Pages:
Author

Topic: So what's the deal with smart contracts? (Read 2465 times)

legendary
Activity: 2142
Merit: 1010
Newbie
May 13, 2016, 07:04:33 AM
#50
I haven't read that paper but from the abstract it isn't obvious how this would relate to miners on a pool which is almost all Bitcoin mining right now.

Well, if both our arguments are not obvious then let's wait while one of us writes a whitepaper. For now, the fact that people keep talking about 51% attack while the threshold can't be above 33%, shows how little they care about anything except speculation on BTC price.
newbie
Activity: 28
Merit: 0
smooth I tend to agree they don't need to. They are already amassing massive profits and they just need to make sure they can control the block size to maximize their transaction fees.

I don't think they'd rock the boat with selfish mining, unless they were 100% sure they could do it undetected.
legendary
Activity: 2968
Merit: 1198
Miners can not operate anonymously nor do anything useful with selfish mining or double spends as long as they are mining on pools, which the huge majority of the hash rate is currently doing.

Incorrect. Just by being on a large pool, they inherently are mining on the correct block more often than the minority of the hashrate, which instead have to wait for propagation delay.

That's not evidence of Bitcoin operating outside a Nash equilibrium, which was CfB's argument. Most of the hash rate 80%+ obviously mines on very large pools. The rest may do something else, and it might even be a bad decision on their part, but that little 20% doesn't really affect how Bitcoin operates.

Quote
Also a mining farm mining (or oligarchy of them) with 33% of the hashrate even if mining on a pool, can still do the selfish mining attack without informing the pool. Remember Bitcoin never implemented Meni Rosenfeld's oblivious mining shares fix to prevent share withholding attacks. This is assuming the pool supports getblocktemplate so the miner can set his own transaction block hash.

I don't know which pools support getblocktemplate, but there's no evidence of anyone using it (most if not all ASIC gear just connects directly to the pool and uses stratum). Seems like that concept mostly died when Luke-Jr lost the original argument with slush.
legendary
Activity: 2968
Merit: 1198
Miners can not operate anonymously

Why? https://socrates1024.s3.amazonaws.com/consensus.pdf: "Abstract—We present a formal model of synchronous processes without distinct identifiers (i.e., anonymous processes) that communicate using one-way public broadcasts."

I haven't read that paper but from the abstract it isn't obvious how this would relate to miners on a pool which is almost all Bitcoin mining right now.
legendary
Activity: 2142
Merit: 1010
Newbie
Miners can not operate anonymously

Why? https://socrates1024.s3.amazonaws.com/consensus.pdf: "Abstract—We present a formal model of synchronous processes without distinct identifiers (i.e., anonymous processes) that communicate using one-way public broadcasts."
newbie
Activity: 28
Merit: 0
Miners can not operate anonymously nor do anything useful with selfish mining or double spends as long as they are mining on pools, which the huge majority of the hash rate is currently doing.

Incorrect. Just by being on a large pool, they inherently are mining on the correct block more often than the minority of the hashrate, which instead have to wait for propagation delay.

Also a mining farm mining (or oligarchy of them) with 33% of the hashrate even if mining on a pool, can still do the selfish mining attack without informing the pool. Remember Bitcoin never implemented Meni Rosenfeld's oblivious mining shares fix to prevent share withholding attacks. This is assuming the pool supports getblocktemplate so the miner can set his own transaction block hash (however I guess most pools would do something to prevent a miner from pool hopping so I am not 100% sure about this).

Also miners could own the pool and pretend not to. They could obscure their selfish mining by hopping around to different pools they own. You can bet mining farms have looked into all these techniques. The Chinese are very clever.
legendary
Activity: 2968
Merit: 1198
r0ach = Half of BTT? Well maybe there are lot of sock puppets on here, lol. 

Anyway, I don't think you can easily answer "how much reputation" cost, but you can't say that failure to take short term advantage is not a Nash equilibrium when reputational costs exist, because that is an alternate consistent explanation.

