensive.

Let me officially endorse this statement.

However, let me also remind everyone that there are legitimate uses for creating dust outputs (e.g. colored coins, contracts). Thus some transactions may "appear" economically unviable, however they there may still be a strong inherent incentive to spent it.

Ultimately what should be the deciding factor is the intent of spending any output at a later stage. One way to give the intent a monetary value is the use of deposits. But there may be other, more refined measures to capture intent in terms of transaction fees. I'd like to see more proposals.

I have been thinking about this and the distinction between spam and virus-like behavior is critical here. Just as your PC/laptop needs anti-spam for email, it also needs anit-virus software for the thousands of more "intelligent" threats.

While the existing Bitcoin mining filters are excellent at transactional anti-spam, they have not been designed for, and tested with, virus-like transactions. SD is showing that this threat is out there. It is doing a huge favor to Bitcoin because anti-virus protection needs to be built-in as well. This would "capture intent" and permit the legitimate uses Jutarul mentions.

From what I hear, SD has already implemented a 0.5% min loss payout, Thank-you Erik! Great news, it helps a lot on the blockchain bloat front.
The larger threat is from external virus-like applications - and this is still out there...

Jutarul

donator

Activity: 994

Merit: 1000

Quote from: misterbigg on March 09, 2013, 03:49:49 PM

... Of course the other part is to implement technical measures to make the creation of economically unviable transactions expensive.

Let me officially endorse this statement.

However, let me also remind everyone that there are legitimate uses for creating dust outputs (e.g. colored coins, contracts). Thus some transactions may "appear" economically unviable, however they there may still be a strong inherent incentive to spent it.

Ultimately what should be the deciding factor is the intent of spending any output at a later stage. One way to give the intent a monetary value is the use of deposits. But there may be other, more refined measures to capture intent in terms of transaction fees. I'd like to see more proposals.

cypherdoc

legendary

Activity: 1764

Merit: 1002

Quote from: misterbigg on March 09, 2013, 03:40:08 PM

Not really because all the dust comes from different places so will require many txin, typically 1 for each loss notification, wherein the fees for each additional txin will be many times higher than the amount sent.

its much more than that. SD wants and needs to give immediate loss feedback with 0 confirmations. they do that to encourage repeated and impulsive betting. they get away with this b/c if someone is trying to do a double spend, the bet tx won't confirm and thus neither will SD's loss notification.

misterbigg

legendary

Activity: 1064

Merit: 1001

Quote from: Mageant on March 09, 2013, 03:42:36 PM

If this really is a problem for Bitcoin, then couldn't somebody with bad intentions use it to try to destroy the network? After all, it wouldn't cost very much, only the minimal transaction fee. If that is the case then it isn't solved by just persuading SatoshiDice to stop doing this.

As has been stated over, and over, and over, and over....persuading SatoshiDICE is only one prong of a multi-pronged solution. Of course the other part is to implement technical measures to make the creation of economically unviable transactions expensive.

Why won't it read?

Mageant

legendary

Activity: 1145

Merit: 1001

If this really is a problem for Bitcoin, then couldn't somebody with bad intentions use it to try to destroy the network?

After all, it wouldn't cost very much, only the minimal transaction fee.

If that is the case then it isn't solved by just persuading SatoshiDice to stop doing this.

misterbigg

legendary

Activity: 1064

Merit: 1001

Quote from: Amitabh S on March 09, 2013, 03:23:36 PM

How about SD send the 1 satoshi (or 1000 satoshis) to a common "donation" address instead of back to the sender?

The reason SatoshiDICE sends these betting loss confirmation is because Blockchain.info plays a sound when your wallet receives a payment. The cycle goes like this:

1) user logs into their Blockchain.info wallet
2) user clicks a SatoshiDICE betting link
3) SD sends them a loss confirmation
4) Blockchain.info AJAX web page plays a sound
5) go to step #2

If the 1 satoshi goes to a donation address then the player doesn't hear the sound and there's no Pavlovian conditioned response taking place.

Quote

Also, SD can bunch a lot of such payments into one tx.

Not really because all the dust comes from different places so will require many txin, typically 1 for each loss notification, wherein the fees for each additional txin will be many times higher than the amount sent.

Luke-Jr

legendary

Activity: 2576

Merit: 1186

Quote from: ShadowOfHarbringer on March 09, 2013, 02:28:35 PM

i would rather have SDICE exploit this flaw now rather than somebody else with really bad intentions some time in the future.

SD has clearly established, through their refusal to stop attacking Bitcoin, that their intentions are bad - or at the very least indistinguishable from what someone with bad intentions would do.

Quote from: ShadowOfHarbringer on March 09, 2013, 02:28:35 PM

Quote from: Prattler on March 09, 2013, 01:58:14 PM

misterbigg, thank you for raising awareness of the problem

For the thousandth time: There is NO "problem". Just a bug in the software.

No, there is no software bug. The bug is in the human component of the protocol.
Satoshi was intelligent enough to recognize that no anti-spam software can ever be perfect or address future spamming techniques, so he designed the Bitcoin protocol to make use of humans to manage the job.
The mistake was that he assumed that miners would always care about the long-term welfare of Bitcoin, and neglected to give them any real incentive to do so. As a result, the bigger miners - who apparently only care about their short-term profits - neglect and/or refuse to do their part in filtering out this garbage.
The only bug here is in these humans - not the software.

Amitabh S

legendary

Activity: 1001

Merit: 1003

How about SD send the 1 satoshi (or 1000 satoshis) to a common "donation" address instead of back to the sender?

Senders can verify that the donation indeed contains funds from at least one of their original outputs. Also, SD can bunch a lot of such payments into one tx.

Its still a "band aid" until the "problem" (as many say) is fixed.

misterbigg

legendary

Activity: 1064

Merit: 1001

Quote from: blockbet.net on March 09, 2013, 02:53:37 PM

It's not likely that this "somebody" would ever reach the kinds of volumes that SD has, so it wouldn't be much of a problem if this "somebody" would do so if their operations were minimal.

Yeah the combination of SatoshiDICE's reluctance to change their losing bet confirmation along with Blockchain.info giving them tons of free traffic through direct links from wallet page is a one-two punch to the face of not only everyone running a full node, but any users who have to pay fees (because the fees are higher).

This is hitting legitimate businesses like bitpay or even mtgox directly in the wallet through higher fees.

I'm not saying that gambling is not a valid use of the block chain, nor am I saying that we should block SatoshiDICE specifically from the network. But we desperately need to make it impossible or impractical to send amounts that are below the cost of transmission and storage.

blockbet.net

member

Activity: 112

Merit: 10

Admin at blockbet.net

Quote from: ShadowOfHarbringer on March 09, 2013, 02:28:35 PM

If not SatoshiDICE, then somebody will use this flaw in the protocol.

It's not likely that this "somebody" would ever reach the kinds of volumes that SD have, so it wouldn't be much of a problem if this "somebody" would do so if their operations were minimal.

Second, by raising awareness of the issue, SD, the "others", and the gamblers can decide and do what's best for Bitcoin, since they would only be hurting themselves by harming the network with their spamming.

Prattler

full member

Activity: 192

Merit: 100

Quote from: ShadowOfHarbringer on March 09, 2013, 02:28:35 PM

For the thousandth time: There is NO "problem". Just a bug in the software.

Bitcoin is not just software, it's also the users who use that software (or ruleset/fork). P2SH change was simple from the software standpoint, but quite difficult because of the social aspect of pools having to agree to upgrade. The fix for this might be as slow as P2SH change. Bugs in societies are much more difficult to fix than in software

ShadowOfHarbringer

legendary

Activity: 1470

Merit: 1005

Bringing Legendary Har® to you since 1952

Quote from: Prattler on March 09, 2013, 01:58:14 PM

Satoshi dice, thank you for exposing dust output spam vulnerability in bitcoin (bloating unspent tx output data, which is RAM and is much more expensive than HDD!).

Exactly my point. We should THANK them for exposing it - i would rather have SDICE exploit this flaw now rather than somebody else with really bad intentions some time in the future.

Quote from: Prattler on March 09, 2013, 01:58:14 PM

You have already proved your point, would be nice if you stopped spamming until devs and mining pool operators can act on it.

No, it wouldn't be nice. If not SatoshiDICE, then somebody will use this flaw in the protocol.
SDICE is putting a pressure on the parties interested (miners, devs) to fix this. So I say don't bother SDICE and let it continue until the protocol bug is resolved.

Quote from: Prattler on March 09, 2013, 01:58:14 PM

misterbigg, thank you for raising awareness of the problem

For the thousandth time: There is NO "problem". Just a bug in the software.

----
Also, OP of this topic is simply spreading FUD.

Prattler

full member

Activity: 192

Merit: 100

Satoshi dice, thank you for exposing dust output spam vulnerability in bitcoin (bloating unspent tx output data, which is RAM and is much more expensive than HDD!). You have already proved your point, would be nice if you stopped spamming until devs and mining pool operators can act on it.

misterbigg, thank you for raising awareness of the problem and discussing it in a polite manner. Some evangelists keep saying bitcoin is perfect. Well it's not! Bitcoin is still an experiment! It has some design problems that need to be solved. Dust output spam vulnerability is one of them.

Developers and pool operators, please address the dust output spam vulnerability. I personally think that transaction outputs should not be smaller than the fee/kB paid. Additionaly, it would prevent mistakes like https://bitcointalksearch.org/topic/someone-just-paid-9435425882-btc-in-transaction-fee-149926 – a very nice side effect!

cbeast

donator

Activity: 1736

Merit: 1006

Let's talk governance, lipstick, and pigs.

Quote from: Luke-Jr on March 09, 2013, 01:04:11 PM

Quote from: Elwar on March 09, 2013, 12:52:23 PM

Yes, let us focus on Satoshi Dice and make them change their ways so that we can ignore this "flaw".

The flaw is miners neglecting their job to filter out spam. Do you have a solution to force miners to care about Bitcoin in the long-term?
I'm all for better solutions, but so far I've not heard any.

Let me see if I understand how this will play out. Eventually only very large mining operations will be profitable. They will police each other by agreeing to accept each other's spam-free (or at least within a tolerable threshold) blocks out of necessity by branding (i.e. VISA/MC) their blocks. There will be the temptation to take the transaction fees anyway, but it will be balanced against the speed their blocks will be verified. Merchants that subscribe to mining operations to clear their transactions will prefer the fastest block verifications.

Elwar

legendary

Activity: 3598

Merit: 2386

Viva Ut Vivas

So I should be able to start CPU mining again and make some money?

niko

hero member

Activity: 756

Merit: 501

There is more to Bitcoin than bitcoins.

Quote from: Luke-Jr on March 09, 2013, 01:04:11 PM

Quote from: Elwar on March 09, 2013, 12:52:23 PM

Yes, let us focus on Satoshi Dice and make them change their ways so that we can ignore this "flaw".

The flaw is miners neglecting their job to filter out spam. Do you have a solution to force miners to care about Bitcoin in the long-term?
I'm all for better solutions, but so far I've not heard any.

I don't see SD dust transactions as "spam" - a better example of spam would be your insertion of jesus messages into blockchain: https://bitcointalksearch.org/topic/eligius-miners-aware-of-prayers-in-block-headers-38007

Topic: Economically Unspendable Outputs: A Problem On The Radar - page 6. (Read 16443 times)