Pages:
Author

Topic: Mike Hearn, London 2014 [video presentation] - page 3. (Read 6910 times)

newbie
Activity: 12
Merit: 0
I don't see anything revolutionary here. Who cares about such "passports" it just won't work, idea is not bad, but implementation is impossible in current environment.

There are many ideas around so don't panic please, many more will appear.

Furthermore speech about security was mostly ok (especially mobile wallets and Wifi), but Mike ideas are not final and I don't feel that he is able to force them against our will. So please don't make any personal attacks here it's childish.
newbie
Activity: 14
Merit: 0
This guy scares the hell out of me.
legendary
Activity: 1526
Merit: 1134
Yes, obviously having a trusted node solves the issue as well, which is why b.i and Electrum aren't so vulnerable to this attack. They trade off centralisation against having no sybil attacks.

Re: proof of uptime. The question is what measures the uptime. A wallet can reconnect to nodes it used before (it can become "sticky") if they seem to be long term nodes, but this requires care.

Firstly it'd require giving each node a long term key so connections can be authenticated. We talked about using SSL (without certificates) between P2P nodes and I still like that idea, but Gregory pointed out that OpenSSL is huge and complicated and people worry about exploits. Tor for SPV avoids that problem because it's all pure Java and just client code anyway. We could do an ad-hoc Bitcoin specific authentication solution though.

Secondly we'd have to be careful about load balancing. Right now SPV wallets get sprayed across the network by the DNS seeds. If wallets kept reconnecting to nodes they used before because they were long-term and therefore more likely to be good, you could end up with wild load imbalances. Tor has some experience with this.

Thirdly, we have the question of what you do if you can't reach your preferred long term nodes. If you try to connect and they aren't there anymore, you can easily go find new nodes .... but now you're back to having a sybil attack.

These problems are really hard. Remember that the "zero knowledge proof of passport" idea doesn't rely on uploading or publishing your actual passport data/identity anywhere. You provide a mathematical proof that you have a passport, but that doesn't give anything away by itself (billions of people have passports).
hero member
Activity: 546
Merit: 500
hm
Hm and to get a trusted node, could we not just use the they key point of Bitcoin itself? A node, that relayed a certain amount of blocks the last 24hours (or maybe month), is not a made up node. Noone can just make up such nodes out of the thin air.

Or would it be some kind of DDOS when everybody connects to the same node?

The last 4 days there where 111 different IP addresses which relayed a solved block. Would that be enough for such special cases like buying a bitcoin with local bitcoin and going out with zero confirmation?
sr. member
Activity: 469
Merit: 253

You can also solve it by using your 3G connection and trusting your cell carrier, but that's also solving via centralisation. I thought people in this thread hated governments and corporations? Saying "just don't use wifi" seems like a rather statist solution Wink

There are two reasons that kind of centralisation doesn't bother me - (1) the trusted third party is impartial and (2) it's still distributed as one can use any one of a number of parties, different ISPs, networks, or use websites or nodes with ssl certificates to do the same job of giving a trustworthy report. It's (2) that's most important of course, because without the distribution, trusting one party gives them too much power and then (1) wouldn't really apply anymore.

As a concrete example I would, for now, trust blockchain.info over https to report the existence of an unconfirmed payment, acting as a cross check against whatever my client is telling me.
hero member
Activity: 938
Merit: 500
https://youengine.io/
There is only one authority that could ever be allowed to issue stuff like passports or certifications or hold elections and publish the results and this is the block chain!

The Tor project is rewarding long running nodes the "entry guard" status and once a node is elected and promoted to that status its recorded in their golbal consensus. their consensus is a fixed centralized consortium of servers run by the Tor project. We have a global consensus too, if we had the equivalent of "entry guards" it would be recorded in the block chain.

How about this: proof-of-uptime: instead of proving a sacrifice how about rewarding long running nodes or nodes that have relayed a lot of transactions for a long time with colored Satoshis to a dedicated address of this node. Upon connect the node would would sign a response to a challenge with this key/address and the other node can then look up the "trust"-level and the age of this address in the block chain.

This is only an idea. It still has to be refined, for example the SPV client needs to query all these proof-of-uptime tx for a new node (and check them against the block headers) if it has not yet seen this same node before, etc. but this is the general way I would like to see such kinds of problems be approached and not the cheap way of asking a central authority to do it for us. If we wanted a central authority we could ask the foundation to run a server for us and would not need the block chain anymore at all. Then we would have invented PayPal.org.