Miners can be anonymous, they can collude, frankly saying, this "reputation" topic doesn't look as a solid counterargument against the claim that Bitcoin operates out of an equilibrium.

Miners can not operate anonymously nor do anything useful with selfish mining or double spends as long as they are mining on pools, which the huge majority of the hash rate is currently doing. Only the pools themselves could do that, and they aren't anonymous.

If a large anonymous solo miners existed and had the opportunity to engage in selfish mining but didn't, your theory would be validated, but how could this ever be tested? I think it is impossible.

You could argue that a bunch of large miners would be better off on private pools or something, and by choosing to use public pools they are not in a Nash equilibrium, but the whole argument becomes complex, since pools benefit when other miners join them, so there is an incentive to be public, large visible actors such as Bitmain might be better off using a visible public pool since it isolates them from false accusations of misconduct, etc.

Also, the theory of selfish mining has some repeated game problems, since it assumes everyone else doesn't selfish mine. If others selfish mine, the defense is to selfish mine yourself, and if multiple large miners of equal size all selfish mine, then it is obvious none retains any advantage. If there are several large miners (or pools), they may be better off not bothering to start the conflict, especially given even small potential for reputational consequences.

legendary
Activity: 2142
Merit: 1010
Newbie
r0ach = Half of BTT? Well maybe there are lot of sock puppets on here, lol.  

Anyway, I don't think you can easily answer "how much reputation" cost, but you can't say that failure to take short term advantage is not a Nash equilibrium when reputational costs exist, because that is an alternate consistent explanation.

Miners can be anonymous, they can collude, frankly saying, this "reputation" topic doesn't look as a solid counterargument against the claim that Bitcoin operates out of an equilibrium.
legendary
Activity: 2968
Merit: 1198
That paper does not demonstrate any party is necessarily operating out of a Nash equilibrium. Selfish mining is detectable, so mining pools, being visible and identifiable entities, face reputational costs for engaging in it. That very plausibly makes it unprofitable. Also, some forms rely on network conditions that may not exist.

If there were some sort of undetectable or unattributable selfish mining known to be compatible with the current network conditions, and we could tell that weren't happening then you could correctly make the argument you did, but that is a contradiction.

I guess one time we might see a valid experiment would if a big pool does an exit scam. Under the reputational-cost theory, such a pool should selfish mine right before the exit, though it still might not be worth the trouble to actually implement for relatively modest gains.

We had Deepbit which got 51% of hashing power and noone detected an abuse attempt. We had GHash.io which got 51% of hashing power and an abuse attempt was detected.

What did keep Deepbit operator honest (they are Russians BTW, half of BTT thinks Russian = con-artist)?
How much reputation did that doublespending against a casino cost to GHash.io operator?

r0ach = Half of BTT? Well maybe there are lot of sock puppets on here, lol. 

Anyway, I don't think you can easily answer "how much reputation" cost, but you can't say that failure to take short term advantage is not a Nash equilibrium when reputational costs exist, because that is an alternate consistent explanation.
legendary
Activity: 2142
Merit: 1010
Newbie
That paper does not demonstrate any party is necessarily operating out of a Nash equilibrium. Selfish mining is detectable, so mining pools, being visible and identifiable entities, face reputational costs for engaging in it. That very plausibly makes it unprofitable. Also, some forms rely on network conditions that may not exist.

If there were some sort of undetectable or unattributable selfish mining known to be compatible with the current network conditions, and we could tell that weren't happening then you could correctly make the argument you did, but that is a contradiction.

I guess one time we might see a valid experiment would if a big pool does an exit scam. Under the reputational-cost theory, such a pool should selfish mine right before the exit, though it still might not be worth the trouble to actually implement for relatively modest gains.

We had Deepbit which got 51% of hashing power and noone detected an abuse attempt. We had GHash.io which got 51% of hashing power and an abuse attempt was detected.

