Topic: Help a newbie; why is hashing not done once but twice during Bitcoin transaction - page 3. (Read 1666 times)

Only if you can detect the cheating, and you have not yet proposed how you would stop me timestamping a transaction last year and then broadcasting it today.

Transactions are already timestamped when they are included in a block, by virtue of the block being timestamped. If you want to change this to timestamping unconfirmed transactions when they are first seen, then the first thing you need to figure out is why you want to do that. I see no benefits.

Speed of light has nothing to do with it though. Miners wouldn't need to consult one another about what time it was. They would already know.


well we all know what happens to cheaters right? they get punished. if you designed a punishment for cheating then that could probably take care of that. just like if i said, here is a magical tool that breaks sha256 the problem is if the bitcoin network detects you are using it, then it will not only not give you the block reward but delete some of your pending block rewards. or balance. how are they going to cheat then?  would they want to risk it?


If you want timestamps on every transaction the first thing you have to figure out is at what point does a transaction get timestamped. Then you can go from there. But until you figure that out, you don't have a well defined problem.

The issue isn't with clocks drifting out of sync with each other over a period of years; the issue is with a malicious user deliberately timestamping a transaction with an incorrect timestamp. Given that there is no requirement for a transaction to be broadcast as soon as it is signed, any timestamp between when the input UTXOs were created and when the transaction was first seen by any given node can be considered valid, and the node has no way of proving otherwise.

Correct. The limitation imposed by the speed of light may make rapid Byzantine fault tolerance impossible.

Now consider the 'stamping' portion of 'time-stamping', especially when separate entities have an incentive to lie about being first.

Well it's almost like you're setting it up to fail when you say "trustless timestamping" because in your mind that's something that is impossible. Here's an idea though. it may not be so practical currently but someday it could be.

Miners would have atomic clocks. required to have them. the point being :

"The best cesium fountain atomic clocks are now predicted to be off by less than one second in more than 50 million years."

so miners wouldn't need to "sync up" to each other to agree on the time very often. they could perform local computations.

I had deliberately glossed over CVE-2018–17144 since it didn't fit that description.

That bug introduced by a developer in 2017 (PR 9049) would crash the program if someone tried a double spend. It could have brought 50% of the network to its knees by doing spam attacks, by doing very obvious spamming, and forcing them to reboot? It wouldn't affect the 50% that was running on older software that was not vulnerable to the bug. It was when SegWit was introduced so understandable how a bug could be introduced, and clearly there was community hesitancy to move to new, less tested code.

I'd still prefer to not discuss solana except where relevant to timestamping and hashing. Since Solana's novelty is its timestamp, well, ok.

I don't think anyone had an issue that timestamping was possible, just that it required trust in service providing the timestamp.

Solana introduces central services that allow for time-stamping. Their timestamping requires trust. They even described their timestamping as not being a consensus mechanism. If they had actually solved the timestamping problem, consensus could (and should) rely on that.

Solana sacrifices security and fairness by having leader nodes, introducing the possibility of ddos and eclipse attacks. Unlike a PoW system, the PoS and timehashing ironically prevents new independent verification of transaction history, so I think that is a flaw that will prevent major money in it.

For those interested in reading about tower-byzantine-fault-tolerance of Solana:
https://medium.com/solana-labs/tower-bft-solanas-high-performance-implementation-of-pbft-464725911e79

A cryptocurrency can't rely on simple timestamping though, it requires trustless timestamping. It is at the heart of what bitcoin is trying to solve, and is still unsolved.

If you had the ability to timestamp so accurately, you could simply skip over bitcoin's methods. Like, you could develop a different cryptocurrency entirely from the ground up. It appears that Solana noticed that problem, but never solved it since it isn't their consensus mechanism. It is precisely the issue that made bitcoin what it currently is.