We are making a lot of propaganda of how useful a global decentralized trustworthy ledger is and how all kinds of important stuff can be recorded and certified there because we have finally solved the consensus problem and now we have something important that needs to be recorded or certified in a secure and trustworthy manner and the first thing Mike comes up with is invoking the government to do it for us instead of using our own cool new technology of global consensus.
legendary
Activity: 1526
Merit: 1134
So this kind of simulated network can spoof a payment but can not spoof a block confirmation?

Why is it that they cant spoof a confirmation btw (for a SPV client)?

Because SPV clients check the block chain.

The problem is that blocks arrive unpredictably. It's not uncommon for there to be an hours wait before the next block. So for many practical scenarios the block chain is not good enough (you still need it, but it's just not a total solution).

Note that the wifi hacking attacks can be "solved" using Tor. I put solved in quotes because Tor solves it by being more centralised than Bitcoin is, so whether this is a satisfactory solution is arguable.

You can also solve it by using your 3G connection and trusting your cell carrier, but that's also solving via centralisation. I thought people in this thread hated governments and corporations? Saying "just don't use wifi" seems like a rather statist solution Wink
hero member
Activity: 938
Merit: 500
https://youengine.io/
So this kind of simulated network can spoof a payment but can not spoof a block confirmation?

Why is cant they spoof a confirmation btw?


Anyway, if that is the case, then it does seem like a insignificant issue. And there are probably easier and better ways to solve it.
Looks like Mike Hearn wants to solve the double spend problem. Maybe someone should tell him that its already solved.
sr. member
Activity: 277
Merit: 257
So this kind of simulated network can spoof a payment but can not spoof a block confirmation?

Why is it that they cant spoof a confirmation btw (for a SPV client)?


Anyway, if that is the case, then it does seem like a insignificant issue. And there are probably easier and better ways to solve it.
legendary
Activity: 1232
Merit: 1011
Monero Evangelist
Sybil attack:
Can somebody explain me, how a person can go into a cafe and connects to a not trusted WIFI, buys the bitcoin and leaves without one confirmation? Do people nowerdays not have internet access without WIFI everywhere (except maybe, when you are in a foreign country. There you pay a few cents for one MB)?

I don't really know, if this scenario is realistic.
It's unrealistic and stupid, it's made up just for pushing this anti-privacy technique.


Anyhow, if someone what's to prroof with his passport, that he is a trusted node, where is the problem? This is not required...
The problem is Mike Hearns mindset. How can he think about such stuff, given the history and origins of bitcoin and that the vast majority of the community doesn't want that.
hero member
Activity: 546
Merit: 500
hm
Sybil attack:
Can somebody explain me, how a person can go into a cafe and connects to a not trusted WIFI, buys the bitcoin and leaves without one confirmation? Do people nowerdays not have internet access without WIFI everywhere (except maybe, when you are in a foreign country. There you pay a few cents for one MB)?

I don't really know, if this scenario is realistic.

Anyhow, if someone what's to prroof with his passport, that he is a trusted node, where is the problem? This is not required...
newbie
Activity: 47
Merit: 0
And on top of that the most dangerous and most likely enemy, the government itself, can easily fake 100,000s of passports.
Exactly.

And if bad nodes actually become a problem, you can simply... force-add a few people you trust (and no, it won't split the network).

Yeah, that's the right way to protect from a Sybil attack.
sr. member
Activity: 469
Merit: 253

5) Mike's insight:  why don't we ask ourselves this question:  "what do most people have one of and would find exceedingly difficult to have 10,000 of?"   I guess some answers might be a house or a car or something like that... but Mike added the additional condition: "what do most people have one of and would find exceedingly difficult to have 10,000 of and *which they can prove they have over the internet*?"


To be fair to those of us on the more sceptical side (but who remain civil), this is not really a matter of insight.


Sorry - not my intent to imply a lack of insight elsewhere!


It's not about attribution of an idea, I'm not worried about that (nor is anyone else, I'm sure), it's about whether the idea has merit. Trusting government issued identities is potentially very dangerous (because of both counterfeiting - the technical concern, and corruption - the political concern).
sr. member
Activity: 469
Merit: 253
just some random token associated with a node that is the same for all nodes controlled by the same actor and different for nodes controlled by different actors.
This is not possible. Its not even possible to **define** this problem because you cannot come up with a definition for "actor" or "controlled". And its not needed anyways because Satoshi invented the block chain.

