Topic: Study Suggests Bitcoin Needs Major Changes to Scale UP (Read 1778 times)

The specifics are rubbish. Unfortunately, making an accurate estimate for the system involves things that are constantly changing and can't be measured-- and the story it tells doesn't hold when mining is very centralized.

The point I was attempting to make was that the general shape (which I believe is robust across parameters; excluding ones which centralize mining); is such that if you can't be sure to get the parameters right, you want to be fairly confident that they're wrong in the too-high direction, because being too low (relative to the network geometry) is bad compared to being too high. This has also been demonstrated in practice somewhat: there was a "liquidcoin" altcoin created with fixed difficulty, and as its hashrate increased its orphan rate went through the roof-- eventually it stopped converging completely.

(Though I do agree with the general sentiment, that if we were taking additional risk of a given amount, its more attractive to take it in the form of decreased intervals than increased blocksize; but unfortunately the decreased intervals involve strictly more uncertainty.)

Why bother to post anything at all in this thread, then?

I told you several times in the past. I eschew repeating myself. I have 10,000 posts.

The only way for it not to be a problem is for acting rationally to be in favour of the entire network. I'm reasonably sure this is impossible, but if you have a solution, let's hear it?

Guess every single wallet user / coin owner would pay a litle fee for securely enter his tx into the chain. So the wallet might do some part of mining ?

It is not a problem. You asked the wrong question.

Agreed. Therein lies the problem. You have to compensate them, because acting in favour of the network always costs more than being purely rational.

You can't.

How can you convince a rational miner to behave in favour of the network when to do so always costs them more than it would to behave rationally?

Well that is if you assume the only possible overriding motivation for the strategies that determine a Nash equilibrium are about profit.

Where did the data for that chart come from? I'm interested in examining it in greater detail, along with seeing the full set of assumptions and parameters.

I am almost convinced that without profitable mining, there can be no nash equilibrium.

Nice Paper

Gmaxwell is definitely correct that you have to factor in many variables, and the fact that those with higher hashrate waste less hashrate on propagation and verification delay is one of the factors.

I did come to the conclusion that profitable mining will always centralize. There is no decentralized solution for as long as mining is profitable.

No one seems to talk about the fact that the Chinese mining cartel controls 65% of Bitcoin's hashrate, has vetoed every block size increase (even Classic's doubling apparently)[1], and surely their hashrate share will increase on the next halving, because marginal miners are the first to go.

Then they provably lie to us by claiming the Great Firewall of China is their justification, but they could put a pool abroad and just send hashes across the firewall. So obviously they want to fatten their oligarchy profits by forcing transaction fees up. (I am even more conspiratorial and assume they are getting free electricity charged to the collective State for a wink and a handshake). I predicted the block size issue and Tragedy of the Commons of mining (with a focus on block size) in 2013 and was routinely labeled loony.

[1] Bitcoin has already been 51% attacked then.

Are there any resources on consortium blockchains mentioned in the paper?

The paper is trying to be "conservative" in how limited they believe capacity increases from re-parameterization can come... meaning they're leaping for the largest possible increases, without regard to many considerations... e.g. how far before the existing system will certainly go off the rails.  They use this approach so they can then argue that even that much isn't enough-- a conclusion I strongly agree with.

That doesn't mean that those parameters are actually workable, however.

In terms of the interblock time, decreases have dramatic effects once you consider an adversarial setting-- honest miners end up diluted working on many forks more often, while a high hashpower attacker stays focused.  Decreased interblock times also increase the pressure to consolidate mining to a few (or one pools) by making it more profitable to do so. Many of the tools to increase reliability of shorter interblock times, like GHOST, increase other problems like selfish mining that crop up once you are considering rational actors (instead of just honest/altruistic ones).

If you chart out a simulation of how long a user has to wait for (e.g. 99.9999%) confidence that their transaction won't be reversed, as a function of the expected interblock time you end up with a chart that looks like this(ignore the scaling):


(flip vertically for 'wait time goes up').  The scaling of this depends on factors like network hashpower distribution and latencies which are hard to measure and which change. The key take away is the derivative: if the time is somewhat longer than optimal for the network-reality, it has a fairly small effect on time-until-security ... but if it's shorter than optimal it rapidly destroys security.  This is why it's important to be relatively conservative with the interblock interval.

It wasn't my assumption, it was something that appeared to have been calculated in the posted paper.

Look up the equation for orphan rate so you can learn why your assumption is incorrect.

Thanks for posting that. I was particularly interested in some of the points. The fact that blocks would propagate to 90% of nodes in 2.4 minutes, would make it appear that my suggestion of a 3 minute block interval could be managed in the current structure. The theoretical minimum of a 12 second interval, would give a good upgrade path for future reductions as the network expands. The theoretical maximum of 4Mb blocks doesn't give much hope for the future, if blocksize becomes the main emphasis.

such efforts are well underway: https://bitcointalksearch.org/topic/using-compact-indexes-instead-of-hashes-as-identifiers-1377459