What did keep Deepbit operator honest (they are Russians BTW, half of BTT thinks Russian = con-artist)?
How much reputation did that doublespending against a casino cost to GHash.io operator?
legendary
Activity: 2142
Merit: 1010
Newbie
I don't read Vitalik's blog.

So you came to those thoughts by yourself? Well, I don't have a reason not to trust your words... Probably you are smart but sometimes switch into retard mode, I don't have a better explanation.
legendary
Activity: 2968
Merit: 1198
I was talking about http://arxiv.org/abs/1311.0243

That paper does not demonstrate any party is necessarily operating out of a Nash equilibrium. Selfish mining is detectable, so mining pools, being visible and identifiable entities, face reputational costs for engaging in it. That very plausibly makes it unprofitable. Also, some forms rely on network conditions that may not exist.

If there were some sort of undetectable or unattributable selfish mining known to be compatible with the current network conditions, and we could tell that weren't happening then you could correctly make the argument you did, but that is a contradiction.

I guess one time we might see a valid experiment would if a big pool does an exit scam. Under the reputational-cost theory, such a pool should selfish mine right before the exit, though it still might not be worth the trouble to actually implement for relatively modest gains.
hero member
Activity: 602
Merit: 500
@r0ach,

It is obvious you ignore my questions but let me ask a few more, if you favor to answer.

Can you give me a source where it is clearly stated that if there is no Nash equilibrium in a system, then it has zero value? What kind of a value theory is it? What does "it" refer here? To the system? What does it mean for a system to have zero value?

You need to answer those questions to make a sense.
legendary
Activity: 1260
Merit: 1000
I don't think you understand the issue.  A related subject is, it is clear no cryptocurrency solves Byzantine generals, otherwise number of confirmations wouldn't be entirely subjective.  You would be able to say, at a specific number of confirmations, I now have objective proof, but it's not possible.  All that matters for the end user is likelihood of transaction reversal past a certain point, and that there's no permanent monopoly on transaction validators.

Hahaha, now I see that you still don't understand cryptocoins well enough but you, for sure, read Vitalik's blog. Man, go back to trading, your mindset is not for scientific researches.

It is obvious that you don't since you made IOTA...and no, I don't read Vitalik's blog.  It's a scamcoin, why would I read it?
legendary
Activity: 2142
Merit: 1010
Newbie
I don't think you understand the issue.  A related subject is, it is clear no cryptocurrency solves Byzantine generals, otherwise number of confirmations wouldn't be entirely subjective.  You would be able to say, at a specific number of confirmations, I now have objective proof, but it's not possible.  All that matters for the end user is likelihood of transaction reversal past a certain point, and that there's no permanent monopoly on transaction validators.

Hahaha, now I see that you still don't understand cryptocoins well enough but you, for sure, read Vitalik's blog. Man, go back to trading, your mindset is not for scientific researches.
legendary
Activity: 2142
Merit: 1010
Newbie
Okay. I'm not much for game theory - I know only the rudiments - but I do know enough rudiment to figure out that the first-ever Bitcoin transaction (10'000 BTC for a pizza) presented a classic prisoner's dilemma situation. A has to send the 10'000 BTC to B and B has to pay for a pizza and send it to A. Unless both A and B co-operate, there's no transaction.

In this case, there's one trust-based outside input required. B has to be trustworthy enough to both pay for and send the pizza. There's also a trust-based inside input required: A has to send over the 10'000 BTC. And of course, if [C,D] or [D,C] is the outcome then the Defector walks away with a freebie. It has to end in [C, C], else there's no transaction with Bitcoin as a medium of exchange. 

I was talking about http://arxiv.org/abs/1311.0243
hero member
Activity: 602
Merit: 500
Everyone talks about what can be done with Ethereum et al and the power of decentralized application technology. What I insist not understanding is what makes those applications superior to their centralized counterparts.

I don't claim that Dapps are not important. I just want to learn what's deal with them.

