Topic: The Ethereum Paradox - page 7. (Read 99876 times)

Good reading. Thx

Regarding Dagger in retrospect, which was Vitalik's original proposed proof-of-work since before Ethereum was formed:



You misunderstood. Try reading it again more carefully and slowly. The memory bandwidth only limits the speedup on an ASIC, not the electrical efficiency gains. I wrote a very complex statement. Try to grasp what I am saying about Cuckoo Cycle. AnonyMint/TPTB conjectured that with enough hardware threads, it loses the ability to amortize a single memory latency over 1 hash computation and instead up to 1024 (for 4KB page/row) hashes coalesced for 1 memory latency (row loading) power cycle. Thus computation bound and orders-of-magnitude more power efficient on the ASIC. John Tromp had argued that the probability of any one thread being coalesced was 2^-14 due to the ratio of the memory page (row) and bank sizes, but that is for any one h/w thread. And that was if the memory footprint of the Cuckoo table is greater than the memory bank size. His concept falls away when 1000s of hardware threads are run and/or smaller memory footprints are chosen. That is why TPTB_need_war urged tromp to buy a Kill-A-Watt meter and measure, but even that won't isolate to the metrics needed to estimate the advantage of ASIC. Need a more sophisticated bench test and probably some hardware simulation.

---

Edit#2: and here Vlad and the Ethereum team couldn't understand what AnonyMint had considered and quickly dismissed in 2014 because by-definition a random circuit has no structure and thus can't be relied upon to have any proof-of-work qualities. Duh!


They had an earlier paper as well:

http://homes.cs.washington.edu/~beame/papers/wag.pdf

I found it helpful to also read the abstract of these two:

http://www2.tcs.ifi.lmu.de/~schoepp/Docs/formalcr.pdf
http://www.sciencedirect.com/science/article/pii/S0304397500000190

Your Cuckoo Cycle is a log n space representation which discards the local information on the bidirectionality of the edges (i.e. the undirected graphic) so as to assume it is a DAG. The undirected quality of the actual graph is hidden from your representation, except by global re-enumeration of the edges (via the "micro" nonces). For readers, tromp never explicitly defines this terminology but one can deduce he uses "macro nonce" to mean the nonce for the block. The "micro nonces" are the enumeration of the edges in graph.

You have not shown that Cuckoo Cycle can guarantee that a representation that stores the linear space of the graph won't have solutions which are more efficient, perhaps only on an ASIC and/or GPU within the log(mn) product of time and space lower bound tradeoff. For example, it may be more efficient to decrease traversal workspace and apply a probabilistic or non-deterministic JAG, because it may make it more efficient to get a fewer number threads to coalesce on page row latency, while any increased hash computations are relatively insignificant on the ASIC. Or the undirected graph may find more cycles, more efficiently.

The edge trimming from David Andersen appears to throw away information at the representation (storage of the edges) stage. The paper you cited is referring to compression of the traversal workspace of storing the state machine for visited the graph, i.e. the "pebbles" and "Q state" in the JAG model.

Also the traversal workspace in a Cuckoo Cycle finding proof-of-work in an undirected case is amortizing workspace over numerous cycles found, which is a different algorithm than the single-shot s-t reachability traversal considered by the research papers cited above.

This thread has a lot of promise but it is heavy on the blowhards.

Once you read the two sentences that describe the "paradox" you've gotten everything that this thread has to offer.

I wish someone could put that advisory in the OP so no one wastes their time.

I'd argue some points points too, but the exercise would amount to arguing with fools who are convinced of their own infallibility.

Lisk is better than Ethocreampie(eth). End of story

This thread is great. I do own quite a bit of ethereum and think it's great- but I am trying super hard to approach everything with an open mind, and leave my convictions at home. So I enjoy reading and learning the various (potential!) problems with Eth.

I think I am lucky in that I own approximately the same amount of both bitcoin and ethereum (as a proportion of total supply) so I am indifferent as to which one is ultimately victorious, if indeed only one of them is. This allows me to approach this from a more neutral perspective without becoming emotionally involved.

Saying you're a "freshly created shill acccount from 2016" who is constantly posting false statements is not an "ad hominem", it's a fact.

Ad hominem when you can't disprove legit concerns. So predictable.

All completely wrong.  You just shift the attack vector from miners or pools to exchanges and banks, which are even easier targets.  All that infrastructure is already under complete government control and regulation in the first place.  You're also on a brand new account that was likely created entirely to shill for IPO scamcoins, so what other types of answers could anyone expect from you.

The advantage of proof of stake coins and ASIC resistant proof of work coins is nonexistence of few large concentrated facilities operating with gov consent. ASIC friendly POW facilities is an easy target, so easy they actually allow Bitcoin to run and take their time to milk investors with full knowledge they can power it off at the time of their convenience.

You didn't read the post and are just babbling on about nonsense.  Everyone knows governments have the power to attack any cryptocurrency that exists.  Proof of stake coins have absolutely 0 fault or state recovery to resume from a successful govt attack, while PoW actually does.  If anything, your argument just makes PoS coins look weak.

What double spends. I am talking complete shut down of the hashing network if it somehow becomes a menace to the totalitarian power and control. You're so deep in your Bitcoin taking over the world fantasies that you actually think the Chinese gov cares about Bitcoin to be some kind of reserves? Wow, delusions have hit a new level of stupidity here. Change to a different algo, you imagine the damage to confidence in Bitcoin when it happens? How long to deploy this new software and what about perception of the network security when it's deployed, it will be as secure as any altcoin running on GPUs, price of Bitcoin/10 after launch. It's tiring to read these canned head-in-the-sand responses to legit concerns every single time somebody voices them.

Completely false.  If the Chinese government tried anything, they could temporarily get a few double spends off, which would quickly be noticed, then there would be overwhelming consensus to change to a different CPU or GPU algorithm to make their actions useless.  This is why they would likely never attempt to do such a thing in the first place; it would be the equivalent of destroying your own country's gold reserves (large mining investments).  You would just be destroying your own capital.

This is silly thinking, nerd's fantasizing. No cryptocoin will ever come close to the security of gold.
Gold can't be destroyed. Chinese government can destroy Bitcoin in 15 minutes if they please, cutting power to 70% (soon 90%) of the Bitcoin hashing facilities. Meanwhile the local corrupt officials enjoy profits shared by miners, and you guys pamper yourselves in nerdish fantasy land. If block creation and validation can be concentrated in large physical facilities requiring huge electric power to operate as in the ASIC friendly POW of Bitcoin, it is not a secure design. It's an amazement to me how logical nerds completely turn their heads off and hope for the best when all evidence suggests the worst outcome.

In the end it might be fine to buy any altcoin, as long as there is some use and youhave your risk under control.

It might work out that we will come to such a similarity like


Analog world :Gold  <-> fiat
Digital world : BTC   <-> alts

And finally all fiat converted to Crypto will seek store of value in BTC....

Nice try r0ach. You can find users agreeing you but you'll never know what they exactly do with thier btc. A lot of them putrobably just bought Eth.

I never disagreed about PoS being useless and a bad move for Ethereum (i.e. I agree with Nick Szabo).

Ethereum is not currently a PoS system, so you can't criticize it for that, yet. You can criticize it for being totally non-scalable.

I don't know why you're pulling this Orwellian double speak.  We all know proof of stake is not a valid decentralized network and could only be considered a centralized company issuing shares at best.  This is the one thing Larimer is honest about compared to other people attempting to push proof of stake.  Vitalik does not share this honesty and continues to refer to it as a decentralized system, while Larimer said he was basically just trying to compete with companies like Paypal or single point of failure exchanges.

I never said they aren't "planning" to change, in fact I said they are. They are also "planning" to scale.

All I said is you can't criticize them for "using" PoS (which they claim will happen in the future) and at the same time criticize them for not being scalable (which they claim will not be the case in the future). Either pick the current deployed system to criticize, or some imaginary future system at least consistent with their stated plans.

Since when are they not changing to PoS???

Last time I checked, that was their plan with the only resistance possibly being Szabo.  In terms of imploding Eth, staying on PoW would be just as detrimental since they issued an IPO for the entire coin supply.  It's a disaster no matter what path they take.  Investors would flip out if they make an announcement saying they're going to be hyperinflating and leaking mined coins forever.  Vitalik would be the new Bernanke of crypto:

Ethereum is not "using PoS", it is entirely PoW (except the ICO). Yes they plan to switch to PoS but that is just as much vaporware as the scaling solution. You can't have it both ways.