Author

Topic: Seperate chain for transactions (Read 1133 times)

sr. member
Activity: 280
Merit: 250
May 10, 2013, 01:45:27 PM
#11
Here's how we plan to do it in Open-Transactions: Let's say that 10 transaction servers voluntarily choose to form a voting pool (to provide more security ...
Oh, I seem not to understand that quiet right ... Embarrassed

but the 1000$/1Mio problem isn't affected by this. Real security problems in such a system will come from the inside and are undetectable untill the money is gone. It isn't about someone hacking 10 servers, it's about someone having/getting control of 10/2 servers and deciding to steal/blackmail funds once the price is right. It might be even sufficiant to block funds and make an public offer to steal funds.

Old pools had been trustworthy/capable in the past with littel funds,but that doesn't mean that will be in the future with big money. New pools could be set up for fraud when a specific sum is reached,...

Incentives for honest servers are far smaller than for potential criminals, so criminals would put greater efforts into getting in because there is an additional bonus. The randomizing doesn't affect criminals payouts since they then haven't enough power in all but statistically pools, which is actually infavor for them. Adding more security features will make people more confident, but doesn't solve that fundamental problem that I belive is the most threatning to OT.

Bulletproof on one one day, death and chaos on the next ...
sr. member
Activity: 440
Merit: 251
May 08, 2013, 08:07:24 PM
#10
Here's how we plan to do it in Open-Transactions: Let's say that 10 transaction servers voluntarily choose to form a voting pool (to provide more security for their users.)

This means that all bailments of BTC into the pool are sent to a list of 10 addresses -- the 10 servers in the pool.

Any bailments back out of the pool will require a (say) 8-out-of-10 vote of those servers to get the coins back out.

The servers simply look at the bailment request, verify the signatures on it, and then vote. Most of the time (if the signatures verify) then there will be 10 "yes" votes. If the signatures don't verify, then normally you will get 10 "no" votes.

So for that pool, I wouldn't expect any new voters to ever be involved, other than the 10 servers participating in that pool.

Of course there will be multiple pools, and users will have to choose which pools they trust. It's not IMPOSSIBLE to hack the funds, but it would require hacking 8 servers instead of 1. Since everyone here uses stuff like MyBitcoin and MtGox (which would require only hacking a single server) then my proposal is a significant improvement on the current state of things.

sr. member
Activity: 280
Merit: 250
May 07, 2013, 09:57:14 AM
#9
I don't think you really understand how voting pools / multi-sig works.

If any jackass can just go and add voters to any multi-sig transaction they want, then the whole concept of multi-sig becomes worthless.

It's definitifly not possible for any transaction, but nessasary for a trust system to make any difference. A closed trust system without really new signers is not different to a system based on one signature.On the other hand it 'd have to be impossible for new voters to enter the pool to keep fraudsters out ...

Even if I could trust the original pool with 1000$ there is no reason I could trust them with 1 million unless I could add new voters. Adding new pools isn't possible either so that system doesn't work. Adding Merchants does.
sr. member
Activity: 440
Merit: 251
May 05, 2013, 07:19:07 PM
#8
It doesn't take much effort to add new 50 servers and get enough relative votes on a pool. By adding just 10 servers you could freeze funds and blackmail people.

I don't think you really understand how voting pools / multi-sig works.

If any jackass can just go and add voters to any multi-sig transaction they want, then the whole concept of multi-sig becomes worthless.

So then why do you think they added it to the BTC protocol in the first place?

sr. member
Activity: 280
Merit: 250
May 05, 2013, 09:28:28 AM
#7
Bitcoin doesn't solve the trust problem either, since 51% of the hashing power can forge transactions.

That's not a trust problem anymore. It's against their best interest to forge transactions since this will make their stolen btc and especially Asics worthless. I only have to "trust" someone if there is some benefit for him to screw me. (or is not capable)

For example, if there are 20 servers in the pool, and the multi-sig requires 15 votes to move the coins, then you would have to hack 15 of those servers, not just one, to get the coins out of the pool.
It doesn't take much effort to add new 50 servers and get enough relative votes on a pool. By adding just 10 servers you could freeze funds and blackmail people. It's too expensive to run 100 servers for a system that would work on 10 but relativly easy to add 100 for a short period of time. Limiting new servers doesn't work either.

Outside bitcoin it's easy to make contracts and stuff, but since goverments are atm openly stealing funds so that doesn't work here. If they get outlawed, blockchain will still work but these contracts get useless.

