Topic: Removing old coin uncertainty (Read 5091 times)

Funny how the topic is "Removing old  coin uncertainty" yet by these proposals we are doing just the opposite.

If you leave them alone (which we will) you are creating certainty. If you store your coins properly they will be safe and untouched for when you need them and outside forces will not change this.

I think people are imagining just different scales of things.  Perhaps you think about the problem and imagine something like a 20% uncertainty in the true medium/long term supply of coins.  Someone else, looking at the same trends and facts may be imagining a world where there is a 99.99% uncertainty in the medium/long term supply of coins.

I hope that most people would find a lot more agreement if not for the speculation on what the future would look like... and if so, then should one of those futures come true deciding what (if anything) should be done about it would be easier.  Hope hope hope.

We actually have something much more effective than whats described in the paper in Bitcoin-QT already. This is part of why 0.8 was so much faster than prior versions— it changed to doing all the validation against a separate maximally pruned data structure.  Some additional work is needed to make sure nodes can still be bootstrapped— that there still exist ample distributed copies of the historical data and that new nodes can find them— in a world where a lot of nodes are pruned... but the pruning itself is all there. You can, quite literally, go and delete all the old block files (past 288 blocks or so) and your node will run fine until a peer tries to bootstrap from you and fetches an old block (and then it will crash. ).

Why the 'know the circulation with precision' itch makes people scratch is beyond me.  It does not seem to me to amount to much in the scheme of things.

OTOH, robbing minor values from addresses which hold tiny fractions for the purposes of re-basing and optimizing the block-chain (and that for the purposes of making full nodes more widely possible) seems like something I would favor.  I am sure that this would be seen (rightly) as an even more abusive violation of 'contract' or whatever.  Although it is an itch which makes me scratch myself raw I could not propose it.  I must lamentably accept that it is a fundamental operational feature which was not part of the original design so I'll resign myself to simply wishing it were.

Sure would be cool if Merkle pruning come into existence someday before the earth stops cooling though.  Some notion of that was in the whitepaper and was a sales pitch which worked on me to the extent that I understood it's goal.

Personally I think 1 year is insane.  5 or 10 and perhaps thats something which would be reasonable for some cryptocurrency to implement. I wasnt attempting to give the impression that I thought 1 year was a good trade-off.  Just trying to point out that the OP's motivation wasn't to take coins from anyone, his definition of sufficient time and notice being crazy is another matter.  

For better or worse I think we've already signed the suicide pact on this one. The gut reaction people have is just too violently negative and no amount of reason will get people through it... so even if you could prove that Bitcoin will die without such a fix (and its not clear that this is the case) then you'll only succeed in proving Bitcoin will die.

As a high preacher of the philosophical school of thou-shall-not-fuxor-the-contract and the view that Bitcoin's existence as a mathmatical object as outside the influence of popular opinion as possible is what makes it worth having, I still do feel the urge to suggest a little caution with the width of your statements here.

Bitcoin in its exact form, as originally released, was worthless. Anyone could spend anyones coin. Anyone could pick an arbitrary block and slay it so that new nodes would ignore it and split the consensus. Anyone could crash all the nodes (in a dozen different ways). Anyone could create a block 1/32nd the size of the system maximum and cause the system to fragment. Anyone could create unbounded amounts of additional coin. All these flaws and more were in the original software, coded into the rules of the system.

If changing the software, at all, was Bitcoins death then Bitcoin never really existed. ... But clearly it does exist. These things were fixed, in 2010, 2011, 2012, and 2013.  I hope that this list never grows, but perhaps it will.  Will we put Bitcoin down and walk away because the software is a suicide pact which can never be changed at all. No.

Should our moral responsibility be to uphold the Bitcoin contract? Absolutely. Does that contract include every flaw and mistaken in the software? Clearly not— mankind simply does not have the engineering tools and talent to build it another way.  Where is the line?  Unclear. Reasonable people can disagree, and thus the taint of the influence of man.