I have to agree. It might look, superficially, as if such a system should work, but I wouldn't trust it as far as I could throw it.
member
Activity: 74
Merit: 14

5) Mike's insight:  why don't we ask ourselves this question:  "what do most people have one of and would find exceedingly difficult to have 10,000 of?"   I guess some answers might be a house or a car or something like that... but Mike added the additional condition: "what do most people have one of and would find exceedingly difficult to have 10,000 of and *which they can prove they have over the internet*?"


To be fair to those of us on the more sceptical side (but who remain civil), this is not really a matter of insight.


Sorry - not my intent to imply a lack of insight elsewhere!

And I'm acutely aware that my write-up is based on two-day-old recollections so apologies for the sketchiness of some of it.

hero member
Activity: 938
Merit: 500
https://youengine.io/
just some random token associated with a node that is the same for all nodes controlled by the same actor and different for nodes controlled by different actors.
This is not possible. Its not even possible to **define** this problem because you cannot come up with a definition for "actor" or "controlled". And its not needed anyways because Satoshi invented the block chain.
sr. member
Activity: 469
Merit: 253

5) Mike's insight:  why don't we ask ourselves this question:  "what do most people have one of and would find exceedingly difficult to have 10,000 of?"   I guess some answers might be a house or a car or something like that... but Mike added the additional condition: "what do most people have one of and would find exceedingly difficult to have 10,000 of and *which they can prove they have over the internet*?"


To be fair to those of us on the more sceptical side (but who remain civil), this is not really a matter of insight. It's not as if no one else who is thinking about identity management understands that governments have pre-existing databases (although Mike's investigation into NFC obviously raises the value of his argument). It's that we consider it a really bad fit with decentralized cryptocurrency. What some people are afraid of, rightly or wrongly, is that the use of such an identify would become de facto if not de jure required.
hero member
Activity: 938
Merit: 500
https://youengine.io/
very expensive if you wanted to create 10,000 different identities
The problem is you need only 4 and not 10000 because Android Wallet and MultiBit connect to only 4 nodes. Someone who wants (and is technically skilled enough) to rip of people with fake nodes during large zero confirmation cash transactions (what a stupid example anyways, who on earth is doing large cash-for-bitcoin transactions with zero confirmation anyways?) can easily have 3 (or 7 or 11) friends in his gang with (anonymous!) passports to help him.

This idea is so ridiculous.

And on top of that the most dangerous and most likely enemy, the government itself, can easily fake 100,000s of passports.

Proof of work is done by miners, the problem does not exist in the frst place, thats why global consensus is established by the miners, thats what confirmations are meant for.
legendary
Activity: 960
Merit: 1028
Spurn wild goose chases. Seek that which endures.
It's funny. Five years later, and we're back to the ancient issue of Sybil resistance. Nakamoto managed to solve that for "voting on the history" applications, but now the gossip network itself is at risk.

Isn't that odd? Proof of work works. Is it really that difficult to say something like, okay, if you can hit a target that's some preset fraction of the network difficulty, you get to play? Or is there some other issue there, that would prevent that approach from working?

I watched the whole video and he did say it was required. So I doubt you watched the video. Also it is anonymous not one is saying different, we are just saying why do we need government ids to use our nodes. He didn't say at all that you will be content to be defrauded, he is saying use it or don't use bitcoinj or bitcoin-qt. You clearly need to use your listening skills much more, he used that as example he never said you can use one or the other.
So the thing about these proposals is that they're all about the gossip network, not the blockchain. And the thing about the gossip network is that mediators and intermediaries are easy to create. A Bitcoin gossip network that only allows people with passports to be a full node is worrisome to me too. But - and this is key - all it takes is one authenticated network user who then allows non-passported connections for anyone to avoid this. And there will be plenty of people (you are one example!) who will be unable/unwilling to create a passport proof, so that gossip network will have plenty of peers and we can continue as before.

His tor proposal was to stick in tor in his bitcoinj, guess what I already use tor in the way he describes so he is just making it easier for people that probably have no clue what tor is or how it protects you on the bitcoin network/internet.
Good. Anything that can increase the default anonymity of the system is a win anyway, as far as I'm concerned. If these people don't even know what is a "Tor", they'd never have used it, and the whole network suffers from the leak of their information. Tor by default is herd immunity. Not revolutionary, but a good idea.
legendary
Activity: 1498
Merit: 1000
Hearn is a run down government whore.

Exactly this dude that looks like Hearn is the only one that is getting all up in arms about it.
Pages:
Jump to: