This was taken from another thread but I believe it is better to discuss them here to avoid being off topic in the original thread.
I am trying to find out what is your stance in the "scaling debate", though I am too lazy to read all your past posts. But are you for bigger blocks? If yes, then what is your opinion on Bitcoin Cash? Is it good enough or can it be better?
I could give you a simplistic answer, but it wouldn't be the right answer. The simplistic answer is:
yes, of course bigger blocks. However, I think that a single question, like, "are you for bigger blocks" misses entirely the point, simply because everything influences everything. That's like asking a doctor "are you for or against chemotherapy".
Thanks for your honesty. I also have some questions on the following.
I think bitcoin has fundamental design issues on the deepest conceptual level, that far overshadow the simple question of "bigger blocks". I think bitcoin is fundamentally broken on the following points:
- the PoW consensus mechanism that is too wasteful and leads to centralization of power, even though it is a very good consensus (no dispute) mechanism, it doesn't provide the other desired factors, on the contrary.
But what would be a good PoW replacement for you? Proof of Stake? There is also Proof of Capacity, also called Proof of Space, which I heard from d5000. PoC does look more energy efficient but it is not without its "centralization problems".
I'm working on a write-up on that, but you can get the gist in the thread about proof of stake bitcoin. It is true that as theoretical offline trustlessness goes, if that's the ONLY criterium, PoW is essentially the only solution. This is maybe why PoW was the best way to start this thing, as an underground means of getting up and running. However, PoW induces so many other, bad, properties (of which waste and centralization are the most important), that we get here the situation of "the best is the enemy of the good".
That said, most other consensus schemes,
that "prove use of scarce resources", like proof of space, will fall in similar pitfalls: you will get a kind of madness of piling up HUGE resources, which are a form of waste,
in the merciless battle of.... just agreeing on a data set. PoS is different, because the resource is virtual ; however,
the standard way of seeing PoS is self-referential (that critique is justified). All *working* PoS systems have in fact an auxiliary "backup" consensus mechanism that does the real work. Nevertheless, I think I can work out a real pure PoS system,
if we drop, what I consider, crazy not-of-this-world trustlessness demands, of which the most important is: reached consensus by on-line parties shouldn't be required to be checked offline in a totally trustless way.That is, as a newcomer, that wasn't online before, there's no guarantee to find the "right consensus" all by yourself in a totally trustless way. The reason why this a priori shocking statement, isn't, is that a newcomer trusts in any case the software he downloads, and the pointers he found on the internet to download it, so he left trustlessness already. If you are willing to download the latest Core software, and at best, you check the software with signatures from devs, and the https certificate of github, there are already a lot of entities you trust. If these entities or similar entities tell you that a recent consensus was X,
you've not been losing your trustlessness, you didn't have if from the start.
The other aspect of usual consensus mechanisms that wrecks more havoc than it solves problems, is this:
- the fact that the consensus mechanism is remunerated (which, in itself, is necessary for PoW), which gives rise to a lot of game-theoretical issues and is the motor of centralization, by "economies of scale".
Yes but it is a brilliant coin issuance and distribution system. Was that not the real purpose of the mining incentives aside from "keeping the miners honest"?
Yes. And
I think that PoW is still the best "coin issuing mechanism". The problem with bitcoin's system, and which almost all alt coins took over apart from a few very modern ones, is that
bitcoin mixes up three entirely different functions:- coin creation
- consensus proposition
- consensus approval
In bitcoin, these 3 functions are the same: the entity creating a proposal of consensus (a new block with a choice of transactions) also votes for previous consensus (choice of what previous block to build on if there are several) and creates new coins, as a "reward" for doing this - but in a competitive system where this reward is essentially wasted again in heat and hardware expenses.
If we separate these 3 things, then life becomes much simpler.
One should limit the number of "proposals of consensus" all while being not a big effort for those that can do so. The reason is that those propositions need to be propagated on the network, and we want to limit what propagates. This is why PoS is a good way to limit the number of propositions: a good rule (it is going in my write up) will essentially allow at most a few tens of proposals to be considered (and hence, propagated) per consensus round.
The network (online network nodes) will then "approve" one of the proposed consensus blocks in the list, but they have no free parameter: a deterministic random function will indicate, of a list of proposals, which is the one to be approved. All nodes can then see which of their peers behave correctly (and can hence gain somewhat in trust), and which are untrustworthy and not to be taken into account in the future.
When the network came to a consensus this way (the decision is now taken), the data corresponding to this consensus can be propagated and verified. If these data turn out to be erroneous, we start all over ; if they are correct, the consensus is reached: nodes signal that consensus was reached.
All this is done online, with enough time for network propagation delays. Nodes that are latecomers, lose trust: they can still be spectators, but their role in the network propagation is diminished.
The trick is also to use real world time. I don't explain everything here, there are a lot of technicalities I won't go into (and some, I didn't work out entirely myself yet).
The important part is that nothing in this is remunerated. It is based upon altruistic participation.
That makes that all honest nodes have no preference in this consensus process: if their proposal is not accepted, there's no loss of any potential reward. The only "reward" is that you know that you are going to have the right consensus because you were there, and that you won't need to trust anyone. In other words, by participating, you diminish the risk of being told nonsense, and you contribute to the solidity of the network that holds your value. If you "get out", you leave the decision to others and you accept all consequences of that. It is like democratic voting: you don't have to, but you leave the vote to others then, don't come and cry.
I think that coin creation is still best done with PoW, because
it burns seigniorage. PoW is a great price regulating mechanism, that could make for a near-ideal money instead of the speculative asset bitcoin was. There was a very bright insight here on that in 2010, but Satoshi didn't want to hear it.
If you can make it such, that the economic cost of PoW is constant, or even continuously slight increasing, you can have an automatic price regulating mechanism of your currency, that will always avoid it becoming a speculative asset. But maybe we needed first a speculative fight to push technology to its limits, and maybe the "PoW silliness" of bitcoin is in fact strongly useful in this respect.
Suppose that we can calculate that an antminer wastes on average $10 for a certain number of hashes X right now. There can be "coin creation transactions" where the "input" is not the output of another transaction, but a pre-image of a hash that proves X hashes, in such a way, that it is not equal to a former such creation. In other words, a coin is created when you find a new pre-image with a difficulty of X hashes. That's a possible input to a transaction: If you make such a coin, it is now yours, and it can be transacted. You cannot re-use that work, because you've published it already ; but you can re-do the work, find another pre-image with difficulty X, and you've made another coin. As many as you want.
The difficulty X should be continuously increasing, by a factor that slightly outpaces technology advances. If we could pin that value exactly, the coin
would be ideal money. Indeed, if it would always cost the equivalent of $10 now to make a coin, nobody is going to buy a coin for more than $10, because he can make it. Nobody will make a coin if it is below $10, because making it would be more expensive than buying it. The coin's value would always be around $10, like "real money". If we make it slightly deflationary, we can expect that it becomes more and more expensive to make coins, but at a very light pace. It is a bit like a savings account. You gain some value, but not extremely so ; this is offset by the risk you take in the system.
If adoption grows, there would be simply more coins. It would work somewhat like a central bank (but an honest one), regulating the issuance of coins as a function of its value, and with no seigniorage that "makes some rich for nothing". There may be industrials using economies of scale to make coins at a lower price. That would diminish their value somewhat, until these guys don't make any benefice any more. It wouldn't be a very lucrative business, and an equilibrium would be found.
The big advantage of this use of PoW over the PoW in consensus, is that
the waste in this system is a quantity of energy, spend once to burn seigniorage, and re-used. While
PoW for consensus wastes POWER, that is, energy per unit of time, so continuously.
If the system I propose would be globally adopted, there wouldn't be much coin creation any more. It would simply follow economic growth.
- bitcoin's coin emission curve, which links erroneous monetary theory, market speculation, crazy power consumption and security in one big clusterfuck
This would make one good topic with it own thread. There is to much to discuss.
Ooops, just did it.
- bitcoin's lack of anonymity and hence lack of fungibility
What is your opinion on Monero? Would that make a better "Bitcoin"?
I'm quite fond of monero. I only don't know how to solve PoS with it, even though I have an idea. I think monero improved a lot of things over bitcoin, but it still has remaining problems. It solved the block size issue, it solved the fungibility and anonymity issue, (and with it, it rendered useless the power of miners, because they cannot use their power against someone) ; monero also solved the "hard fork fobia" lock in issue, by pre-programming hard forks. It solved the end-problem by tail emission. But some problems remain still.