I hope for Bitcoin's sake that serious life or death flaws will remain uncontroversial fixes... and that Bitcoin can survive a few changes here and there, as required, by a true consensus.  If it turns out that can't work, I have noting to offer as an alternative: a tyranny of a majority is certainly not what we signed up for.

If that is the case I think it will be truly sad, because I think such a failure of Bitcoin would salt the earth for a generation for the idea of a system whos trust is in math rather than man... but perhaps it will be. Time will tell.

This.  It is also why no major change will ever occur.

Bitcoin is a consensus system.  The certainty of the rules give it value.  You can call it faith if you want.  Someone buying a Bitcoin for $150 does so because they believe 1 BTC will be a better store of value then $150 will be.  If those rules are changed then Bitcoin will fail.   It doesn't matter that "10 years is long enough".  First of all according to who?   If it can be changed to 10 years it can be changed to 1 year, it can be changed to increase the money supply, it can be changed so governments can block unwanted transactions.

The first core change is likely the beginning of the end for Bitcoin.  There is a social contract.  The social contract is a promise to past and future users that things like "transactions are irreversible" will be honored.  The VALUE of Bitcoin comes from the contract and the faith users have in it.   Stealing coins after the fact violates that contract.  If you make an alt-coin which incorporates these ideas from day 1 it is one thing.  To do a bait and switch and change the rules after the fact is immoral and it will kill Bitcoin.  Luckily there will never be the widespead consensus to make such changes a reality.

Hehe, I just defended your OP but I doubt this point a bit. People have bitcoins in truecrypt drives that they forgot the key for etc. and consider it extra save to care about recovering this data in some distant future when it became easy to recover passwords to a truecrypt drive but not easy to guess the private key to their bitcoins

Bitcoin derives its value from the predetermined issuance rules, and the fact that possessing the appropriate private key is both necessary and sufficient to spend a UTXO.

Changing any of those things destroys the long term value of the currency.

Ok, as there is so much hatred towards the the OP:

I totally agree that unmoved coins should be removed. I disagree with the OP that this should be some singular event (I don't like singular or recurring events like the reward halfing) but it should be some rule like coins that did not move in 10 years are dead.

Yes, I gave bitcoins to friends and family and told them that they just should remember that it's called bitcoin and if in ten years they find the cd and have no clue what bitcoin is they should throw it away. Else, they would be rich. Well, guess what, they are all excited about their bitcoin holdings now and within 10 years they would not miss to move their coins, so I am not worried about people loosing their coins.
I think 10 years would be a reasonable amount of time and being introduced now, it shouldn't take effect before 2023 but I think we should do this because:

We will loose considerable mining capacities to people trying to crack those big addresses that don't move to the next more secure algorithm once the current ones become insecure.
The sins of the past where tons of dust is created will also get wiped out of the block chain once the nodes may forget about +10a transactions.
It is not stealing when people can at no costs keep their wealth as a client of that generation would automate the refresh and the transacitons would be for free as they would not be urgent and certainly qualify for zero fees. Miners not including those keep-alive transactions without a fee would be attacking bitcoin.

The down sides are:
Sending reduces the security by revealing the public key which is why you would better not continue using the address after refreshing it, which would be maybe sad for some vanity addresses that only collected and never spent coins but maybe a rule could be derived that would allow to keep addresses alive without revealing the public key.
Sending requires becoming active somehow and I guess this fact is what really pisses off people here. Hey, I bought a car and now you want to install a dead man switch that I have to press every minute? Yeah, I understand that but when the current algorithms become insecure it will become an issue and I am 100% sure that we will come to some such agreement at some point, so I would rather want it to be in place before it's urgent. Sure, if Satoshi is the GOV he will not want to move his coins never ever before the world agreed to use his coins but hey, in 10 years we most likely have ZeroCoin or something anonymous like that and even if not, it should be possible then to move the addresses without people knowing who did it.

What do you think we are all hear doing?  We have created a currency - Bitcoin - that is devaluing other currencies, and almost every person on these forums hopes that will happen. This is a free market of ideas.  Are we stealing from holders of U.S. Dollars and every other fiat currency?  That would seem to be conclusion your logic leads to.  Nobody is going to want dollars anymore if our grandest bitcoin dreams come true.  Someone is going to left holding the bag.  So whatever you are accusing me of doing to you, you are most certainly doing the same thing to many others.

So again, do you think someone who is trying to design a better currency than ones currently in existence is a thief?  It almost sounds from the tone of your comment that you think you have a right to hold value in bitcoin.  I think you have a right to run whatever kind of software code you, including bitcoin, and a right to hold bitcoins, but the value is conferred by others, by their own free will.  Although perhaps you believe people should be forced into using bitcoin?  I would see that as a greater injustice than our current system.

Furthermore, I knew I should have titled my post 'lost coin uncertainty', and if you had read my idea carefully, you have seen that is exactly what I am describing.  Old is the sense of 'not moved for a long time', not old in the sense of 'when were they mined'.
As for the dates - I just made some up to illustrate my point.  Any timeframe the community could agree on would be fine.  The first date I picked, Jan 2011, had to do with how much the value has increased since then and hence the likely hood that a massive value of coins has been forgotten.  But that first date could be today, or next year.

I agree with this.  But if people have a tendency to imagine threats long before they are real (as we are doing here), and let such knowledge influence their behavior ahead of time.  As time goes on, this problem that we are discussing now will only grow in severity.  It's clear from reading this thread that most of the current participants in the bitcoin community vehemently against this concept.  But I can guarantee you this will change, as new bitcoiners start asking questions about the money supply.  Lost coins aside, I think we all know there is a chance that people will move to a new currency that has less early adopter advantage.  In fact, I perceive that to be the single biggest risk to the value of my bitcoin holdings.  The network effect and the security of the miners is what keeps people in BTC.  Most newcomers certainly don't like the idea that some early folks have tens of thousands of coins that they got "for free".  Of course they weren't free, and they took a risk, saw the future, etc., I am not disputing that, but psychology is just as important as truth in a money system. 

If anything, this proposal seeks to alleviate those concerns of potential newcomers by demonstrating that there is not nearly as much money in the hands of the early adopters as they might fear, and it attempts to do so without depriving anyone of any coins that they control.

Honestly, if I had once had 50,000 coins, and I lost control of 45,000, I would be quite happy to see this idea implemented.  By proving that those 45,000 coins were in fact gone, I would increase the value of my remaining 5,000 coins be more than if people were just left guessing about the 45,000.

Not sure if this has been suggested yet, but how about a system where old coins evaporate over immense periods of time?

So after 100 years 0.1% of the unmoved coins start to evaporate and becomes miners fee.

If you don't want evaporated coins, move them at least once every 100 years. This means over a long enough time line we stick with 21 million coins.

Peoples mistakes (lost coins) become another incentive to mine. Note that only large time scales will be fair, this system takes hundreds of years to erode away even a bit of value.

But taking old coins completely within 100 years? Pure theft, plain and simple.

And 1 year? Whoa that is madness, 1 year is nothing.

Uncertainty is good. Nothing is certain in this world.

I have a dead wallet because I am more paranoid than average about my computer security.

I still have the private key. Once I set up a secure computer, I plan to move those coins. So far they have been not moving for about 2 months.

1 year's notice is not nearly enough. I *might* agree with a 5 year time-frame suggested by another poster.

Keep in mind that Bitcoin may be declared illegal in your jurisdiction for a period of 10-15 years. Would you really want to risk jail-time (or the death penalty) just to move coins around every year?

It would be much more than a moderate inconvenience for me.  I always thought it was dumb to have more than a certain relatively small number of coins assigned to a certain address.  Further, I thought it was dumb to have said addresses either easily accessible or accessible in a group. (*)  Tracking down and dealing with my stash in it's totality would be time consuming and difficult, and my methods were designed under a specific understanding of how the system worked.

(*)  "Ever noticed how anyone who drives slower than you is a retard and everyone who drives faster is crazy?"  Computer security is a lot like this

It depends on the velocity of money at the time and how quickly they are spent. If somebody cracks an ancient private key that's equal to a substantial fraction of the previously circulating BTC supply nothing happens right away. It's only when they spend it that anything changes.

Given the risk of somebody suddenly owning decades worth of world economic output all of a sudden, I'd expect that once ancient weak key cracking approached feasibility large numbers of people (millions) would form a pools to crack them that would distribute the recovered bitcoins as dividends.

If it ever turned out to be a huge threat, then the people alive at that time would have a huge incentive to solve the problem.

He literally just said in his previous post that he doesn't have a problem with trying to make "my" old coins "almost worthless". I have no idea where YOU get you're "paranoid delusional parody" because I'm literally describing EXACTLY what he is proposing.

He wants to convince, 99% of people, that "old" coins are worthless and should not be accepted, because if they were this might cause "uncertainty", presumably in the price. What he's proposing is basically the same style of "money printing" theft Bitcoin is trying to protect against, only in reverse. Rather than trying to devalue other's currency to give yourself more of it, you're trying to destroy other people's currency to increase the value of your own.

Shame on you.  Disagree, by all means— it's a controversial subject.  But at least understand what you're talking about. There is nothing about "early adopter's coins" in his commentary, he's suggesting a requirement that after a long notice period old coins need to move or will become unmovable. It has nothing to do with not accepting early adopter coins, though it would require people with those coins to move them once. If it was done the way he envisioned it working not a single person would lose access to their coins, though some people might be moderately inconvenienced. The effect of it is that ambiguity about how many actual coins exist would be substantially reduced. Maybe this is a terrible evil horrible idea, but at least complain about what he's actually suggesting and not some paranoid delusional parody of it.

Your speculation has higher entropy than my speculation.  Multi-collissions scale much much better than linearly. E.g. even with just the rho method only moderately more computation is required than the 2^128 operations expected to compromise a single ECDSA key to compromises almost all ECDSA keys on a particular curve.

Collision attacks (e.g. all known methods of discrete log solving) favor single large attackers, they are unlike mining is that the probability of success is not constant but goes up the more work they've done.

Uh. Dunno who you're talking to, but one of the number one things people say to me is "What happens once all the coins are lost, without inflation you'll eventually run out of coins!"  and then I explain that people can just trade in smaller and smaller increments (adjusting units as they go— millibitcoin etc) and I think about 50% of the time they respond "Hm! interesting!" and about the other 50% of the time they say "whoa whoa! what happens when someone finds grandmas old coins, they'd rule the world!"

(Of course, if you've got someone actually concerned about that, I suppose that it means you've already convinced them that Bitcoin will rule the world, even if its a bad thing... which is perhaps what you meant?)

Perhaps some therapy could help you with your old coin uncertainty.

Why another thread?  Why not just add on to one of the dozens and dozens of previous threads that have proposed exactly the same thing.

You can yammer about this all you want.  It is never going to happen.  Mostly because you are trying to fix something that is not broken.  There are many other more pressing real issues that are being worked on.

It would be dead wrong. You might as well flip a coin to decide if a wallet is lost or not. It would probably be more accurate than using any sort of analysis you could come up with.

The effect will be underwhelming. The abandoned/lost bitcoins will not be found all at once and the miners who recover them aren't going to immediately turn around and spend the entire find the next day. By that time the economy will be large enough that it only causes a mild effect, if it's even noticeable at all.

Whether it's via some yet-unknown mathematical weakness or quantum computers that makes the private keys recoverable, it will only gradually become possible. So I imagine it will be done by investors combining their resources in order to build machines capable of doing it, much like present pool mining. Any old balances recovered this way will thus not go to a single entity but will get spread out among a large group of shareholders.

You still get too freaked out over the concept of a currency that nobody controls. It's not going to become a problem in practise - modern cryptographic algorithms don't go from no known weaknesses to being trivially broken overnight. There will be plenty of advance notice and bitcoin holders will adapt ahead of time. It will be priced in long before it happens.