Topic: Gold collapsing. Bitcoin UP. - page 744. (Read 2032266 times)

I have a question to sidechain theory that I think deserves an answer or at least some thought. To express the question clearly, I need to define some things, and using some analogies, else things become too foggy and the question will remain unanswerable.

So we have bitcoins and the bitcoin blockchain. The nature of the coins are defined by the rules in the blockchain. A bitcoin by nature moves around visiting various bitcoin addresses, it can not leave the blockchain.

Now a sidechain is different, it must have different rules, that is the point of the sidechain to begin with. Since it is called a sidechain, it must be based on the same blockchain technology, just with other rules. So what moves around to various addresses in the sidechain, is also something different from bitcoin, and I call that a sidecoin (a word that is not used in the sidechain whitepaper).

Now the peg. A sidechain without a peg is not interesting, at best you get some sidecoins by burning an amount of bitcoin using a provable unspendable address, which we know exists. The only interesting instances of sidechains are those where you "move bitcoins over, and back again" in the words of the sidechain whitepaper authors. In the light of the preceding definitions, I think those words are misleading, the correct wording would be a bitcoin is paralyzed, parked, or neutralized for the duration when the corresponding sidecoins are in existence.

This looks very much like how the casascius coins work. As long as the physical coins exists, the bitcoin is parked at an address where nobody have the unlocking key, that is hidden inside the coin. You can open the coin, after that the physical coin stops to exist, and using the code you found inside, you can free the bitcoin and use it the normal way. The relevance of this becomes clear a few lines down, but first I want to discuss the peg.

They call it a two way peg, but the nature of the peg is always two ways. Pegging literally means to fasten things together with a wooden stick (the peg). If you think of it as prices, you can have an actor with a substantial store of both types of assets (a type of money and a type of grain for instance), they can either define a maximum price of grain (by selling grain if the price should hover over the defined price) or they can define a minimum price of grain (by buying grain should the price fall too low), or they could fix the price entirely by doing both, which is pegging.

For this question to be relevant, the only requirement is that bitcoins can be paralyzed and sidecoins created (in one operation), and the reverse, that the sidecoins are destroyed and the bitcoins vitalized in another operation. What happens with the sidecoins while they exist, doesn't matter, basically, hopefully something useful can come out of it. Heck,  the sidecoins need not be created and destroyed in those operations, it is only necessary that the paralyzed bitcoins can be revitalized.

In this way of modelling the sidechain, bitcoin and its blockchain can not be modified. If you integrate a part of the sidechain functionality into bitcoin, for instance the method to free the bitcoin, you haven't really created a new system, you have instead modified bitcoin with the new sought after functionality. So bitcoin must remain unchanged.

Using these definitions and analogies, the sidechain system must create a bitcoin address where the bitcoins are to be parked. The unlocking code must be kept, else the bitcoins can not be revitalized. You can imagine that the bitcoin unlocking code is hidden by encryption and attached to the sidechain transactions, enabling the current owner of the sidcoin to choose to "open" the sidecoin to reveal the bitcoin unlocking code. Or, you could imagine that the sidechain network could split the key to unlock the bitcoin unlocking code and distribute it to a number of sidechain participants. Anyway, when the bitcoin address is created, the unlocking code (the secret key) has to be created by a single machine with a single owner before it is hidden or split and distributed. So the question is: Is it possible to do this and at the same time prove that the original unlocking code (the secret key) is not known by anyone? Is it possible to prove that a secret exists, and that secret can be revealed, but the secret is not known by anyone?

tl;dr: Fuck off.

^ agreed. I think everyone has stated their positions and presented their arguments. let's go back to the regular program. I, for one, will do my best not to be lured into the discussion any more.

Maybe open another thread about sc. Just a thought.

But this does not make anything better.

People are quick to point fingers but most of the time the blame is on the user. Sure MK had his share of responsibility for what unfolded but it would've never happened if the users of Mt. Gox did not carelessly leave so many coins on a 3rd party exchange.

In a Bitcoin economy the user is responsible for his wealth and any action resulting in the movement of his coins off the mainchain must be taken with proper understanding of the underlying risks.

"with power comes great responsibility"

It provides a new another way to lose coins to tradability.  Dead coins, burned.  With alts you just lose wealth, no one else is affected by that.  When SC₁ ends, coins are lost.