I can see quantum computing as being a potential issue in the future, and agree that it is worth thinking about. Timestamping wouldn't help against QC flaws - your transactions would be intercepted and delayed until someone could crack it, even if it took longer than 10 minutes. If QC became such an issue, I doubt that any internet banking dependent on those hashings would be possible, whether your standard banking, bitcoin or their derivatives, including any time-hashing cryptos. You'd have to consider very different paradigms I think.

As a complete aside, I don't think we will see trustless timestamping in any currency anytime soon. Anyone who developed that would have a clear technological advantage well outside of crypto that they would secure as many rights to it as possible, which would prevent them from giving it the open licensing necessary for a currency to develop. Solana, as broken-recorded, requires timestamping trust.

I wasn't talking about the technology, just about timestamps. I still don't see any reason why we should increase transaction size, fees, and bloat, by including unnecessary timestamps just because.

So keep your own records or, as above, run your own node and timestamp everything locally. No point bogging down the entire network with unnecessary bloat simply for your own convenience.

But it does hurt. As we've said multiple times, you make every transaction larger, you make every transaction more expensive, you decrease the number of transactions which can fit in to every block, you slow down validation and propagation, you increase latency, and so on. You make the entire network more inefficient, all in the name of a "back up" plan which wouldn't be needed for decades, but actually won't be needed at all.

if you look at a solana block explorer, they put things into "slots". there might be 2000 transactions in a single slot. not sure how many slots occur per second but maybe more than 10. and every slot is timestamped. so with that type of volume flowing through, each transaction in a slot has the same timestamp down to the second. but yeah, you got the basic idea. except that slots do have a timestamp.

I didn't say I wanted to use solana's technology in bitcoin. i was just pointing out a blockchain that had the ability or seeming ability to timestamp each transaction but i can see that you would disagree with that vehemently. but it comes close.

and what was bitcoin's marketcap in 2018 when another serious bug was found that could have crippled it and brought it to its knees. hmm?
but you're not here to debate problems of solana vs bitcoin...


well it uses a verifiable delay function and inserts transactions into a hash chain as it computes hashes at a very high speed. then it puts a timestamp on that set of transactions from what I understand so it's not like it's timestamping every single transaction. but since slot times are on the order of maybe 100 ms, that's kind of inconsequential. i just like to see a timestamp on everything. especially any transaction I do. so I know when I did it and things like that. a 10 second delay is one thing but a delay of 1 day is another. if I have to wait that long to see it confirmed, then theres a discrepancy between when i submitted it and when it got "timestamped". so when i look back at it in the future, i might get confused about when i actually submitted it.

for all intents and purposes, it seems like solana does exactly that. but if someone disagrees then fine. that carrot is still for the taking by some clever engineering type.

why would you want to do it in bitcoin? well just imagine a quantum computer has 10 minutes to crack someone's public key and steal their utxos. if you could timestamp the transaction that they submitted then when the quantum computer came and tried to use the same utxos it would be denied. because its timestamp would be later. people keep saying "by then, we'll have moved to another quantum resistant algo." that's all well and good but until then it doesn't hurt to have a backup plan.

You can correct me if I'm wrong here, since up until 10 minutes ago I knew literally nothing about Solana, but a quick read of their whitepaper and it seems they use relative timestamps rather than absolute timestamps. That is to say, they simply use a hash function on repeat, endless hashing the output of the previous hash, while occasionally concatenating the output of the hash function with some arbitrary data before hashing it again. This allows them to say that data was timestamped at "Hash number 346,124,805", for example, but it says nothing about whether hash 346,124,805 was a second ago, an hour ago, or a day ago. And that is without mentioning the inherent centralization of proof of stake and that they apparently use a small number of "leader nodes" which dictate to the rest of the network.

Still, as I said above and as other have repeated, why do you want to do this on bitcoin considering all the downsides? You need to have a reason beyond "Well, I think it would be nice". If altcoins want to base their insecure consensus mechanisms on timestamps, then go ahead. Bitcoin doesn't base its consensus mechanism on timestamps, and so timestamps are not relevant. Why add unnecessary bloat?

That's an unfair comparison. Solana has a $33 billion market cap and had a network crash last quarter. Bitcoin was the first major cryptocurrency. That bug was fixed when it had a few hundred thousand dollar market cap and when only a few dozen people knew about bitcoin or crypto in general. And bitcoin has been going strong since...

I'd prefer to discuss Solana here only where relevant to hashes and time stamping though. I think the main argument here was that Solana uses time-stamping, which is fine for it, but the question is why you would want this for Bitcoin. I don't recall seing an argument about how you could do distributed trustless rapid time-stamping (bitcoin does distributed trustless slow time-stamping), nor about why you would want to do such rapid time-stamping in Bitcoin.

A validator doesn't contribute a lot to decentralization, that's what I'm saying. It's actually nearly-zero contributory.

Which thing? That it's more inefficient? I've already told you why, where do you disagree?

But, they all use the blockchain. I may also want to have my coins represented in cryptokitties, but that doesn't mean everyone should be forced to do that just because I want it.

Ugh. That is not relevant to the discussion...

Uh, no. It is "Hardware Recommendations". And they're not really that steep. I bet I could build a validator way cheaper than I could some solo bitcoin mining rig. Reason being, the first miner I buy is going to cost more than a single validator. To say nothing about electricity costs...


Binance Smart chain is centralized. Solana, eth, not so much just based on # of nodes. And remember, anyone can run a validator.

people love to beat solana over the head with this item. fair enough but bitcoin has had its problems in the past too. things like inflation bugs.


I think the idea is that Solana slots create a real world clock.

easy to say hard to prove.

I'm not saying everyone should be forced to. I'm just saying it's nice to have alternative technologies that do things slightly differently. Bitcoin is not cheap as it is. it's fees are higher than solana by orders of magnitude. you probably get more anonymity with bitcoin than solana but i haven't heard anyone proving that.

Based on hardware requirement[1], it's definitely less decentralized compared with Bitcoin.


And there are many bigger concern and problem. The worst one is their cryptocurrency network down at least 3 times[2]. Justin Bons mention some of the problems[3], although i only verify few of them.

[1] https://docs.solana.com/running-validator/validator-reqs
[2] https://www.msn.com/en-us/money/other/solanas-network-goes-down-for-the-third-time-in-less-than-six-months/ar-AASrd1t
[3] https://twitter.com/Justin_Bons/status/1514646388688232456#m

I doubt Solana timestamps accurately every transaction that's made.

That's a false conclusion. Just because it has a 10MB block size, it doesn't mean it's efficient. Sure, it might have cheap fees, as any other altcoin, but this doesn't determine anything. Actually, with thousands of transactions per second and all this NFT mania, I can easily say that it's much more inefficient than bitcoin.

The number of nodes running is not so relevant with decentralization. The fact that they're using Proof-of-Stake and that there's a "Solana foundation" yells for centralization.

But, why should everyone be forced to have timestamped transactions just because you want it? Not only I find it unnecessary, but I don't want to have it as I'll have slightly less privacy and more expenses in fees.

Solana states on their page that they don't perform rapid trustless time-stamp distribution, so they haven't solved anything on this theme.
"Proof of History is not a consensus mechanism, but it is used to improve the performance of Solana's Proof of Stake consensus." https://docs.solana.com/cluster/synchronization
My credit card transactions are processed on distributed servers across the world, are time-stamped and have fast transaction speeds, and has had that for decades. (I believe lightning network of bitcoin does the same? I'm ok with fast transactions. Daily-use requires that.)


A cryptocurrency designed around a rapid timestamp is destined to fail as a store of value, simple as that.
(A state currency is different because centralization is the feature.)
This is because a currency shouldn't have to worry about being in any race condition to transact. The goal is to trustlessly store value, not to spend it immediately. If you have to beat the others with processing at an inhumanly short amount of time, then this will push out people that don't have the best hardware on the market, which is nearly everyone. You force centralized use when there are time races. You prevent consensus because there is not enough time to send and verify to all nodes. A common person cannot be expected to have the fastest internet and computational power. Under race conditions, if a currency is not already adopted, you prevent adoption among the masses.
There is no such thing as standardized hardware when considering a currency used long term due to advances in computing. If there exists any advantage in going slightly faster or slower, someone will at some point exploit that.