I suggest you to read this article, it will help you understand what smart contracts are for and what they are not for, good read  Cheesy

http://www.coindesk.com/three-smart-contract-misconceptions/

Good read, really! So in a sentence, Ethereum has a little or no use case apart from what can be done by other crypto-platforms that allow user-generated tokens.

@r0ach,

You stop answering my questions?
legendary
Activity: 1260
Merit: 1000
I'm saying that Bitcoin operates out of a Nash equilibrium.

I don't think you understand the issue.  A related subject is, it is clear no cryptocurrency solves Byzantine generals, otherwise number of confirmations wouldn't be entirely subjective.  You would be able to say, at a specific number of confirmations, I now have objective proof, but it's not possible.  All that matters for the end user is likelihood of transaction reversal past a certain point, and that there's no permanent monopoly on transaction validators.

Unless you believe it's possible to permanently monopolize mining (from pool turnover rate, looks highly unlikely so far), you will get your "good enough" number of subjective confirmations eventually that most humans agree is not going to be reversed.  No other system will be able to improve on that metric either.  Closed entropy systems tend to monopolize transaction validators by default, and IOTA is just a train wreck in general.  Talking abut Nash equilibrium over the course of 1 confirmation is pointless since Bitcoin (and every other cryptocurrency) is technically unable to objectively solve such a problem with proof in a decentralized manner.
hero member
Activity: 532
Merit: 500
Maybe the task is not to improve bitcoin, but to build something different based on the same technology on which bitcoin depends. This is why it is called Blockchain 2.0, and not Bitcoin 2.0. What is improved is not Bitcoin, but the blockchain technology. This is also why your post is not an answer to my question. "Nobody in altcoins has improved on Bitcoin in any way," you say. Should they? Does Localbitcoins.com improve bitcoin? Does Bitfinex improve bitcoin, or let me ask: Does Bitfinex improve Localbitcoins.com?

Seriously man, you are confused.  The buzzword you constantly see spammed by bankers now, "blockchain not Bitcoin", is them trying to co-opt and hijack cryptocurrency.  The only purpose of this propaganda is for them to try and create their own permissioned ledger or federated chain, "GoldmansachsCoin" that they create out of thin air and try to sell off to mindless idiots for profit.  There is no Nash equilibrium in such a system, thus it has zero value.  It provides zero benefits over Bitcoin or the digital fiat already in use and will go nowhere.

Bankers are mad they weren't early adopters of Bitcoin and are now trying to weasel their way out of having to buy at higher prices.  That's all there is to this discussion.  They will fail in this attempt because their federated chains and permissioned ledgers have no value.  There's Antonopolous talking about the same subject:

http://news.bitcoin.com/antonopoulos-banks-blockchain-romance/

This tin foil hatter!
legendary
Activity: 924
Merit: 1000
Are you saying that any transaction with (say) Bitcoin that's not a cryptographically-sound circle jerk requires at least one outside trust-based input?

FWIW, I saw on a very old thread that the first iteration of Mt. Gox (when Jeb McCaleb owned it) accepted deposits from PayPal.

I'm saying that Bitcoin operates out of a Nash equilibrium. This shows that words of r0ach ("There is no Nash equilibrium in such a system, thus it has zero value.") is a nonsense. Or Bitcoin has zero value.

Okay. I'm not much for game theory - I know only the rudiments - but I do know enough rudiment to figure out that the first-ever Bitcoin transaction (10'000 BTC for a pizza) presented a classic prisoner's dilemma situation. A has to send the 10'000 BTC to B and B has to pay for a pizza and send it to A. Unless both A and B co-operate, there's no transaction.

In this case, there's one trust-based outside input required. B has to be trustworthy enough to both pay for and send the pizza. There's also a trust-based inside input required: A has to send over the 10'000 BTC. And of course, if [C,D] or [D,C] is the outcome then the Defector walks away with a freebie. It has to end in [C, C], else there's no transaction with Bitcoin as a medium of exchange. 
Pages:
Jump to: