Topic: So what's the deal with smart contracts? (Read 2434 times)

Well, if both our arguments are not obvious then let's wait while one of us writes a whitepaper. For now, the fact that people keep talking about 51% attack while the threshold can't be above 33%, shows how little they care about anything except speculation on BTC price.

smooth I tend to agree they don't need to. They are already amassing massive profits and they just need to make sure they can control the block size to maximize their transaction fees.

I don't think they'd rock the boat with selfish mining, unless they were 100% sure they could do it undetected.

That's not evidence of Bitcoin operating outside a Nash equilibrium, which was CfB's argument. Most of the hash rate 80%+ obviously mines on very large pools. The rest may do something else, and it might even be a bad decision on their part, but that little 20% doesn't really affect how Bitcoin operates.


I don't know which pools support getblocktemplate, but there's no evidence of anyone using it (most if not all ASIC gear just connects directly to the pool and uses stratum). Seems like that concept mostly died when Luke-Jr lost the original argument with slush.

I haven't read that paper but from the abstract it isn't obvious how this would relate to miners on a pool which is almost all Bitcoin mining right now.

Why? https://socrates1024.s3.amazonaws.com/consensus.pdf: "Abstract—We present a formal model of synchronous processes without distinct identifiers (i.e., anonymous processes) that communicate using one-way public broadcasts."

Incorrect. Just by being on a large pool, they inherently are mining on the correct block more often than the minority of the hashrate, which instead have to wait for propagation delay.

Also a mining farm mining (or oligarchy of them) with 33% of the hashrate even if mining on a pool, can still do the selfish mining attack without informing the pool. Remember Bitcoin never implemented Meni Rosenfeld's oblivious mining shares fix to prevent share withholding attacks. This is assuming the pool supports getblocktemplate so the miner can set his own transaction block hash (however I guess most pools would do something to prevent a miner from pool hopping so I am not 100% sure about this).

Also miners could own the pool and pretend not to. They could obscure their selfish mining by hopping around to different pools they own. You can bet mining farms have looked into all these techniques. The Chinese are very clever.

Miners can not operate anonymously nor do anything useful with selfish mining or double spends as long as they are mining on pools, which the huge majority of the hash rate is currently doing. Only the pools themselves could do that, and they aren't anonymous.

If a large anonymous solo miners existed and had the opportunity to engage in selfish mining but didn't, your theory would be validated, but how could this ever be tested? I think it is impossible.

You could argue that a bunch of large miners would be better off on private pools or something, and by choosing to use public pools they are not in a Nash equilibrium, but the whole argument becomes complex, since pools benefit when other miners join them, so there is an incentive to be public, large visible actors such as Bitmain might be better off using a visible public pool since it isolates them from false accusations of misconduct, etc.

Also, the theory of selfish mining has some repeated game problems, since it assumes everyone else doesn't selfish mine. If others selfish mine, the defense is to selfish mine yourself, and if multiple large miners of equal size all selfish mine, then it is obvious none retains any advantage. If there are several large miners (or pools), they may be better off not bothering to start the conflict, especially given even small potential for reputational consequences.

Miners can be anonymous, they can collude, frankly saying, this "reputation" topic doesn't look as a solid counterargument against the claim that Bitcoin operates out of an equilibrium.

r0ach = Half of BTT? Well maybe there are lot of sock puppets on here, lol. 

Anyway, I don't think you can easily answer "how much reputation" cost, but you can't say that failure to take short term advantage is not a Nash equilibrium when reputational costs exist, because that is an alternate consistent explanation.

We had Deepbit which got 51% of hashing power and noone detected an abuse attempt. We had GHash.io which got 51% of hashing power and an abuse attempt was detected.

What did keep Deepbit operator honest (they are Russians BTW, half of BTT thinks Russian = con-artist)?
How much reputation did that doublespending against a casino cost to GHash.io operator?

So you came to those thoughts by yourself? Well, I don't have a reason not to trust your words... Probably you are smart but sometimes switch into retard mode, I don't have a better explanation.

That paper does not demonstrate any party is necessarily operating out of a Nash equilibrium. Selfish mining is detectable, so mining pools, being visible and identifiable entities, face reputational costs for engaging in it. That very plausibly makes it unprofitable. Also, some forms rely on network conditions that may not exist.

If there were some sort of undetectable or unattributable selfish mining known to be compatible with the current network conditions, and we could tell that weren't happening then you could correctly make the argument you did, but that is a contradiction.

I guess one time we might see a valid experiment would if a big pool does an exit scam. Under the reputational-cost theory, such a pool should selfish mine right before the exit, though it still might not be worth the trouble to actually implement for relatively modest gains.

@r0ach,

It is obvious you ignore my questions but let me ask a few more, if you favor to answer.

Can you give me a source where it is clearly stated that if there is no Nash equilibrium in a system, then it has zero value? What kind of a value theory is it? What does "it" refer here? To the system? What does it mean for a system to have zero value?

You need to answer those questions to make a sense.

It is obvious that you don't since you made IOTA...and no, I don't read Vitalik's blog.  It's a scamcoin, why would I read it?

Hahaha, now I see that you still don't understand cryptocoins well enough but you, for sure, read Vitalik's blog. Man, go back to trading, your mindset is not for scientific researches.

I was talking about http://arxiv.org/abs/1311.0243

Good read, really! So in a sentence, Ethereum has a little or no use case apart from what can be done by other crypto-platforms that allow user-generated tokens.

@r0ach,

You stop answering my questions?

I don't think you understand the issue.  A related subject is, it is clear no cryptocurrency solves Byzantine generals, otherwise number of confirmations wouldn't be entirely subjective.  You would be able to say, at a specific number of confirmations, I now have objective proof, but it's not possible.  All that matters for the end user is likelihood of transaction reversal past a certain point, and that there's no permanent monopoly on transaction validators.

Unless you believe it's possible to permanently monopolize mining (from pool turnover rate, looks highly unlikely so far), you will get your "good enough" number of subjective confirmations eventually that most humans agree is not going to be reversed.  No other system will be able to improve on that metric either.  Closed entropy systems tend to monopolize transaction validators by default, and IOTA is just a train wreck in general.  Talking abut Nash equilibrium over the course of 1 confirmation is pointless since Bitcoin (and every other cryptocurrency) is technically unable to objectively solve such a problem with proof in a decentralized manner.

This tin foil hatter!

Okay. I'm not much for game theory - I know only the rudiments - but I do know enough rudiment to figure out that the first-ever Bitcoin transaction (10'000 BTC for a pizza) presented a classic prisoner's dilemma situation. A has to send the 10'000 BTC to B and B has to pay for a pizza and send it to A. Unless both A and B co-operate, there's no transaction.

In this case, there's one trust-based outside input required. B has to be trustworthy enough to both pay for and send the pizza. There's also a trust-based inside input required: A has to send over the 10'000 BTC. And of course, if [C,D] or [D,C] is the outcome then the Defector walks away with a freebie. It has to end in [C, C], else there's no transaction with Bitcoin as a medium of exchange.