So either you doubt that solana exists or you doubt that it is timestamping transactions. If you've ever used solana, you would notice that confirmation times are almost immediate. There's hardly any waiting at all, at least the couple times I tested it out. And the transaction fees for sending is tiny. Even smaller than litecoin. So it seems more effficent and lower fees, the opposite of what you are suggesting. Now I'm not sure how many nodes they have running, maybe it's not as decentralized as bitcoin? is that your problem with it?

or use a blockchain that has advanced technology that can timestamp transactions simple as that right?

what do you mean by "standardized hardware"?

From what I can tell, Solana's PoH requires a node to use standardized hardware in order to ensure that the time is synchronized.

Even if it's possible, which I highly doubt along with kaggie for the reasons we've outlined, but say IF. Does it worth it? You're going to increase transaction size which will lead to higher fees and less block space, and which will make verification less efficient, for timestamping a timeserver? Doesn't it sound ridiculous?

If you want to know when a transaction was broadcasted to the network, regardless of when it was signed, then run your own node and do the timestamp yourself. Simple as that.

I agree that at least one of those is a minor issue, but the other is important to avoid spam transactions.I could think of more issues but think this topic of time distribution is very interesting to not disparage it completely (even if I think it is impractical and dangerous for bitcoin).


That's a great counter-example.  I don't understand how Solana does this immediately, and don't immediately believe it can perfectly time-distribute due to the issues I've mentioned previously.  My gut feeling is that a perfect time-server with trustless distribution is impossible and is a marketing technique.   I will look into it more because I see a lot of advantages possible with trustless-time-distribution with other technologies, keeping my huge reservations against it for a currency. They seem to make the assumption that you are in a race and have to be first to transact or compute, which is a poor assumption for a currency but not other tech imho.

If quantum computing was as an issue like this where we couldn't protect against it, we'd probably have to go back to exchanging physical gold or something that could actually store value.

Yeah, those are more minor issues though. I think an even larger issue is not every miner has the same mempool. Now if I broadcasted a timestamped transaction and got it into some miners' mempool but the quantum computer hacked my public key and submitted a transaction and got it into some other miners mempool before my transaction got confirmed then that would be a problem.  


well apparently it has already been done.
 

Proof-of-History: A Clock Before Consensus
Because nodes in a distributed network cannot trust the timestamp on messages received from other nodes, the biggest problem in distributed networks is agreeing on the time and order in which events happen.Solana uses Proof of History (PoH) to overcome this problem by establishing a cryptographically safe source of time throughout the network. Proof of History is a high-frequency Verifiable Delay Function (VDF) that takes a certain number of steps to evaluate but provides a unique result that can be publicly confirmed.Because they can trust the date and sequencing of the messages they’ve received, nodes may generate the next block without having to align itself with the entire network beforehand. As a result, the consensus overhead is reduced.

i'm not saying solana is the greatest thing in the world but they seem to have achieved a trustless timestamped currency. would you agree? i'm a little bit unclear on how they keep timestamps in sync though...

you don't broadcast your entire transaction to the timestamp network. you just broadcast its hash. the timestamp server would incorporate the hash into the next hash it computes so that you could or anyone (the bitcoin network) could verify your hash got incorporated into the hash chain at a certain point in time. that's what i was thinking.

Anyone I guess could set up such a blockchain timestamping timeserver. I don't know what the incentive would be other than to perform its stated purpose. But it would need to figure out a way to make money. There might be a coin for the timeserver network that you have to pay with to have a timestamp created for something. There are services that allow you to timestamp hashes of documents. But their resolution on a timescale is pretty bad though. Some of them are free some you have to pay after you do more than a certain number in a given time period...and from what i've seen they just piggyback off of the bitcoin,eth or some other blockchain.