I don't need you to be wrong about anything, it isn't my goal to win an argument.  Counterparty did this too, and I burned bitcoin for that too knowingly.

Maybe none at all, but that doesn't mean people won't build it. Perhaps they will individually see a myopic need for their own little piece even though globally there is no real need. I would describe nearly the entirety if not the entirety of HFT and flash crashes in that manner.

Or as Adrian has said, at least with gox MK is being held responsible, a result of him being identifiable. With a SC you might not know who to blame. In fact, Bitcoin itself may be blamed.

Fair point.

But again, what exactly is the need for such "complex web of interconnected side chains"?

Sure enough I can envision this happening in the future but if it does happen then it,s because they are needed to support certain services. If a need for these services exist then is the alternative that we should expect "complex web of interconnected off-chain platforms" not true as well?

Perhaps because that risk is simply better understood, or at least, easier to understand. With a complex web of interconnected side chains it is conceivable you may have a system that no one understands.

wrong door, this is now Sidechain UP. Bitcoin down 

Hi guys, I was told there was gold talk in this thread?

I guess you guys' point is that sidechains could eventually create a propensity for coins to move off the mainchain and that this in itself is an increase in risk... While I believe the concern to be fair, my opinion is this is inevitable, sidechain or not.

The choice we are presented with is whether we'd like for this to happen on more centralized, 3rd party controlled platforms or through the use of more decentralized, well designed and properly implemented sidechains.

Of course I understand all of your proposed scenario. My argument is the risk resides in leaving MC. When that decision is taken then yes complexity can be added through the use of sidechains. The risk is not new, the scheme is.

If you want to prove me wrong then please explain how it would be more damageable to the user and/or Bitcoin if the coins are lost through an elaborated sidechain scheme than on a convential off-chain platform (MtGox style)

We can add a little more complexity.  Maybe this will help...

 MC
 |   \
SC₁ SC₃
 |   /
SC₂

So now SC₂ has coins from MC derived through both SC₁ and SC₃, but SC₁ is a dead chain and will no longer support SPV back to MC (say for sake of discussion that devs can inflate at will and syphon off any that get SPV'd back from SC₂ so no one will ever do it).

SC₂ is still an active and tradable asset with MC

How many ledgers do we have?
Is this a new risk or is there another way to do this without Side Chains?

(There is a lot more complexity that can be added.)  Some economists would suggest that complexity is itself a risk, so any new "feature" would potentially add this sort of risk in the amount that the new features are useful or powerful.

FWIW, in my model, there are 4 ledgers here, its a new risk, but Side Chains are still a worthwhile innovation... So long as people understand what they are and aren't confused by folks that blindly advocate them as the perfect solution to everything.

It is nuanced.

lol

No subledger is IMO a very appropriate term. SC's ledger being supported by monetary units derived from the main chain, it is only right to call them subledgers and not primary ledgers on their own right.

In NL's example, the risk is inherant to the corruption of SC1, so it does not matter if the coin is now on SC2-3-4-5. If these sit on top of SC1 then the root of the risk is on SC1, therefore, as I continue to try to explain to you, the risk is always reside in moving your coin off the mainchain to a malicious or corrupted subledger.

Coins stuck on SC2 or SC1 affect the user and Bitcoin in the same way so it is not a "new" risk to either of them

trying to obfuscate by using the term "subledger" is playing with words.  SC's are different ledgers with different security and economic assumptions and offerings.  we've already agreed on this.  you just forgot.

the gox analogy is not good b/c it involves a SC1 once removed from Bitcoin.  in NL's example, he was talking about SC's/ledgers twice removed or more getting "decapitated" by SC1 malfeasance.  we've never seen anything like that in Bitcoin; ever.  it's a new risk.

Playing with words is not helping your argument.

"Cut off" or "lost" is the same thing really so the Mt Gox analogy still applies. Also, in Mt.Gox's case, the ledger does not know whether the coins are lost or owned by a malicious owner.

"Part of itself" = the units. Whether the sub ledger containing these units is centralized or decentralized makes no difference.

ok, let me ask you again.  this time answer.

what honest, immutable ledger allows part of itself to be cut off permanently from its main database, not to mention the fact that it may not even know about it?