Topic: rpietila Altcoin Observer - page 104. (Read 387551 times)

Are you planning on holding your XCN long term? Personally I'd be pretty scared about a major sell off coming at some point and would be seriously considering getting out. Even if only temporarily if I truly believed the currency had a positive long term outlook.

You have to admit that the hype and the amount of money poured in thus far has been astronomical.

"Bitcoin with pruning" does not yet, and may not ever, exist in a politically viable form other than XCN/XCN-forks.

It's not fair or valid to compare a successfully researched/designed/launched coin like XCN with vaporware.

The point of mini-blockchain is not to "defeat" Bitcoin.  They are complementary projects sharing different parts of a rapidly growing crypto-economic pie, not fighting to the death in some kind of 'Two Coins Enter One Coin Leaves' zero-sum Thunderdome.

Besides, XCN features several other (arguably more important for retail user) innovations on top of mini-chains:


Look at the trade-offs as a variant of Zooko's triangle.  You can have your cryptocoin be established/secure (BTC), anonymous/private (XMR), or scalable/instant (XCN).  All three of these niches need to be filled by distinctly specialized technology, until we can square the triangle...

On Planet Libertopia in the year 2099 we will buy lattes with XCN, real estate with BTC, and party supplies with XMR.   

One thing I learned when thinking about higher level semantic languages and modularity (for the Copute language I was working on before tossing it aside in 2013 on rpietila's urging that I look at Bitcoin, yeah you can blame it on him ) is that such boundaries don't exist. Leakage seeps across in ways you can't even fathom in such simplistic hierarchies.

My point is ultimately if you spend the coin for some hard asset, e.g. land, car, electronic fiat (since paper is going away), then you are identified with some coins that you exchanged for the asset. That you mixed them with ring signatures or CoinJoin to hide the trail where they came from, doesn't stop the authorities from demanding you reveal your private keys to prove you have given them the trail as they may compel you to do.

If you are receiving Cryptonote coins in exchange for some anonymous good or service (often intangible although trading for gold can be anonymous if you wear a mask or use anonymous shipping methods), then due to one-time ring signatures you can't prove where the money came from even if you reveal your keys. And the sender hasn't received in return something that can trace to him either so he may not be identified.

However in many cases we are trading fiat or something tangible that can't be anonymous. So the best anonymity would be a technology that could break that chain of traceability so that even if all parties were forced to reveal their private keys, the anonymity would still not be broken. I know it seems like the authorities could still compel you, but there is a clever twist that I just stumbled onto.

I actually have an idea how to do this. It isn't absolute, but anonymity never is.

I think someone already posted a link to a public GPU miner already. And you can be almost certain that if a public one came out that fast there have been private ones going probably since launch or soon after.

I find it interesting that his suggested "W3" short form name didn't catch on and instead we all used "www" or just the "web".

Which layer are you proposing a block chain should be? Data, Logic, or Presentation? You seem to be saying logic, when it's a distributed data layer.

Cryptonite(XCN) most definitely has a private gpu miner. I tried mining with spot instances, even with different vps, hardly anything, not to mention the countless posts of guys using cpu farms and getting none-hardly any coins at all.

Rpietila underestimates the geometric network effects of making the block chain programmable. Imagine if every website had to be a copy of the first one.

Note that with mixing on the block chain, e.g. Cryptonote, Monero, Zerocoin, authorities can compel you to reveal your private keys and unwind the anonymity, e.g. you end up with some physical asset or fiat system asset which you can't be anonymous on. It shows you paid for it with mixed coins.

Also mixing that is off the block chain, e.g. CoinJoin, DarkCoin, Tor, I2P, authorities can compel you to reveal your inputs and outputs.

But what if there was a way where the authorities could compel you to release everything and they still couldn't break the anonymity.

Now that would truly be an anonymous coin.

You are apparently incorrectly assuming the MBC coin doesn't perform some optimization to store only the outputs address (over the long-term that exceeds the window of retention of full transaction history), and thus the relative overhead of the hashes in the tree (compared to the retained transaction size for only the outputs) is much more significant than your computation of "2.5".

Bitcoin would have to fork to achieve similar levels of efficiency. Actually I am not even sure they could. The historical block hash would have to change in order to discard part of a transaction's data. I suppose there might be some clever way to finagle it. Why not just implement the MBC instead.

Being very early at least discussing it is good and we already have so many projects. This is the altcoin observer thread and I haven't seen any idea except the rising anonymous currencies being discussed here. Anything else?

It is not easy to separate interactive factors, and consider pairs of variables in isolation. The 3 body/4 body problem (per Newtonian physics) comes into play. In altcoin economics there are additional overlays relating to distribution stages (critical mass stepchanges) and reflexivity (effect of participants views and bias).

All these make prediction an art rather than a science !

Not sure how new this is, but coingecko.com has a variety of interesting metrics by which you can sort altcoin rankings.

This one use various source code activity to rank coins by "developer."  Monero is #4  https://www.coingecko.com/en?sort_by=developer_score

Monero is also top 10 on "total" and "liquidity."

Does not do so well on "Community", but it looks like that score is based primarily on reddit, facebook and twitter.  It does not seem to track bitcointalk.org (let alone the fine rpietila specific threads).  No doubt this is due to increased complexity of monitoring discussions on bitcointalk generally, and the even further complexity of tracking the reputation of posters on bitcointalk.org.

Still, some interesting measures.

PS - doesn't seem to sort well on chrome, had to use explorer to get that working.

Cryptonite keeps a full block chain for, I believe, two weeks, after which it assumed that chain forks are never going to happen. Bitcoin pruning would need to do something similar

I might be wrong about the details though. I didn't really study Cryptonite very much after concluding that it adds little to Bitcoin with SPV and pruning, and also after seeing it grossly overvalued relative to its maturity. When the price comes down to something I might consider potentially attractive as an investment I might take a closer look.

I think you can also add

3. Because of the rising difficulty, an increasing fraction of the people who want to acquire XMR and were mining so far to that purpose now will buy instead.

So, the selling pressure created by botnets is one thing. On the other side of the coin (pun intended), also buying pressure should build up. Economically, the only reason that these two effects do not perfectly neutralize each other is that they do not happen at the same time.

That's how I see it, from an economical perspective at least. Hard to figure out the psychological effects, though.

Yes, merkle tree hashes are small and not that many are needed.

One hash is required for each complete branch that has been pruned (the extreme being the entire tree being pruned, in which case only the root hash in the header remains). The worst case would be one remaining transaction in a block with a long chain of hashes all the way from the transaction to the root. If there is more than one transaction, then fewer hashes are needed per transaction (the extreme case here being all the transactions present, in which case again only the root hash remains).

Hashes are 32 bytes each. Transactions average very roughly 500 bytes. The block header is 80 bytes. With 8 million transactions per block (obviously impossible with the current 1 MB block size, but let's assume that gets increased, and Visa scale is, somehow, reached), the tree is only 23-deep, so this is 736 bytes of hashes and 80 bytes of header for each unspent output, roughly a factor of 2.5x in total chain overhead. This is the worst case, which won't be reached for every block (some older blocks may be fully spent or expired by demurrage fees, and newer blocks will have more unspent outputs).

There are other optimizations possible within Bitcoin. For example, it isn't necessary to store input scripts once the transaction is "fully" confirmed. These likely require a fork but they don't certainly don't require a whole new coin, nor does switching to a new coin really offer any advantage if this sort of optimization (which is effectively what the mini-blockchain is doing) is seen as a valid tradeoff against security.

I think it's too early to talk about successful DACs as they have not proved any of its concepts yet except for an ability to splurge and rise capital for the future projects.

It seems that Bitshares and its child projects like Bitsharex-X are directly competing with some promises of Etherium. Smart contracts are also available with Counterparty.

Good point with the lack of network effect. Although the network effect can work on more institutional level, if ethereum is really backed by the big money and they have a plan to package and sell it to business. They could really use some DAC (distributed autonomous companies) technology and smart contracts - could this be started/used instead by the ordinary folks? Is there really a need for such things?
I have not studied similar platforms yet, but maybe its time to take a closer look because we already have quite a lot of projects and it is reasonable to assume the most successful one is already out there.
Does anybody know of some successful DAC for example? (if this thing is even implemented by some project and not just on the paper)

Correct. There might have been an issue with one of the choices for optimized pruning which required a fork (I forget the details).

Edit: I think I remember the issue was that because we can't guarantee that users won't reuse addresses, then pruned Bitcoin block chain can lead to double-spends if different clients have different rules on pruning, thus I think there is some fork needed to deal with this. But again I forget the details.

Edit#2: I haven't studied Cryptonite's implementation of the MBC, but if they didn't deal with the address reuse issue, that is a double-spend hole.


That seems to be incorrect on quick thought. Have I missed something?

Unspent address in the pruned Bitcoin blockchain requires an entire branch of the Merkle tree which includes a set of hashes for every node up the tree to the root block hash. In MBC, the cost per address is only roughly one hash as the overhead of the Account Tree is amortized across all unspent addresses.