It's not as secure as the blockchain itself, but it's certainly a lot more secure than having to trust a single server -- which is mostly what the whole BTC community does with these servers like MtGox and MyBitcoin.
Remember how many btc-services got hacked, frauded, closed, ...
Just because everyone is doing something it doesn't make it right or safe. Online wallets have very limited advantages but huge risks. Nobody has to trust them and everyonw who does with more than change is stupid. I fear that bitcoin will get to big to run your own client and we will have to trust some online wallets. A seperate blockchain would solve that.


What differs my idea from all existing methods is it doesn't require trust or even computer safety. F.e. comparing security of safes with and without insurance and sticking only to mechanical details is pointless, since a shitty safe with a solvent insurance is far safer than Ft.Knox.
sr. member
Activity: 440
Merit: 251
May 05, 2013, 04:23:46 AM
#6
Bitcoin doesn't solve the trust problem either, since 51% of the hashing power can forge transactions.

A voting pool would be composed of a group of transaction servers, such that X-out-of-Y of the servers would have to vote to get coins back out of the pool.

For example, if there are 20 servers in the pool, and the multi-sig requires 15 votes to move the coins, then you would have to hack 15 of those servers, not just one, to get the coins out of the pool.

It's not as secure as the blockchain itself, but it's certainly a lot more secure than having to trust a single server -- which is mostly what the whole BTC community does with these servers like MtGox and MyBitcoin.
sr. member
Activity: 280
Merit: 250
May 04, 2013, 01:25:33 PM
#5

As far as I understand that link descripes an idea for online wallet operators to be safer from hacks. That doesn't solve the trust problem at all since I now have to trust a pool instead the operator. Without a method to define who is able to vote your idea isn't complete and for myself I haven't found a fair AND safe way to define that. One compromized server plus some votes and it's done. Freezing for blackmail or directly.

Nevertheless it's still my risk that the system works as a whole. Trust is one issue among many others, f.e technical problems, laws, ...
On my idea none of these are my problem. If it works fine, if not we pull the plug and I get all my btc back plus free stuff.

BTW: Please write more/less than just one link, nobody will follow a topic on several sites.
sr. member
Activity: 440
Merit: 251
sr. member
Activity: 280
Merit: 250
April 30, 2013, 01:18:02 PM
#3
Sounds like Ripple.  Or Open Transactions.    Or redeemable codes from an issuer with money transmitter's licensing.

Scamcoin sounds like Bitcoin, but it isn't.
All those services require trusting them with more money than they would get if they scam you. Once funds are on the alternative chain merchants will get them sometime. It's like a amazon coupon but without the risk of amazon going broke.
legendary
Activity: 2506
Merit: 1010
April 29, 2013, 05:34:12 PM
#2
If here is enough positive feedback I'll work out some details.

Sounds like Ripple.  Or Open Transactions.    Or redeemable codes from an issuer with money transmitter's licensing.
sr. member
Activity: 280
Merit: 250
April 29, 2013, 02:16:09 PM
#1
Todays bitcoin protokoll isn't sufficient for a mayor currency at all. With billions of transactions and enormous sums involved transactions would take for ever and generate a huge amount of data. It's already too slow to pay for soda and too big to download.

My idea:
A trusted chain for fast payments, the old system for savings, private transactions and huge payments

To get money into the system transfer funds to a gateway adress and get them credited on alternative chain at same adress. Keys of gateway published, but transfers from that adress banned by the bitcoin network ecept to one payout adress operated by "Merchants".

Transactions within the new network are signed as usual but handled by Merchants. Funds can only be sent to Merchants adress in exchange for goods. No private transactions, no way to get BTC out if Merchants don't agree. You can get your soda instantly but no BTC change. No fees or inflation, but they can freeze funds and undo/ignore transactions.


Why could we trust them?
Transfers from the gateway adress will be limited by the bitcoin network. It allows only transfert to the payout adress and in order to get funds there the foundation has to sign it. Once a day or even longer periods.
An online blockexplorer enables you to check your balance and transactions, if there is a transaction you didn't sign inform the foundation and they won't release the next transaction unless that issue is solved.
If they can't solve it we update our bitcoinclients to enable transfers from the gateway adress and send all funds back to their origin.

Why could they trust us?
Pulling the plug would kill bitcoin if there is no justification for it. Even the foundation hasn't the power to freeze Merchant funds since 51% have the power to update to a new client and enable an alternative payout adress. Keys of gateway adress must be public.

Why could they trust them?
Isn't our problem. Payout adress could be signed by several merchants or they could sign contracts or ...

Who pays for it?
Only Merchants. If there is one penny taken from customers to pay for it we'll shut em down. They profit from a fast and very cheap payment option in their shops and that's enough. Compare that with VISA ...


I think it is far better to implement an official FTC (fast transaction chain) into bitcoin client than mt.gox green adresses or trusting a single/some company(s)/state(s)/species with that much power. If here is enough positive feedback I'll work out some details.
Jump to: